0
New Embedded Vulns (7 Days)
326
Active Critical ESVs
qnap
Top Target (30 Days)
6.96
Average ESV CVSS Score
Vulnerability Trends (Last 6 Months)
ESV Severity Distribution (90 Days)
Top Affected ESV Vendors (90 Days)
- apple 136 Vulns
- tenda 90 Vulns
- samsung 52 Vulns
- dlink 44 Vulns
- ruijie 35 Vulns
Recent Critical ESVs
CVE-2026-20750
CRITICAL 9.1
CVE-2026-23800
CRITICAL 10.0
CVE-2026-23523
CRITICAL 9.6
CVE-2025-62582
CRITICAL 9.8
CVE-2025-62581
CRITICAL 9.8
Recently Added Vulnerabilities
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-9625 | The Coil Web Monetization plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and i… | Medium (4.3) | 2025-11-18 | General-Purpose |
| CVE-2025-8609 | The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Acco… | Medium (6.4) | 2025-11-18 | General-Purpose |
| CVE-2025-8605 | The Gutenify – Visual Site Builder Blocks & Site Templates. plugin for WordPress is vulnerable to Stored Cross-Site Scr… | Medium (6.4) | 2025-11-18 | General-Purpose |
| CVE-2025-40549 | A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to … | Critical (9.1) | 2025-11-18 | General-Purpose |
| CVE-2025-40548 | A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges… | Critical (9.1) | 2025-11-18 | General-Purpose |