125
New Embedded Vulns (7 Days)
348
Active Critical ESVs
tenda
Top Target (30 Days)
6.96
Average ESV CVSS Score
Vulnerability Trends (Last 6 Months)
ESV Severity Distribution (90 Days)
Top Affected ESV Vendors (90 Days)
- apple 137 Vulns
- tenda 105 Vulns
- samsung 52 Vulns
- dlink 45 Vulns
- ruijie 35 Vulns
Recent Critical ESVs
CVE-2020-37002
CRITICAL 9.8
CVE-2025-21589
CRITICAL 9.8
CVE-2026-24858
CRITICAL 9.8
CVE-2025-15467
CRITICAL 9.8
CVE-2020-36940
CRITICAL 9.8
Recently Added Vulnerabilities
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-0504 | Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with t… | Medium (5.4) | 2025-11-21 | General-Purpose |
| CVE-2025-11087 | The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up… | High (8.8) | 2025-11-21 | General-Purpose |
| CVE-2025-36149 | IBM Concert Software 1.0.0 through 2.0.0 could allow a remote attacker to hijack the clicking action of the victim. | Medium (6.3) | 2025-11-21 | General-Purpose |
| CVE-2025-13524 | Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Lin… | Medium (5.7) | 2025-11-21 | General-Purpose |
| CVE-2025-64767 | hpke-js is a Hybrid Public Key Encryption (HPKE) module built on top of Web Cryptography API. Prior to version 1.7.5, t… | Critical (9.1) | 2025-11-21 | General-Purpose |