Home Embedded Vulns General Vulns

ESV-Tracker

An AI-powered database that classifies embedded vulnerabilities separately from general-purpose ones.

No Dedicated Database Existed. Until Now.

Embedded system vulnerabilities are critical, yet buried alongside millions of general CVEs. ESV-Tracker changes that.

Your Embedded Threat Center.

Search the database, track embedded CVEs, and explore real-time statistics — all in one place.

1019
New Embedded Vulns (7 Days)
8739
Active Critical ESVs
apple
Top Target (30 Days)
6.97
Average ESV CVSS Score

Vulnerability Trends (Last 6 Months)

ESV Severity Distribution (90 Days)

Top Affected ESV Vendors (90 Days)

  • google 133 Vulns
  • apple 120 Vulns
  • tenda 98 Vulns
  • microsoft 65 Vulns
  • adobe 57 Vulns

Recent Critical ESVs

CVE-2026-33107 CRITICAL 10.0
CVE-2026-33105 CRITICAL 10.0
CVE-2026-32213 CRITICAL 10.0
CVE-2026-32211 CRITICAL 9.1
CVE-2026-26135 CRITICAL 9.6

Recently Added Vulnerabilities

CVE ID Description Severity Published Type
CVE-2013-3946 Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute… High (7.8) 2020-01-02 General Purpose
CVE-2013-3945 The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband ta… High (7.8) 2020-01-02 General Purpose
CVE-2013-3944 Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execut… High (7.8) 2020-01-02 General Purpose
CVE-2010-3782 obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation. High (8.8) 2020-01-02 General Purpose
CVE-2014-0161 ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the… Medium (5.9) 2020-01-02 General Purpose