Top 10

Cybersecurity Hub

Ranked by risk, severity and activity from sample data

Rankings are based on sample mock data and do not represent production intelligence rankings. Scores combine CVSS, EPSS, exploit availability and KEV status where applicable.

Top CVEs by combined risk

Full database

CVE-2021-44228CriticalCVSS 10.0KEVExploitPatch

Apache Log4j2 JNDI RCE (Log4Shell)

Apache · Log4j2·over 4 years ago

CVE-2026-20881CriticalCVSS 9.6KEVExploitPatch

Fortinet SSL VPN Session Validation Bypass

Fortinet · FortiGate SSL VPN·28 days ago

CVE-2026-21954CriticalCVSS 9.8KEVExploitPatch

Windows Kernel Privilege Boundary Failure

Microsoft · Windows Kernel·27 days ago

CVE-2026-14033CriticalCVSS 9.4KEVExploitNo Patch

Ivanti Policy Secure Command Routing Weakness

Ivanti · Policy Secure·about 1 month ago

CVE-2026-15109CriticalCVSS 9.1KEVExploitPatch

Atlassian Confluence Template Injection Path

Atlassian · Confluence Data Center·about 1 month ago

CVE-2026-18762HighCVSS 8.6No Patch

Cisco IOS XE Management Interface Authorization Gap

Cisco · IOS XE·29 days ago

CVE-2026-17341HighCVSS 8.1Patch

OpenSSL TLS Handshake Buffer Handling Fault

OpenSSL · OpenSSL·about 1 month ago

CVE-2026-16420HighCVSS 7.8Patch

VMware vCenter Plugin Deserialization Weakness

VMware · vCenter Server·about 1 month ago

CVE-2026-13277MediumCVSS 6.5Patch

Linux Kernel Netfilter State Confusion

Linux Kernel · Netfilter·about 1 month ago

CVE-2026-12188MediumCVSS 5.9Patch

GitLab Runner Token Exposure in Cached Job Metadata

GitLab · GitLab Runner·about 1 month ago

Active threat signals

Threat Intelligence

ransomware_activityTLP:AMBERCritical

VoidLock Collective claims new healthcare victims

The ransomware group posted redacted claims against two mock healthcare organizations. Defensive teams should review VPN exposure and phishing controls.

dark_web_monitoring_mock26 days ago

infrastructure_changeTLP:AMBERHigh

Phantom Crane infrastructure shift detected

Analysts observed Phantom Crane moving C2 infrastructure to new cloud regions. The shift correlates with expanded targeting of telecom providers.

vendor_report27 days ago

malware_activityTLP:GREENHigh

NeonStealer campaign targeting e-commerce payment flows

Phishing kits deploying NeonStealer have increased in volume. The stealer harvests browser credentials and payment data from e-commerce sessions.

open_source27 days ago

dark_web_signalTLP:REDCritical

SilkGate Broker advertising VPN access to healthcare networks

Mock initial access broker listing claims VPN access to three healthcare organizations. All details are redacted and fictional.