VulnTracking

CrowdSec detects a surge of exploitation attempts targeting CVE-2026-23744, a critical RCE vulnerability in MCPJam Inspector exposing AI development environments.

CVE-2025-20281 is a critical CVSS 10.0 RCE vulnerability in Cisco Identity Services Engine (ISE). CrowdSec observes a new surge of exploitation attempts targeting exposed REST APIs

CVE-2026-21859 is a critical SSRF vulnerability in Mailpit actively exploited in targeted attacks. Learn how it exposes internal networks.

CVE-2025-14528 is a vulnerability in EoL D-Link routers. Learn why and how it is used to build botnets.

CVE-2025-56520 is actively exploited in Dify, exposing AI platforms to SSRF-driven reconnaissance, internal scanning, and potential credential theft.

CVE-2026-1281 is an actively exploited RCE vulnerability in Ivanti EPMM. Learn how to detect, mitigate, and protect your infrastructure.

Mass exploitation targets Zimbra via new LFI (CVE-2025-68645) and persistent XSS flaws. Learn attack trends, risks, and how to protect.

CVE-2025-34291 is an actively exploited RCE vulnerability in LangFlow. Learn how to detect, mitigate, and protect your AI infrastructure.

Critical WSUS RCE CVE-2025-59287 is under active exploitation. Learn how attackers target Windows update infrastructure and how to defend your systems.

CVE-2024-20767 is actively exploited in Adobe ColdFusion. CrowdSec observed a surge in attacks & explains impact, trends, & how to protect your systems.

Active exploitation targets CVE-2025-59718, a critical Fortinet auth bypass. See detection insights and mitigation steps.

React2Shell (CVE-2025-55182) attacks surged from 500 to 10K+ daily. Learn what changed, attacker trends, and how to protect with CrowdSec.

Learn about CVE-2025-55182, the React2Shell vulnerability that turns a frontend flaw into backend access. Discover its impact & how to protect your apps.

CVE-2025-64095 is being actively probed, allowing attackers to upload and overwrite files on DNN sites. CrowdSec intelligence reveals early exploitation trends.

CVE-2025-54236 enables attackers to seize Magento sessions & escalate to RCE. See CrowdSec’s exploitation data, timeline, & protection guidance.

CVE-2025-64446 allows attackers to bypass authentication in FortiWeb. Deploy CrowdSec WAF to secure your systems.

CrowdSec detects rising exploitation of XWiki CVE-2025-55748, a path traversal flaw exposing sensitive configs, not yet in CISA KEV.

CrowdSec detects active exploitation of CVE-2025-54249 in Adobe Experience Manager (AEM), an SSRF flaw exposing internal services.

Discover key insights on emerging CVEs and exploitation attempts in the September edition of the CrowdSec VulnTracking Report.

Discover key insights on emerging CVEs and exploitation attempts in the July edition of the CrowdSec VulnTracking Report.

Discover key insights on emerging CVEs and exploitation attempts in the June edition of the CrowdSec VulnTracking Report.

Discover key insights on emerging CVEs and exploitation attempts in the May edition of the CrowdSec VulnTracking Report.

Discover key insights on emerging CVEs and exploitation attempts in the April edition of the CrowdSec VulnTracking Report.

We are excited to launch our latest series, the CrowdSec VulnTracking Reports. In these monthly reports, we will be exploring key insights on emerging vulnerabilities and CVE exploitation trends, as spotted by the CrowdSec Network. In March 2025, we added detection for 34 vulnerabilities and/or exploits to our database — translating into scenarios for the […]