basicsecurity.net
Proof, not just disclosure.
Threats / Contributors / MITRE
Registry & coordination contributor

MITRE

CNA assigner on 316 (independent) of 316 known-exploited records. Every aggregate on this page is recomputed from the records listed below — each one already cited to its public source.

No vendor advisory domain is cited for this contributor in the corpus — its credit here is as a CNA/finder. Home URL is a stated coverage gap.

Independent CNA
316
records cited in
deterministic count
0
finder / reporter credits
CVE.org credits
316
CVE records catalogued (CNA)
independent
63%
avg modeled exploit prob.
FIRST EPSS, 316/316
23%
ransomware-associated
74 of 316 · CISA flag
01

Known for

— recomputed from this contributor’s own records
SurfacesApplication / other (224), Edge / remote-access infra (66), Operating system / kernel (12), Server / web platform (10), Browser (3)
WeaknessInjection (106), Path traversal / file (36), Memory safety (29), Web / client (28), Authentication (26)
PortfolioD-Link (23), Synacor (18), Roundcube (10), Microsoft (9), Zoho (9), Arm (7)
02

Narrative reach

— how far this contributor’s records carry an attacker, front door → lights out
1Front door
315reach this stage
2Keys to the kingdom
315reach this stage
3Lateral reach
295reach this stage
4Data at risk
50reach this stage
5Lights out
12reach this stage

Furthest any of these records carries an attacker: 5 · Lights out. 50 of 315 narrative-framed records reach data-at-risk or lights-out. (furthest-position idiom, reused from the landing map; the stage mapping is a model output over cited evidence.)

03

Recent highlights

— this contributor’s newest known-exploited records
CVE-2026-54420LiteSpeed1%KEVCVE-2026-48172LiteSpeed1%KEVCVE-2024-57726SimpleHelp 9%RWKEVCVE-2024-57728SimpleHelp 8%RWKEVCVE-2025-29635D-Link35%KEVCVE-2025-32975Quest2%KEV
04

Every record they’re cited in

— all 316, each linked to its cited source

This is the evidence behind every number above. Sorted ransomware-first, then by modeled exploit probability.

CVE-2022-29464WSO2100%RWKEVCVE-2019-11510Ivanti100%RWKEVCVE-2019-19781Citrix100%RWKEVCVE-2021-35464ForgeRock100%RWKEVCVE-2025-31161CrushFTP100%RWKEVCVE-2018-10562Dasan100%RWKEVCVE-2021-3129Laravel100%RWKEVCVE-2023-34362Progress100%RWKEVCVE-2019-15107Webmin100%RWKEVCVE-2022-47966Zoho100%RWKEVCVE-2019-18935Progress100%RWKEVCVE-2021-42237Sitecore99%RWKEVCVE-2022-30333RARLAB99%RWKEVCVE-2021-40539Zoho99%RWKEVCVE-2023-47246SysAid99%RWKEVCVE-2019-11539Ivanti99%RWKEVCVE-2012-4681Oracle99%RWKEVCVE-2024-50623Cleo99%RWKEVCVE-2008-2992Adobe98%RWKEVCVE-2022-27925Synacor98%RWKEVCVE-2024-41713Mitel98%RWKEVCVE-2023-38831RARLAB98%RWKEVCVE-2018-6530D-Link97%RWKEVCVE-2022-36537ZK Framework95%RWKEVCVE-2024-57727SimpleHelp 95%RWKEVCVE-2024-51378CyberPersons95%RWKEVCVE-2024-55956Cleo94%RWKEVCVE-2018-11138Quest92%RWKEVCVE-2022-26352dotCMS92%RWKEVCVE-2022-37042Synacor88%RWKEVCVE-2019-16057D-Link87%RWKEVCVE-2024-51567CyberPersons87%RWKEVCVE-2017-18362Kaseya87%RWKEVCVE-2023-41265Qlik85%RWKEVCVE-2023-41266Qlik85%RWKEVCVE-2022-27924Synacor85%RWKEVCVE-2022-24990TerraMaster84%RWKEVCVE-2021-30116Kaseya83%RWKEVCVE-2023-43208NextGen Healthcare83%RWKEVCVE-2018-6789Exim82%RWKEVCVE-2017-11357Telerik76%RWKEVCVE-2013-2551Microsoft74%RWKEVCVE-2021-42258BQE73%RWKEVCVE-2023-28461Array Networks 68%RWKEVCVE-2021-27877Veritas65%RWKEVCVE-2022-29499Mitel57%RWKEVCVE-2021-27104Accellion57%RWKEVCVE-2020-12271Sophos43%RWKEVCVE-2017-6884Zyxel38%RWKEVCVE-2024-55550Mitel38%RWKEVCVE-2022-31199Netwrix36%RWKEVCVE-2022-24682Synacor31%RWKEVCVE-2018-20753Kaseya30%RWKEVCVE-2019-13608Citrix28%RWKEVCVE-2023-48365Qlik25%RWKEVCVE-2018-6882Synacor24%RWKEVCVE-2021-27878Veritas24%RWKEVCVE-2021-27876Veritas13%RWKEVCVE-2021-27103Accellion11%RWKEVCVE-2017-1000253Linux11%RWKEVCVE-2022-41223Mitel11%RWKEVCVE-2022-40765Mitel10%RWKEVCVE-2024-57726SimpleHelp 9%RWKEVCVE-2015-2291Intel9%RWKEVCVE-2018-19323GIGABYTE9%RWKEVCVE-2019-11634Citrix8%RWKEVCVE-2024-57728SimpleHelp 8%RWKEVCVE-2021-27101Accellion6%RWKEVCVE-2022-26500Veeam6%RWKEVCVE-2022-26501Veeam4%RWKEVCVE-2018-19321GIGABYTE4%RWKEVCVE-2021-27102Accellion4%RWKEVCVE-2018-19320GIGABYTE4%RWKEVCVE-2018-19322GIGABYTE2%RWKEVCVE-2023-44487IETF100%KEVCVE-2017-9841PHPUnit100%KEVCVE-2019-16920D-Link100%KEVCVE-2020-8515DrayTek100%KEVCVE-2022-44877CWP100%KEVCVE-2019-9670Synacor100%KEVCVE-2024-45519Synacor100%KEVCVE-2014-8361Realtek100%KEVCVE-2020-25506D-Link100%KEVCVE-2020-10189Zoho100%KEVCVE-2022-35405Zoho100%KEVCVE-2014-7169GNU100%KEVCVE-2022-29303SolarView100%KEVCVE-2015-1427Elastic100%KEVCVE-2021-44515Zoho100%KEVCVE-2021-35394Realtek100%KEVCVE-2017-7269Microsoft100%KEVCVE-2020-7961Liferay100%KEVCVE-2016-6277NETGEAR100%KEVCVE-2020-15505Ivanti100%KEVCVE-2019-16759vBulletin100%KEVCVE-2016-10033PHP100%KEVCVE-2017-1000353Jenkins100%KEVCVE-2025-48703CWP100%KEVCVE-2020-16846SaltStack100%KEVCVE-2021-37415Zoho100%KEVCVE-2018-20062ThinkPHP100%KEVCVE-2022-35914Teclib100%KEVCVE-2021-32030ASUS99%KEVCVE-2014-6287Rejetto99%KEVCVE-2021-3156Sudo99%KEVCVE-2020-10199Sonatype99%KEVCVE-2019-16278Nostromo99%KEVCVE-2020-7247OpenBSD99%KEVCVE-2026-24061GNU99%KEVCVE-2024-50603Aviatrix99%KEVCVE-2017-15944Palo Alto Networks98%KEVCVE-2018-1000861Jenkins98%KEVCVE-2021-35395Realtek98%KEVCVE-2023-25280D-Link98%KEVCVE-2020-25078D-Link98%KEVCVE-2021-45382D-Link98%KEVCVE-2020-11738WordPress98%KEVCVE-2021-36380Sunhillo98%KEVCVE-2019-9082ThinkPHP97%KEVCVE-2007-3010Alcatel97%KEVCVE-2020-25213WordPress97%KEVCVE-2019-7256Nice97%KEVCVE-2015-2051D-Link97%KEVCVE-2017-8291Artifex97%KEVCVE-2020-25223Sophos97%KEVCVE-2009-0927Adobe97%KEVCVE-2020-11651SaltStack96%KEVCVE-2017-17562Embedthis96%KEVCVE-2023-52163Digiever96%KEVCVE-2018-14847MikroTik96%KEVCVE-2019-20085TVT96%KEVCVE-2019-10068Kentico96%KEVCVE-2020-5847Unraid96%KEVCVE-2019-20500D-Link96%KEVCVE-2022-41352Synacor95%KEVCVE-2009-1151phpMyAdmin95%KEVCVE-2025-47812Wing FTP Server95%KEVCVE-2023-25717Ruckus Wireless95%KEVCVE-2017-12637SAP95%KEVCVE-2017-18368Zyxel95%KEVCVE-2019-12989Citrix94%KEVCVE-2007-5659Adobe94%KEVCVE-2017-1000486Primetek94%KEVCVE-2024-48248NAKIVO94%KEVCVE-2018-14933NUUO94%KEVCVE-2021-44077Zoho94%KEVCVE-2018-10561Dasan93%KEVCVE-2020-5849Unraid93%KEVCVE-2021-40870Aviatrix92%KEVCVE-2025-30406Gladinet92%KEVCVE-2025-54309CrushFTP92%KEVCVE-2020-8657EyesOfNetwork92%KEVCVE-2020-29583Zyxel90%KEVCVE-2020-17463Fuel CMS90%KEVCVE-2019-17621D-Link90%KEVCVE-2025-49113Roundcube89%KEVCVE-2018-14839LG89%KEVCVE-2017-5521NETGEAR89%KEVCVE-2014-3120Elastic89%KEVCVE-2020-17496vBulletin88%KEVCVE-2024-58136Yiiframework88%KEVCVE-2022-26143Mitel88%KEVCVE-2021-40655D-Link87%KEVCVE-2018-9276Paessler87%KEVCVE-2020-8644PlaySMS87%KEVCVE-2020-11652SaltStack86%KEVCVE-2021-31755Tenda86%KEVCVE-2018-19410Paessler86%KEVCVE-2020-7796Synacor85%KEVCVE-2023-38950ZKTeco85%KEVCVE-2020-15415DrayTek85%KEVCVE-2020-28949PEAR85%KEVCVE-2020-12641Roundcube84%KEVCVE-2019-9874Sitecore84%KEVCVE-2015-3035TP-Link84%KEVCVE-2017-11317Telerik83%KEVCVE-2016-10174NETGEAR83%KEVCVE-2010-1871Red Hat83%KEVCVE-2010-3765Mozilla83%KEVCVE-2015-1187D-Link and TRENDnet83%KEVCVE-2024-42009Roundcube83%KEVCVE-2021-27561Yealink83%KEVCVE-2012-4969Microsoft82%KEVCVE-2022-26258D-Link81%KEVCVE-2019-9621Synacor81%KEVCVE-2023-22952SugarCRM80%KEVCVE-2020-10987Tenda80%KEVCVE-2023-49103ownCloud78%KEVCVE-2022-26318WatchGuard78%KEVCVE-2020-8816Pi-hole78%KEVCVE-2019-15949Nagios78%KEVCVE-2023-34192Synacor77%KEVCVE-2018-15133Laravel77%KEVCVE-2008-0015Microsoft77%KEVCVE-2020-13965Roundcube77%KEVCVE-2019-7238Sonatype77%KEVCVE-2021-25298Nagios75%KEVCVE-2017-9248Progress75%KEVCVE-2012-0391Apache75%KEVCVE-2019-12991Citrix75%KEVCVE-2005-2773Hewlett Packard (HP)74%KEVCVE-2018-15811DotNetNuke (DNN)74%KEVCVE-2018-18325DotNetNuke (DNN)74%KEVCVE-2019-9978WordPress74%KEVCVE-2024-37383Roundcube73%KEVCVE-2017-6316Citrix73%KEVCVE-2021-25296Nagios72%KEVCVE-2017-6334NETGEAR72%KEVCVE-2016-2386SAP71%KEVCVE-2020-36193PEAR71%KEVCVE-2022-28810Zoho70%KEVCVE-2012-1535Adobe70%KEVCVE-2016-11021D-Link69%KEVCVE-2017-6077NETGEAR68%KEVCVE-2023-29552IETF66%KEVCVE-2019-8394Zoho64%KEVCVE-2015-4068Arcserve64%KEVCVE-2015-7755Juniper61%KEVCVE-2018-7445MikroTik61%KEVCVE-2016-20017D-Link60%KEVCVE-2023-37580Synacor59%KEVCVE-2013-7331Microsoft58%KEVCVE-2020-8655EyesOfNetwork57%KEVCVE-2020-26919NETGEAR57%KEVCVE-2022-37055D-Link57%KEVCVE-2023-43770Roundcube57%KEVCVE-2025-47813Wing FTP Server56%KEVCVE-2020-29557D-Link54%KEVCVE-2020-25079D-Link53%KEVCVE-2019-13272Linux52%KEVCVE-2016-2388SAP52%KEVCVE-2025-25181Advantive50%KEVCVE-2022-23227NUUO49%KEVCVE-2021-26829OpenPLC48%KEVCVE-2025-32463Sudo48%KEVCVE-2016-3976SAP47%KEVCVE-2022-39197Fortra46%KEVCVE-2025-30066tj-actions45%KEVCVE-2021-44026Roundcube43%KEVCVE-2017-16651Roundcube43%KEVCVE-2023-33538TP-Link43%KEVCVE-2019-16928Exim42%KEVCVE-2014-100005D-Link42%KEVCVE-2011-1823Android42%KEVCVE-2024-41710Mitel41%KEVCVE-2021-25297Nagios41%KEVCVE-2013-6282Linux40%KEVCVE-2013-3660Microsoft40%KEVCVE-2021-26828OpenPLC39%KEVCVE-2019-11001Reolink38%KEVCVE-2008-0655Adobe37%KEVCVE-2020-10221rConfig37%KEVCVE-2019-19006Sangoma36%KEVCVE-2025-29635D-Link35%KEVCVE-2010-5330Ubiquiti34%KEVCVE-2013-5223D-Link34%KEVCVE-2020-35730Roundcube32%KEVCVE-2023-39780ASUS32%KEVCVE-2025-68645Synacor32%KEVCVE-2022-40799D-Link31%KEVCVE-2024-57968Advantive30%KEVCVE-2019-15752Docker30%KEVCVE-2019-19356Netis28%KEVCVE-2014-3931Looking Glass27%KEVCVE-2009-1862Adobe25%KEVCVE-2016-9563SAP24%KEVCVE-2020-9377D-Link21%KEVCVE-2020-24363TP-Link21%KEVCVE-2025-68461Roundcube20%KEVCVE-2024-27443Synacor20%KEVCVE-2020-11899Treck TCP/IP stack18%KEVCVE-2010-5326SAP18%KEVCVE-2021-44207Acclaim Systems18%KEVCVE-2022-27926Synacor17%KEVCVE-2020-10181Sumavision14%KEVCVE-2019-9875Sitecore14%KEVCVE-2022-38181Arm13%KEVCVE-2022-23176WatchGuard12%KEVCVE-2021-28663Arm12%KEVCVE-2025-66376Synacor12%KEVCVE-2020-15069Sophos11%KEVCVE-2018-14558Tenda9%KEVCVE-2010-4398Microsoft9%KEVCVE-2025-48927TeleMessage8%KEVCVE-2004-0210Microsoft8%KEVCVE-2008-3431Oracle7%KEVCVE-2021-28664Arm6%KEVCVE-2002-0367Microsoft5%KEVCVE-2004-1464Cisco5%KEVCVE-2019-16256SIMalliance5%KEVCVE-2019-18988TeamViewer5%KEVCVE-2020-29574Sophos5%KEVCVE-2025-27915Synacor4%KEVCVE-2025-54313Prettier4%KEVCVE-2016-3643SolarWinds4%KEVCVE-2016-8562Siemens4%KEVCVE-2025-47827IGEL4%KEVCVE-2013-2596Linux3%KEVCVE-2011-4723D-Link3%KEVCVE-2021-27562Arm3%KEVCVE-2025-66644Array Networks 3%KEVCVE-2021-29256Arm3%KEVCVE-2022-42948Fortra3%KEVCVE-2023-29492Novi Survey3%KEVCVE-2025-32975Quest2%KEVCVE-2025-59689Libraesva2%KEVCVE-2025-27920Srimax2%KEVCVE-2025-48700Synacor2%KEVCVE-2013-2597Code Aurora2%KEVCVE-2024-39891Twilio1%KEVCVE-2023-26083Arm1%KEVCVE-2026-48172LiteSpeed1%KEVCVE-2022-22706Arm1%KEVCVE-2026-54420LiteSpeed1%KEVCVE-2025-47729TeleMessage0%KEVCVE-2025-48928TeleMessage0%KEV
05

Coverage & confidence

— what this profile claims, and what it does not

Established (cited)

  • Cited in 316 known-exploited records — the list below; every one links to its public source.
  • Catalogued 316 CVE record(s) as the CNA assigner (from CVE.org).

    • Coverage gaps — stated, not hidden

  • This profile is an aggregation: it asserts only what the listed records already cite — no new external claim about the contributor is made.
  • The TYPE badge and the narrative-stage mapping are editorial (our call), labeled as such, not a sourced fact.
  • No vendor advisory home domain is cited for this contributor in the corpus.