Home Embedded Vulns General Vulns

ESV-Tracker

An AI-powered database that classifies embedded vulnerabilities separately from general-purpose ones.

No Dedicated Database Existed. Until Now.

Embedded system vulnerabilities are critical, yet buried alongside millions of general CVEs. ESV-Tracker changes that.

Your Embedded Threat Center.

Search the database, track embedded CVEs, and explore real-time statistics — all in one place.

1207
New Embedded Vulns (7 Days)
8758
Active Critical ESVs
apple
Top Target (30 Days)
6.97
Average ESV CVSS Score

Vulnerability Trends (Last 6 Months)

ESV Severity Distribution (90 Days)

Top Affected ESV Vendors (90 Days)

  • google 133 Vulns
  • apple 120 Vulns
  • tenda 98 Vulns
  • microsoft 65 Vulns
  • adobe 57 Vulns

Recent Critical ESVs

CVE-2026-34953 CRITICAL 9.1
CVE-2026-34952 CRITICAL 9.1
CVE-2026-34938 CRITICAL 10.0
CVE-2026-34935 CRITICAL 9.8
CVE-2026-34934 CRITICAL 9.8

Recently Added Vulnerabilities

CVE ID Description Severity Published Type
CVE-2020-6838 In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c. Critical (9.8) 2020-01-11 General Purpose
CVE-2019-20379 ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter. Medium (6.1) 2020-01-11 General Purpose
CVE-2019-20378 ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter. Medium (6.1) 2020-01-11 General Purpose
CVE-2020-6836 grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is vulnerable to arbitrary code injecti… Critical (9.8) 2020-01-11 General Purpose
CVE-2020-6377 Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap c… High (8.8) 2020-01-10 General Purpose