Home Embedded Vulns General Vulns
28
New Embedded Vulns (7 Days)
348
Active Critical ESVs
tenda
Top Target (30 Days)
6.96
Average ESV CVSS Score

Vulnerability Trends (Last 6 Months)

ESV Severity Distribution (90 Days)

Top Affected ESV Vendors (90 Days)

  • tenda 105 Vulns
  • apple 51 Vulns
  • dlink 44 Vulns
  • ruijie 35 Vulns
  • qnap 31 Vulns

Recent Critical ESVs

CVE-2020-37002 CRITICAL 9.8
CVE-2025-21589 CRITICAL 9.8
CVE-2026-24858 CRITICAL 9.8
CVE-2025-15467 CRITICAL 9.8
CVE-2020-36940 CRITICAL 9.8

Recently Added Vulnerabilities

CVE ID Description Severity Published Type
CVE-2025-14887 The twinklesmtp – Email Service Provider For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scriptin… Medium (4.4) 2026-01-07 General-Purpose
CVE-2025-14875 The HBLPAY Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the… Medium (6.1) 2026-01-07 General-Purpose
CVE-2025-14867 The Flashcard plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.9 via the 's… Medium (6.5) 2026-01-07 General-Purpose
CVE-2025-14845 The NS IE Compatibility Fixer plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions u… Medium (4.3) 2026-01-07 General-Purpose
CVE-2025-14842 The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to limited upload of files w… Medium (6.1) 2026-01-07 General-Purpose