Cut the noise.
Know which vulnerabilities demand action.

Monitor and prioritize what really matters — the 1% of vulnerabilities that can cause real impact.

Analytics

EPSS Trending (30d)

Threat Indicators

829
CISA KEV
244
Exploits
493
Proof-of-Concept
66.9%
Average EPSS

EPSS Hot Zone

|
Sort by:
KEV Prediction — Top%
EPSS Percentile — Top%

Emerging Vulnerabilities

13 May/26
CVE-2026-42945
HIGH

This vulnerability is a heap buffer overflow occurring in the ngx_http_rewrite_module of F5 NGINX Plus and NGINX Open Source. It arises when the rewrite directive is followed by another rewrite, if, or set directive using an unnamed PCRE capture group (e.g., $1, $2) combined with a replacement string containing a question mark (?). The flaw is rooted in improper handling of regular expression captures during HTTP request processing within the rewrite module.

CVSS 8.1
EPSS 61.5%
KEV Pred 65%
Product F5 NGINX Plus f5
CVSS v3.1 CVSS v4.0 CWE-122 PoC
12 May/26
CVE-2026-41089
CRITICAL

This vulnerability is a stack-based buffer overflow caused by improper handling of input data within the Windows Netlogon component. Specifically, the flaw arises from insufficient bounds checking during processing of network authentication requests, allowing data to overwrite adjacent memory on the stack. The affected component is the Netlogon Remote Protocol implementation in Microsoft Windows Server 2012 and later versions.

CVSS 9.8
EPSS 72.3%
KEV Pred 71%
Product Microsoft Windows Server 2012 microsoft
CVSS v3.1 CWE-121 PoC RANSOMWARE