🔥 Trending CVEs - Last 90 Days
4,482 critical and high-severity vulnerabilities discovered in the last 90 days. Stay ahead of emerging threats with real-time CVE tracking and instant security alerts.
Critical & High-Risk CVEs
This vulnerability allows local attackers to escalate privileges on affected Android devices without user interaction. It affects Google Pixel devices...
📅 54 days ago • Jan 16, 2026CVE-2021-47845 is an unquoted service path vulnerability in Spy Emergency 25.0.650 that allows local attackers to execute arbitrary code with SYSTEM p...
📅 54 days ago • Jan 16, 2026Disk Sorter Server 13.6.12 has an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated privileges. ...
📅 54 days ago • Jan 16, 2026This vulnerability allows local attackers to execute arbitrary code with SYSTEM privileges by exploiting an unquoted service path in DHCP Broadband. A...
📅 54 days ago • Jan 16, 2026CVE-2021-47833 is an unquoted service path vulnerability in WifiHotSpot 1.0.0.0 that allows local attackers to execute arbitrary code with LocalSystem...
📅 54 days ago • Jan 16, 2026CVE-2021-47823 is an unquoted service path vulnerability in Acer ePowerSvc that allows local attackers to execute arbitrary code with LocalSystem priv...
📅 54 days ago • Jan 16, 2026CVE-2021-47825 is an unquoted service path vulnerability in Acer Updater Service that allows local attackers to execute arbitrary code with LocalSyste...
📅 54 days ago • Jan 16, 2026CVE-2021-47826 is an unquoted service path vulnerability in Acer Backup Manager's NTI IScheduleSvc service that allows local attackers to execute arbi...
📅 54 days ago • Jan 16, 2026CVE-2021-47828 is an unquoted service path vulnerability in BOOTP Turbo 2.0.0.1253 that allows attackers to execute arbitrary code with LocalSystem pr...
📅 54 days ago • Jan 16, 2026DiskBoss Service 12.2.18 has an unquoted service path vulnerability that allows local attackers to execute arbitrary code with SYSTEM privileges. Atta...
📅 54 days ago • Jan 16, 2026This vulnerability allows malicious apps to corrupt coprocessor memory on Apple iOS and iPadOS devices. It affects users running iOS/iPadOS versions b...
📅 54 days ago • Jan 16, 2026CVE-2025-68921 is a directory traversal vulnerability in SteelSeries Nahimic 3 audio software that allows attackers to read arbitrary files on the sys...
📅 54 days ago • Jan 16, 2026Delta Electronics DIAView has a command injection vulnerability (CWE-77) that allows remote attackers to execute arbitrary commands on affected system...
📅 55 days ago • Jan 16, 2026CVE-2021-47787 is an unquoted service path vulnerability in TotalAV antivirus software that allows attackers with local access to place malicious exec...
📅 55 days ago • Jan 16, 2026CVE-2021-47773 is an unquoted service path vulnerability in Dynojet Power Core 2.3.0 that allows local authenticated users to execute arbitrary code w...
📅 55 days ago • Jan 15, 2026This vulnerability allows local attackers to escalate privileges to SYSTEM level by exploiting an unquoted service path in 10-Strike Network Inventory...
📅 55 days ago • Jan 15, 2026MilleGPG5 5.7.2 contains a local privilege escalation vulnerability where authenticated users can modify MariaDB service executable files. Attackers c...
📅 55 days ago • Jan 15, 2026HTTPDebuggerPro 9.11 has an unquoted service path vulnerability that allows local attackers to execute arbitrary code with SYSTEM privileges by placin...
📅 55 days ago • Jan 15, 2026A local authentication bypass vulnerability in ThinkPlus configuration software allows authenticated users to enroll untrusted fingerprints on ThinkPl...
📅 56 days ago • Jan 14, 2026This CVE describes a command injection vulnerability in NVIDIA NSIGHT Graphics for Linux that allows attackers to execute arbitrary commands. Successf...
📅 56 days ago • Jan 14, 2026A double free vulnerability in Huawei's multi-mode input module could allow attackers to execute arbitrary code or cause denial of service. This affec...
📅 57 days ago • Jan 14, 2026This vulnerability allows local attackers to trigger a buffer overflow in certain drivers by manipulating registry values. It affects systems using sp...
📅 57 days ago • Jan 14, 2026This vulnerability allows local attackers to cause a buffer overflow in certain drivers by manipulating registry values. It affects systems using Insy...
📅 57 days ago • Jan 14, 2026This vulnerability allows local attackers to cause a buffer overflow by manipulating registry values that drivers read using the RTL_QUERY_REGISTRY_DI...
📅 57 days ago • Jan 14, 2026This vulnerability allows local attackers to trigger a buffer overflow in certain driver components by manipulating registry values. It affects system...
📅 57 days ago • Jan 14, 2026CVE-2023-54331 is an unquoted service path vulnerability in Outline 1.6.0 that allows local attackers to execute arbitrary code with LocalSystem privi...
📅 57 days ago • Jan 13, 2026CVE-2022-50933 is an unquoted service path vulnerability in Cain & Abel 4.9.56 that allows local attackers to execute arbitrary code with elevated Loc...
📅 57 days ago • Jan 13, 2026BlueSoleilCS 5.4.277 has an unquoted service path vulnerability in its Windows service configuration. This allows local attackers with write access to...
📅 57 days ago • Jan 13, 2026TeamSpeak 3.5.6 has insecure file permissions that allow local attackers to replace executable files with malicious binaries. This enables privilege e...
📅 57 days ago • Jan 13, 2026CVE-2022-50923 is an unquoted service path vulnerability in Cobian Backup 0.9 that allows local attackers to execute arbitrary code with LocalSystem p...
📅 57 days ago • Jan 13, 2026CVE-2022-50917 is an unquoted service path vulnerability in ProtonVPN's WireGuard service that allows local attackers to execute arbitrary code with e...
📅 57 days ago • Jan 13, 2026CVE-2022-50921 is an unquoted service path vulnerability in WOW21 5.0.1.9 that allows local attackers to execute arbitrary code with SYSTEM privileges...
📅 57 days ago • Jan 13, 2026CVE-2022-50915 is an unquoted service path vulnerability in PTPublisher's PTProtect service that allows local attackers to execute arbitrary code with...
📅 57 days ago • Jan 13, 2026A local privilege escalation vulnerability in HPE Aruba Networking VIA client allows authenticated local users to execute arbitrary code with root pri...
📅 57 days ago • Jan 13, 2026CVE-2026-21287 is a use-after-free vulnerability in Substance3D Stager that allows arbitrary code execution when a user opens a malicious file. This a...
📅 57 days ago • Jan 13, 2026Substance3D Painter versions 11.0.3 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code on a...
📅 57 days ago • Jan 13, 2026CVE-2026-21306 is an out-of-bounds write vulnerability in Substance3D Sampler that could allow arbitrary code execution when a user opens a malicious ...
📅 57 days ago • Jan 13, 2026CVE-2026-21307 is an out-of-bounds write vulnerability in Substance3D Designer that could allow arbitrary code execution when a user opens a malicious...
📅 57 days ago • Jan 13, 2026Adobe Bridge versions 15.1.2, 16.0 and earlier contain a heap-based buffer overflow vulnerability that could allow arbitrary code execution when a use...
📅 57 days ago • Jan 13, 2026CVE-2026-21304 is a heap-based buffer overflow vulnerability in Adobe InDesign that could allow attackers to execute arbitrary code when a user opens ...
📅 57 days ago • Jan 13, 2026Adobe InDesign versions 21.0, 19.5.5 and earlier contain an uninitialized pointer access vulnerability that allows arbitrary code execution when a use...
📅 57 days ago • Jan 13, 2026Adobe InDesign has an uninitialized pointer access vulnerability that allows arbitrary code execution when a user opens a malicious file. This affects...
📅 57 days ago • Jan 13, 2026This CVE describes a heap-based buffer overflow vulnerability in Adobe InDesign that could allow attackers to execute arbitrary code when a user opens...
📅 57 days ago • Jan 13, 2026A heap-based buffer overflow vulnerability in Adobe InCopy allows arbitrary code execution when a user opens a malicious file. This affects users runn...
📅 57 days ago • Jan 13, 2026An incorrect authorization vulnerability in Adobe Dreamweaver Desktop allows attackers to execute arbitrary code with the current user's privileges. U...
📅 57 days ago • Jan 13, 2026A stack-based buffer overflow vulnerability in Azure Connected Machine Agent allows authenticated attackers to execute arbitrary code with elevated pr...
📅 57 days ago • Jan 13, 2026This vulnerability allows an attacker to execute arbitrary code on a victim's system by exploiting an untrusted pointer dereference in Microsoft Excel...
📅 57 days ago • Jan 13, 2026This vulnerability allows an attacker to execute arbitrary code on a victim's system by exploiting an untrusted pointer dereference in Microsoft Excel...
📅 57 days ago • Jan 13, 2026An integer underflow vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code on affected systems by opening specially craft...
📅 57 days ago • Jan 13, 2026This vulnerability allows an attacker to execute arbitrary code on a victim's system by exploiting an out-of-bounds read in Microsoft Excel. Users who...
📅 57 days ago • Jan 13, 2026Why Track Trending CVEs?
Stay ahead of emerging threats: Newly discovered vulnerabilities pose the highest risk as attackers race to exploit them before patches are deployed. Trending CVEs represent the most critical security issues requiring immediate attention from security teams worldwide.
Prioritize remediation efforts: With thousands of CVEs published annually, security teams need to focus on the most recent and severe threats first. Our trending CVE dashboard highlights critical and high-severity vulnerabilities from the past 7, 30, or 90 days, helping you prioritize patching efforts.
🚀 Automated Trending CVE Monitoring
- Scan your servers to detect packages affected by trending CVEs
- Receive instant email alerts when critical vulnerabilities are discovered
- Dashboard shows CVE age, severity, CVSS scores, and affected systems
- Filter by time period (7/30/90 days) to focus on recent threats
