🔥 Trending CVEs - Last 90 Days
4,454 critical and high-severity vulnerabilities discovered in the last 90 days. Stay ahead of emerging threats with real-time CVE tracking and instant security alerts.
Critical & High-Risk CVEs
This vulnerability involves memory corruption when copying packets from Unix domain socket clients, potentially allowing attackers to execute arbitrar...
📅 84 days ago • Dec 18, 2025This vulnerability allows attackers to cause memory corruption through improper handling of IOCTL calls when setting modes. Successful exploitation co...
📅 84 days ago • Dec 18, 2025This vulnerability allows memory corruption when handling large GPR packets between user and root contexts in Qualcomm components. Attackers could pot...
📅 84 days ago • Dec 18, 2025This vulnerability allows memory corruption in Qualcomm video processing components when a video session fails to open due to timeout errors. Attacker...
📅 84 days ago • Dec 18, 2025A local privilege escalation vulnerability in DriveLock allows unprivileged Windows users to manipulate DriveLock processes and execute arbitrary comm...
📅 85 days ago • Dec 17, 2025This CVE describes a Gatekeeper bypass vulnerability in macOS that allows malicious applications to circumvent security checks. Attackers could potent...
📅 85 days ago • Dec 17, 2025This vulnerability allows arbitrary code execution when converting Jupyter notebooks containing SVG output to PDF on Windows systems. Attackers can cr...
📅 85 days ago • Dec 17, 2025This CVE describes a local privilege escalation vulnerability in Anaconda3 macOS installers. When installed outside the user's home directory, world-w...
📅 85 days ago • Dec 17, 2025This vulnerability allows local privilege escalation on macOS systems running vulnerable Miniconda3 installers. When installed outside the user's home...
📅 85 days ago • Dec 17, 2025CVE-2025-53398 is an insecure permissions vulnerability in Portrait Dell Color Management application 3.3.8 for Dell monitors that allows unauthorized...
📅 85 days ago • Dec 17, 2025The Portrait Dell Color Management application creates a temporary folder with weak permissions during installation/uninstallation, allowing local low...
📅 85 days ago • Dec 17, 2025CVE-2025-14305 is a local privilege escalation vulnerability in Acer's ListCheck.exe. Authenticated local attackers can replace this executable with m...
📅 85 days ago • Dec 17, 2025Fuji Electric Monitouch V-SFT-6 software is vulnerable to an out-of-bounds write when processing specially crafted project files, which could allow at...
📅 85 days ago • Dec 17, 2025An Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers with local access to read/write arbitrary memory, I/O po...
📅 86 days ago • Dec 16, 2025This CVE describes an authenticated local privilege escalation vulnerability in FreePBX's deprecated amportal startup script. Attackers who are member...
📅 86 days ago • Dec 16, 2025Fickling versions before 0.1.6 fail to block unsafe 'marshal' and 'types' module imports during pickle file analysis. This allows attackers to craft m...
📅 86 days ago • Dec 16, 2025Fickling versions before 0.1.6 incorrectly flagged unsafe pickle files as safe due to missing 'pty' module in the unsafe import blocklist. This vulner...
📅 86 days ago • Dec 16, 2025This CVE describes an Out-of-Bounds Read vulnerability in Autodesk products when parsing malicious PRT files. Attackers can exploit this to crash appl...
📅 86 days ago • Dec 16, 2025CVE-2025-9454 is an out-of-bounds read vulnerability in Autodesk products that parse PRT files. Attackers can exploit this to crash applications, read...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to exploit an out-of-bounds read in Autodesk products when processing malicious CATPRODUCT files. Successful explo...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious SLDPRT files in affected Autodesk products. The...
📅 86 days ago • Dec 16, 2025A memory corruption vulnerability in Autodesk products allows arbitrary code execution when parsing malicious PRT files. Attackers can exploit this to...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to exploit an out-of-bounds read in Autodesk products when processing malicious SLDPRT files. Successful exploitat...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to exploit an out-of-bounds read in Autodesk products when processing malicious SLDPRT files. Successful exploitat...
📅 86 days ago • Dec 16, 2025A memory corruption vulnerability in Autodesk products allows arbitrary code execution when parsing malicious SLDPRT files. This affects users of spec...
📅 86 days ago • Dec 16, 2025This CVE describes an out-of-bounds write vulnerability in Autodesk products when parsing malicious MODEL files. Attackers can exploit this to crash a...
📅 86 days ago • Dec 16, 2025This CVE describes an out-of-bounds write vulnerability in Autodesk products when parsing malicious MODEL files. Attackers can exploit this to crash a...
📅 86 days ago • Dec 16, 2025This CVE describes an out-of-bounds write vulnerability in Autodesk products when parsing malicious MODEL files. Attackers can exploit this to crash a...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to craft malicious CATPART files that trigger an out-of-bounds read when opened in affected Autodesk products. Suc...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to exploit an out-of-bounds read in Autodesk products when processing malicious CATPRODUCT files. Successful explo...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious CATPART files in affected Autodesk products. It...
📅 86 days ago • Dec 16, 2025This CVE describes a memory corruption vulnerability in Autodesk products when parsing malicious MODEL files. Attackers can exploit this to execute ar...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious MODEL files in affected Autodesk products. The ...
📅 86 days ago • Dec 16, 2025This CVE describes an out-of-bounds write vulnerability in Autodesk products when parsing malicious MODEL files. Attackers can exploit this to crash a...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious CATPART files in affected Autodesk products. Me...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to exploit a heap-based buffer overflow when Autodesk products parse malicious CATPRODUCT files. Successful exploi...
📅 86 days ago • Dec 16, 2025This vulnerability allows attackers to execute arbitrary code or cause crashes by tricking users into opening malicious X_T files in affected Autodesk...
📅 86 days ago • Dec 16, 2025This vulnerability in OpenEMR allows unauthorized users to view sensitive medical encounters (like mental health records) that should be restricted. I...
⚡ Yesterday • Mar 11, 2026This stored cross-site scripting (XSS) vulnerability in OpenEMR allows attackers to inject malicious scripts into patient records that execute when he...
⚡ Yesterday • Mar 11, 2026CVE-2026-31881 allows unauthenticated attackers to reset the admin password in Runtipi homeserver orchestrator during a 15-minute password reset windo...
⚡ Yesterday • Mar 11, 2026This vulnerability allows users with 'create' permissions but not 'update' permissions to overwrite the 'latest' tag in zot container registries. It a...
📅 2 days ago • Mar 10, 2026This vulnerability allows attackers to make server-side requests to internal network resources when creating links in LinkAce. It affects all LinkAce ...
📅 2 days ago • Mar 10, 2026This CVE describes a denial-of-service vulnerability in SAP systems where authenticated users can trigger excessive resource consumption by calling a ...
📅 2 days ago • Mar 10, 2026This CVE describes a configuration bypass vulnerability in Backstage's TechDocs plugin that allows arbitrary Python code execution. Attackers can craf...
📅 5 days ago • Mar 7, 2026Flowise versions before 3.0.13 contain an unauthenticated database injection vulnerability that allows attackers to manipulate internal database field...
📅 5 days ago • Mar 7, 2026OpenClaw sandbox browser bridge server accepts requests without gateway authentication, allowing local attackers to access browser control endpoints. ...
📅 6 days ago • Mar 5, 2026OpenClaw versions 2.0.0-beta3 through 2026.2.13 contain a path traversal vulnerability in the hook transform module loading mechanism. Attackers with ...
📅 6 days ago • Mar 5, 2026This vulnerability allows authenticated remote attackers with VPN access to cause Cisco ASA/FTD devices to crash and reload by sending specially craft...
📅 8 days ago • Mar 4, 2026This vulnerability allows authenticated remote attackers to cause denial of service on Cisco ASA and FTD firewalls by sending specially crafted GCM-en...
📅 8 days ago • Mar 4, 2026This vulnerability in Cisco Secure Firewall ASA and FTD software allows authenticated VPN users to send specially crafted IKEv2 packets that cause mem...
📅 8 days ago • Mar 4, 2026Why Track Trending CVEs?
Stay ahead of emerging threats: Newly discovered vulnerabilities pose the highest risk as attackers race to exploit them before patches are deployed. Trending CVEs represent the most critical security issues requiring immediate attention from security teams worldwide.
Prioritize remediation efforts: With thousands of CVEs published annually, security teams need to focus on the most recent and severe threats first. Our trending CVE dashboard highlights critical and high-severity vulnerabilities from the past 7, 30, or 90 days, helping you prioritize patching efforts.
🚀 Automated Trending CVE Monitoring
- Scan your servers to detect packages affected by trending CVEs
- Receive instant email alerts when critical vulnerabilities are discovered
- Dashboard shows CVE age, severity, CVSS scores, and affected systems
- Filter by time period (7/30/90 days) to focus on recent threats
