Vulnerability Context

Cybersecurity Hub

Explainers, editorial coverage and patch priority guidance

This page provides editorial context around vulnerabilities. For the full Vulnerability Database, analytics and product tools, visit Vulnerabilities or the CVE Database.

Featured CVEs

Full database

CVE-2021-44228CriticalCVSS 10.0KEVExploitPatch

Apache Log4j2 JNDI RCE (Log4Shell)

Apache · Log4j2·over 4 years ago

CVE-2026-21954CriticalCVSS 9.8KEVExploitPatch

Windows Kernel Privilege Boundary Failure

Microsoft · Windows Kernel·27 days ago

CVE-2026-20881CriticalCVSS 9.6KEVExploitPatch

Fortinet SSL VPN Session Validation Bypass

Fortinet · FortiGate SSL VPN·28 days ago

Patch priority context

The following vulnerabilities rank highest by combined CVSS, EPSS and exploit availability. Security teams should validate against their own asset inventory before prioritizing.

CVE-2021-44228CriticalCVSS 10.0KEVExploitPatch

Apache Log4j2 JNDI RCE (Log4Shell)

Apache · Log4j2·over 4 years ago

CVE-2026-20881CriticalCVSS 9.6KEVExploitPatch

Fortinet SSL VPN Session Validation Bypass

Fortinet · FortiGate SSL VPN·28 days ago

CVE-2026-21954CriticalCVSS 9.8KEVExploitPatch

Windows Kernel Privilege Boundary Failure

Microsoft · Windows Kernel·27 days ago

Vulnerability articles

New BootROM Break for Apple A12 and A13: Why “usbliter8” Cannot Be Patched Away

A new hardware-level security issue has entered the Apple ecosystem. Researchers from Paradigm Shift have published an exploit called “usbliter8” that enables code execution inside the SecureROM stage of Apple’s A12 and A13 chips.This kind of vulnerability is very different from an ordinary software bug. SecureROM is the first boot code permanently written into the chip during manufacturing. It sits at the beginning of the device’s chain of trust and cannot be rewritten later. That means a flaw at this level cannot be fully removed with a standard iOS, iPadOS, watchOS, or firmware update.That is what makes usbliter8 significant: when the exploit succeeds, it gains control before Apple’s signed boot process has a chance to take over.

Editor27 days ago