PatchNow

RSS Feed - High Risk Alerts Full Analysis History (74 CVEs)

Content last updated: Less than a minute ago
7
Critical Vulnerabilities
1
Days Since Newest Entry

☕ Support This Service

+

These automated vulnerability intelligence briefings are provided free of charge to help security teams stay ahead of critical threats. The service monitors CISA KEV additions, performs AI-powered risk analysis, and generates actionable alerts 24/7.

Monthly Running Costs: ~£14 Claude AI (Risk Analysis): £7 • Kagi Search (Threat Intel): £7
🎁 Buy me a coffee

🧠 Vulnerability Classification Logic

+

🔴 HIGH RISK vulnerabilities are those that meet all of the following criteria:

  • MITRE ATT&CK T1190 Classification: The vulnerability enables "Exploit Public-Facing Application" attacks, meaning it can be directly exploited over the internet without user interaction
  • Network Attack Vector: CVSS analysis confirms the vulnerability has a NETWORK attack vector (not LOCAL, ADJACENT, or PHYSICAL)
  • Internet-Facing Deployment Analysis: Claude AI assesses that the vulnerable software is commonly deployed as an internet-facing service with HIGH or VERY_HIGH likelihood
  • Added to CISA KEV quickly: The CVE was issued less than 30 days prior to it being added to the KEV list. Otherwise you would have already patched it, right?
  • Added to KEV recently: The CVE was added to the KEV list in the last 14 days. Because you've patched it by the time it has been in active exploitation for 30 days, haven't you?

Each vulnerability undergoes deployment pattern analysis where Claude AI evaluates the typical deployment scenarios, and internet-facing likelihood.

CVE-2025-52691 - SmarterMail Build 9406 and earlier

Internet Exposure Likelihood: VERY_HIGH CVSS: 10.0
Critical unauthenticated file upload vulnerability in SmarterMail email servers allowing arbitrary file upload to any server location, leading to remote code execution. Active exploitation is occurring in the wild against internet-facing mail servers.
CVE ADDED: 2025-12-29 28 DAYS BETWEEN CVE AND KEV 1 DAY SINCE KEV
View Details →

CVE-2026-24061 - GNU InetUtils telnetd

Internet Exposure Likelihood: MEDIUM CVSS: 9.8
Critical authentication bypass vulnerability in GNU InetUtils telnetd allows remote attackers to gain root access without credentials via malformed USER environment variable. Over 800,000 telnet servers are exposed on the internet with active exploitation observed in the wild.
CVE ADDED: 2026-01-21 5 DAYS BETWEEN CVE AND KEV 1 DAY SINCE KEV
View Details →

CVE-2025-68645 - Zimbra Collaboration

Internet Exposure Likelihood: VERY_HIGH CVSS: 8.8
Local File Inclusion vulnerability in Zimbra Collaboration webmail allows unauthenticated remote attackers to include arbitrary files via crafted requests to /h/rest endpoint. Zimbra is commonly deployed as internet-facing email server infrastructure.
CVE ADDED: 2025-12-22 31 DAYS BETWEEN CVE AND KEV 5 DAYS SINCE KEV
View Details →

CVE-2026-20045 - Cisco Unified Communications Manager, Cisco Unity Connection, Cisco Unified Communications Manager IM and Presence Service

Internet Exposure Likelihood: HIGH CVSS: 8.2
Critical remote code execution vulnerability in Cisco Unified Communications products allowing unauthenticated attackers to execute arbitrary commands via crafted HTTP requests to web management interfaces. Cisco confirms active exploitation attempts in the wild with potential for privilege escalation to root access.
CVE ADDED: 2026-01-21 0 DAY BETWEEN CVE AND KEV 6 DAYS SINCE KEV
View Details →

CVE-2025-8110 - Gogs versions

Internet Exposure Likelihood: HIGH CVSS: 8.7
Critical RCE vulnerability in Gogs Git service allows authenticated users to achieve remote code execution via symbolic link bypass in the PutContents API. Over 700 internet-facing instances have been compromised with active exploitation ongoing.
CVE ADDED: 2025-12-10 33 DAYS BETWEEN CVE AND KEV 15 DAYS SINCE KEV
View Details →

CVE-2025-37164 - HPE OneView

Internet Exposure Likelihood: HIGH CVSS: 10.0
CVE-2025-37164 is a critical unauthenticated remote code execution vulnerability in HPE OneView with a perfect CVSS score of 10.0. CISA has added this to their KEV catalog due to active exploitation in the wild, and a Metasploit module exists for exploitation.
CVE ADDED: 2025-12-16 22 DAYS BETWEEN CVE AND KEV 20 DAYS SINCE KEV
View Details →

CVE-2025-14847 - MongoDB Server

Internet Exposure Likelihood: HIGH CVSS: 7.5
Critical memory disclosure vulnerability in MongoDB Server allowing unauthenticated remote attackers to read heap memory through malformed Zlib compressed protocol headers. CISA has added this to KEV catalog due to confirmed active exploitation in the wild.
CVE ADDED: 2025-12-19 10 DAYS BETWEEN CVE AND KEV 29 DAYS SINCE KEV
View Details →

Generated by PatchNow Intelligence System | Data Source: CISA KEV + CIRCL.LU + Claude Analysis

📄 Download JSON Data | 📡 RSS Feed