The CVE database
that answers back.
Discover what's hijacking Splunk Enterprise
A live database of 340.7K vulnerabilities — 65.4K linked to public exploit code and 1.6K confirmed exploited (CISA KEV). Continuously synced from NVD, GHSA, CISA KEV, and CSAF advisories — enriched with EPSS scores, exploit links, Nuclei templates, and MITRE ATT&CK mappings. Search, analyze, and query everything through an AI assistant.
All numbers are live. Our sync pipeline pulls vulnerability data from CVEProject, NVD, GHSA, CISA KEV, CSAF advisories, and other authoritative sources — enriched and scored automatically.
The latest critical vulnerabilities discovered in the wild. These CVEs scored 9.0+ on CVSS and were published in the last 24–48 hours. Each one is automatically enriched with exploit data, affected products, and ATT&CK mappings the moment it enters our pipeline.
6 new critical CVEs in the last 24 hours
Account Takeover via Predictable SSO Ticket Generation
All versions of the package expr-eval are vulnerable to Code Execution via the toJSFunction() API. An attacker can execute arbitrary JavaScript by supplying crafted expressions that are compiled in...
vLLM: OpenAI auth bypass
n8n - Credential Exfiltration via Allowed HTTP Request Domains Bypass in Dynamic Node Parameters Endpoint
MCP Extension Code Injection Vulnerability in Autodesk Fusion Desktop
June 2026
in numbers
One snapshot of where vulnerabilities moved this month — volume, severity, KEV velocity, top vendors and CWEs. New report on the 1st.
Open monthly report →What's discussed now
The CVEs the security world is talking about right now — ranked, with why they matter.
- 1CVE-2026-20253EXPLOITEDKEV
Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise
9.8100 - 2CVE-2026-20262RISINGEXPLOITEDKEV
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability
6.570 - 3CVE-2025-59718RESURFACINGEXPLOITEDKEV
A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, Fo...
9.843 - 4CVE-2026-48907EXPLOITEDKEV
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
9.843 - 5CVE-2026-24858RISINGEXPLOITEDKEV
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2...
9.842 - 6CVE-2026-4020RISINGEXPLOITED
Gravity SMTP <= 2.1.4 - Unauthenticated Sensitive Information Exposure via REST API
7.530 - 7CVE-2026-33825PatchKEV
Microsoft Defender Elevation of Privilege Vulnerability
7.824 - 8CVE-2026-45498PatchKEV
Microsoft Defender Denial of Service Vulnerability
4.023 - 9CVE-2026-54420EXPLOITEDKEV
LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running C...
8.523 - 10CVE-2026-41091PatchKEV
Microsoft Defender Elevation of Privilege Vulnerability
7.823
See what's inside
From a searchable database with deep filters to an AI analyst you can talk to — every screen is built for security teams that need answers fast.
Find exploitable CVEs
in seconds, not hours
250,000+ CVEs with a sidebar packed with filters. Combine KEV status, exploit availability, EPSS range, CWE, vendor, attack vector, and date range. Sub-50ms results via Typesense.
- Priority heatmap: see the critical/high/medium split before you touch a filter
- Active filter chips — always know what is applied, remove in one click
- Faceted counts on every option: "CISA KEV (1,247)" — no empty results
- Save named presets — reload your daily triage view instantly
Everything you need to work with vulnerabilities
CVE Tools is not just a database — it's a complete vulnerability intelligence workstation. Every CVE is enriched, linked, and queryable through multiple interfaces.
CVE Database
Live mirror of the official CVEProject feed with CVSS, affected products, CPEs, and CWE weaknesses.
Exploit Intelligence
Auto-linked PoCs from GitHub, ExploitDB, and Metasploit, with maturity signals on each entry.
Nuclei Templates
Community and AI-generated Nuclei templates mapped to specific CVEs for instant validation.
EPSS Scoring
FIRST.org exploit-probability scores on every CVE. Prioritise by likelihood, not just severity.
CISA KEV Tracking
Live overlay of the Known Exploited Vulnerabilities catalog — what is actively abused and mandated to patch.
CSAF Advisories
CISA CSAF 2.0 advisories for IT and OT/ICS, with remediation guidance and product-level severity.
Attack Surface Graph
Interactive map: products to CVEs to MITRE ATT&CK techniques. See how an attacker would chain it.
AI Assistant
Chat with a security analyst about impact, remediation, detection rules, or any CVE in plain English.
MCP, REST API & CLI
Plug in via MCP (Claude, Cursor), call the REST API from scripts, or run cvetools from your terminal.
Attack surface in real time
This graph is built automatically from the 3 most recent critical CVEs in our database. It maps affected products through vulnerabilities to MITRE ATT&CK techniques and kill chain stages — showing not just what's broken, but how it could be exploited.
Latest Critical CVEs & Attack Paths
All versions of the package expr-eval are vulnerable to Code Execution via the toJSFunction() API. An attacker can execute arbitrary JavaScript by supplying crafted expressions that are compiled in...
vllm-project/vllm
vLLM: OpenAI auth bypass
zohocorp/manageengine_adaudit_plus
Account Takeover via Predictable SSO Ticket Generation
This graph updates automatically when new critical CVEs are discovered and enriched.
Where the data comes from
CVE Tools aggregates, enriches, and structures vulnerability data from authoritative sources. Every record passes through our parsing, scoring, and enrichment pipeline before entering the database.
Official CVE database from CVE Numbering Authorities. Synced from GitHub repository.
NIST National Vulnerability Database. CVSS scoring, CPE matching, and CWE classification.
Russian FSTEC vulnerability database. Independent severity assessments and remediation data.
GitHub Security Advisories. OSV-format advisories with ecosystem-specific impact data.
ProjectDiscovery scanner templates. Actionable detection rules linked to CVEs.
CISA CSAF 2.0 advisories for IT and OT/ICS. Industrial control systems security guidance.
CISA Known Exploited Vulnerabilities catalog. Confirmed active exploitation in the wild.
OSV, VulnDB, and ZDI integrations are in development. Suggest a source you'd like to see next.
Years of vulnerability data, continuously growing
Coverage from 1999 to present, by publication year. The current year updates in real time as new vulnerabilities are published and synced.
Ready to dive in?
Everything you just scrolled through is live data. Sign in to search it, query it with AI, and plug it into your tools. No credit card required.