🔥 Trending CVEs - Last 90 Days
4,429 critical and high-severity vulnerabilities discovered in the last 90 days. Stay ahead of emerging threats with real-time CVE tracking and instant security alerts.
Critical & High-Risk CVEs
This vulnerability involves a use-after-free flaw in the Windows Mailslot File System that allows an authenticated attacker to execute arbitrary code ...
📅 33 days ago • Feb 10, 2026This vulnerability is a use-after-free flaw in Windows Ancillary Function Driver for WinSock that allows an authenticated attacker to execute arbitrar...
📅 33 days ago • Feb 10, 2026A race condition vulnerability in Windows Subsystem for Linux allows authenticated local attackers to escalate privileges by exploiting improper synch...
📅 33 days ago • Feb 10, 2026This vulnerability in Artifex MuPDF on Windows allows local attackers to exploit an uncontrolled search path issue in the get_system_dpi function. Att...
📅 34 days ago • Feb 10, 2026OpenTelemetry-Go SDK versions v1.20.0 through v1.39.0 on macOS/Darwin systems are vulnerable to path hijacking attacks. An attacker with local access ...
📅 41 days ago • Feb 2, 2026This CVE describes a local privilege escalation vulnerability in mlflow versions before 3.4.0 where temporary directories for Python virtual environme...
📅 42 days ago • Feb 2, 2026This vulnerability allows attackers to execute arbitrary code or write arbitrary files when downloading and building Go modules with malicious version...
📅 46 days ago • Jan 28, 2026Dell CloudBoost Virtual Appliance versions before 19.14.0.0 store passwords in plaintext, allowing attackers with remote access and high privileges to...
📅 48 days ago • Jan 27, 2026This CVE describes a local privilege escalation vulnerability in npm CLI where incorrect permission assignment allows loading modules from unsecured l...
📅 52 days ago • Jan 23, 2026This CVE describes a use-after-free vulnerability in Inbox COM Objects that allows an unauthorized attacker to execute arbitrary code locally on affec...
📅 61 days ago • Jan 13, 2026A race condition vulnerability in the Capability Access Management Service (camsvc) allows authorized attackers to escalate privileges on local system...
📅 61 days ago • Jan 13, 2026This vulnerability allows an unauthorized attacker to execute arbitrary code on a local system by exploiting an untrusted search path in Microsoft Off...
📅 61 days ago • Jan 13, 2026A race condition vulnerability in Windows Local Session Manager allows authenticated attackers to escalate privileges on affected systems. This affect...
📅 61 days ago • Jan 13, 2026This vulnerability involves a double-free memory corruption flaw in the Windows Win32K ICOMP component. An authenticated attacker could exploit this t...
📅 61 days ago • Jan 13, 2026This vulnerability involves a use-after-free flaw in Windows Desktop Window Manager (DWM) that allows an authenticated attacker to execute arbitrary c...
📅 61 days ago • Jan 13, 2026This CVE describes a race condition vulnerability in the Graphics Kernel that allows local attackers with existing system access to elevate privileges...
📅 61 days ago • Jan 13, 2026A race condition vulnerability in the Capability Access Management Service (camsvc) allows authorized attackers to gain elevated privileges on affecte...
📅 61 days ago • Jan 13, 2026This vulnerability is a race condition in the Graphics Kernel that allows an authorized local attacker to execute code concurrently with improper sync...
📅 61 days ago • Jan 13, 2026A race condition vulnerability in the Capability Access Management Service (camsvc) allows authorized attackers to execute concurrent operations on sh...
📅 61 days ago • Jan 13, 2026A race condition vulnerability in the Printer Association Object allows authorized attackers to escalate privileges locally. This affects systems wher...
📅 61 days ago • Jan 13, 2026This CVE describes a memory corruption vulnerability in the seninf component due to a race condition. It allows local privilege escalation from System...
📅 69 days ago • Jan 6, 2026CVE-2025-20779 is a use-after-free vulnerability in display drivers caused by a race condition. This allows local attackers with System privilege to e...
📅 69 days ago • Jan 6, 2026This CVE describes a local privilege escalation vulnerability in SevenCs ORCA G2 software where a TOCTOU race condition allows standard users to gain ...
📅 75 days ago • Dec 31, 2025A race condition in FluidSynth versions 2.5.0 to 2.5.1 allows heap-based use-after-free when unloading DLS files concurrently with synthesizer destruc...
📅 82 days ago • Dec 23, 2025This vulnerability in pdfforge PDF Architect allows remote attackers to execute arbitrary code by tricking users into opening malicious DOC files. The...
📅 82 days ago • Dec 23, 2025This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable versions of pdfforge PDF Architect. Attackers can e...
📅 82 days ago • Dec 23, 2025This vulnerability in PDFsam Enhanced allows remote attackers to execute arbitrary code by tricking users into opening malicious DOC files. The softwa...
📅 82 days ago • Dec 23, 2025PDFsam Enhanced has a remote code execution vulnerability in its XLS file processing. Attackers can execute arbitrary code by tricking users into open...
📅 82 days ago • Dec 23, 2025This vulnerability in MariaDB's mariadb-dump utility allows remote attackers to execute arbitrary code via directory traversal in view names. Attacker...
📅 82 days ago • Dec 23, 2025Why Track Trending CVEs?
Stay ahead of emerging threats: Newly discovered vulnerabilities pose the highest risk as attackers race to exploit them before patches are deployed. Trending CVEs represent the most critical security issues requiring immediate attention from security teams worldwide.
Prioritize remediation efforts: With thousands of CVEs published annually, security teams need to focus on the most recent and severe threats first. Our trending CVE dashboard highlights critical and high-severity vulnerabilities from the past 7, 30, or 90 days, helping you prioritize patching efforts.
🚀 Automated Trending CVE Monitoring
- Scan your servers to detect packages affected by trending CVEs
- Receive instant email alerts when critical vulnerabilities are discovered
- Dashboard shows CVE age, severity, CVSS scores, and affected systems
- Filter by time period (7/30/90 days) to focus on recent threats
