real-time monitoring

The pulse of vulnerabilities, live.

359,920 CVEs indexed and enriched with EPSS, CISA exploitation signal and public PoCs — refreshed every few minutes, straight from the official source.

Explore the database →
1,622
actively exploited (KEV)
16,977
critical (CVSS ≥ 9)
24,500
with public PoC
856
published today

This week

CVEs published per month
856 published in the last 7 days · trend over the last 24 months
2,3184,6356,95305,4802024-062024-102025-022025-062025-102026-022026-06

Exploited right now

EPSS · KEV
CVE-2015-1635CRITICALHTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote aEPSS 100.0%KEVCVE-2023-44487HIGHThe HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, asEPSS 100.0%KEVCVE-2023-1389HIGHTP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form oEPSS 100.0%KEVCVE-2021-22005CRITICALThe vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 4EPSS 100.0%KEVCVE-2019-19781CRITICALAn issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory TEPSS 100.0%KEVCVE-2021-26855CRITICALMicrosoft Exchange Server Remote Code Execution VulnerabilityEPSS 100.0%KEVCVE-2023-35082CRITICALAn authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resouEPSS 100.0%KEVCVE-2021-21985CRITICALThe vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plEPSS 100.0%KEV

Exposure by technology

HTTP Archive × CVE
WordPress2,045WooCommerce1,776Windows Server1,483PHP829Elementor696Apache HTTP Server536Joomla393Apache Tomcat342See all technologies

Severity distribution

CVSS
CRITICAL16,977
HIGH61,791
MEDIUM83,384
LOW7,684

Exploitation probability (EPSS)

EPSS
>=50%4,271
10-50%12,843
1-10%125,701
<1%199,424

Explore

All CVEsTechnologiesVendorsWeakness types

Finding the flaw is the start. Eliminating it is what matters.

TrueHacking bridges knowing a vulnerability exists and getting it out of your way: pentest, red team, threat intelligence (CTI) and 24/7 SOC — powered by our Autonomous AI Pentest Agent that finds what traditional tools miss.

PentestRed TeamCTISOC 24/7
Talk to TrueHacking →Meet the AI Pentest Agent →