Richard Hofrance Bankouezi · Consultant cyberdéfense MÉRIDIEN 002 · 47.0°N // 2.3°E · UTC+2 Disponible · missions Q3 2027
Richard Hofrance Bankouezi
§ Veille · exploitation active

Menace.

Lecture en temps réel de l’exploitation active : ce qui est réellement attaqué, pas seulement ce qui est grave. Sources publiques (CISA KEV, FIRST EPSS, veille), recoupées et datées.

Explorer le catalogue →
DERNIÈRE SYNCHRO · 03 juil. 2026, 09:49 · SOURCES PUBLIQUES
CATALOGUE KEV · il y a 59 minutes // SCORES EPSS/CVSS · il y a 59 minutes // VEILLE · il y a 42 minutes // INFRASTRUCTURE C2 · il y a 42 minutes
01 · Ce qui est réellement exploité · priorité au risque réel, pas au volume
1631
Vulnérabilités activement exploitées (KEV)
328
Liées à des campagnes de ransomware
226
Critiques · forte exploitabilité ET ransomware
20
Ajoutées ces 30 derniers jours
Délai de correction imposé (échéance CISA − date d'ajout)
83 urgentes ≤ 7 jours · exploitation massive
≤ 7 j · 83 8 à 21 j · 1284 > 21 j · 264
Exploitabilité (EPSS) vs sévérité (CVSS)
« Grave » ne veut pas dire « exploité ». Le quadrant qui compte est en haut à droite · grave ET probable. Les points cuivre sont liés au ransomware.
Couverture CVSS · 1631 sur 1631 vulnérabilités notées (enrichissement en continu depuis CVE.org).
Top · les plus probablement exploités (EPSS %)
Voir les données
CVEEPSS %
CVE-2021-21985100 %
CVE-2021-22005100 %
CVE-2019-11510100 %
CVE-2021-26855100 %
CVE-2021-34473100 %
CVE-2019-0708100 %
CVE-2018-13379100 %
CVE-2021-35464100 %
CVE-2020-5902100 %
CVE-2019-19781100 %
Répartition de l'exploitabilité · probabilité EPSS (1631 KEV)
Voir les données
ProbabilitéVulnérabilités
< 10 %399
10 · 50 %388
50 · 90 %406
≥ 90 %438
Part liée au ransomware
02 · Où et comment · fournisseurs ciblés et familles de faiblesses
Fournisseurs les plus ciblés (catalogue KEV)
Voir les données
FournisseurKEV
Microsoft378
Cisco93
Apple93
Adobe79
Google72
Oracle44
Apache39
Ivanti35
Familles de faiblesses les plus exploitées (CWE)
Voir les données
Famille (CWE)KEV
Validation d’entrée insuffisante118
Injection de commande système (OS)104
Écriture hors limites100
Utilisation après libération (use-after-free)92
Débordement de tampon84
Traversée de répertoire75
Désérialisation de données non fiables67
Injection de code65
Exploitation active dans le temps · ajouts KEV / mois
Voir les données
MoisTotalRansomware
août 25150
sept. 25161
oct. 25312
nov. 25110
déc. 25201
janv. 26172
févr. 26282
mars 26261
avr. 26318
mai 26212
juin 26232
juil. 2610
Infrastructure de commande et contrôle (C2) suivie
Serveurs de pilotage de botnets suivis par abuse.ch (Feodo Tracker) · familles principales : QakBot (4) · Emotet (1)
5suivis 1en ligne
03 · Veille · sources publiques, recoupées et datées
Agrégat de sources publiques · titre + extrait + lien vers la source
The Hacker Newsdans 3 heures

PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords

Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data. The stealer, discovered by Jamf Threat Labs, i...
@cveNotifyil y a 1 heure

🚨 CVE-2026-9756The GenerateBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Headline Block 'linkMetaFieldType'...

🚨 CVE-2026-9756The GenerateBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Headline Block 'linkMetaFieldType' Dynamic Link Attribute in all versions up to, and including, 2.2.1 due to insufficient input sanitiz...
@cveNotifyil y a 1 heure

🚨 CVE-2026-4804The Zakra theme for WordPress is vulnerable to Stored Cross-Site Scripting via post meta values in all versions up to, and i...

🚨 CVE-2026-4804The Zakra theme for WordPress is vulnerable to Stored Cross-Site Scripting via post meta values in all versions up to, and including, 4.2.0. This is due to the theme registering three post meta fields (zakra_menu_item_color,...
@cveNotifyil y a 1 heure

🚨 CVE-2026-47896Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene.Net (Lucene.N...

🚨 CVE-2026-47896Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene.Net (Lucene.Net.Replicator library).This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through...
@cveNotifyil y a 1 heure

🚨 CVE-2026-35159Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker...

🚨 CVE-2026-35159Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure...
@cveNotifyil y a 1 heure

🚨 CVE-2026-11900The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Insecure Direct Object Reference in versio...

🚨 CVE-2026-11900The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 2.8.16 via the 'data' attribute of the [adinserter] shortcode. This is due to...
@cveNotifyil y a 1 heure

🚨 CVE-2026-11778The The CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x plugin for WordPress is vulnerable to arbitrar...

🚨 CVE-2026-11778The The CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.2.14. This is due to the software allo...
@cveNotifyil y a 1 heure

🚨 CVE-2026-11398The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to authorization byp...

🚨 CVE-2026-11398The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.6.1. This is due to the plugin not properly verifying th...
@cveNotifyil y a 1 heure

🚨 CVE-2026-35075An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full acce...

🚨 CVE-2026-35075An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices.🎖@cveNotify
The Registeril y a 2 heures

User swore hacker called General Failure had invaded his PC

Maybe they were looking for Private Data
@cveNotifyil y a 2 heures

🚨 CVE-2026-9230The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in...

🚨 CVE-2026-9230The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a u...
@cveNotifyil y a 2 heures

🚨 CVE-2026-9148The Comments – wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the guest commenter 'Website'...

🚨 CVE-2026-9148The Comments – wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the guest commenter 'Website' field in versions up to, and including, 7.6.56 This is due to insufficient output escaping in the ge...
@cveNotifyil y a 2 heures

🚨 CVE-2026-8804Puppet resource_api (shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x) does not preserve the sensitive f...

🚨 CVE-2026-8804Puppet resource_api (shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x) does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cle...
@cveNotifyil y a 2 heures

🚨 CVE-2026-8351The RTMKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Heading widget's 'Background T...

🚨 CVE-2026-8351The RTMKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Heading widget's 'Background Text' parameter in versions up to, and including, 2.0.7 This is due to insufficient output escaping o...
@cveNotifyil y a 2 heures

🚨 CVE-2026-47898Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net (Lucene.Net.Analysis.Common librar...

🚨 CVE-2026-47898Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net (Lucene.Net.Analysis.Common library).This issue affects Apache Lucene.Net.Analysis.Common: from 4.8.0-beta00005 before 4.8.0-beta00018...
@cveNotifyil y a 2 heures

🚨 CVE-2026-47897Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene.Net (Lucene.N...

🚨 CVE-2026-47897Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene.Net (Lucene.Net.Replicator library).This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 before...
@cveNotifyil y a 2 heures

🚨 CVE-2026-14544A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631...

🚨 CVE-2026-14544A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can o...
@cveNotifyil y a 3 heures

🚨 CVE-2026-9547When a libcurl-based application performs transfers via `SCP://` or `SFTP://`and utilizes the `CURLOPT_SSH_KEYFUNCTION` call...

🚨 CVE-2026-9547When a libcurl-based application performs transfers via `SCP://` or `SFTP://`and utilizes the `CURLOPT_SSH_KEYFUNCTION` callback, it may silently accept anuntrusted server. This vulnerability occurs when a server presents a...
Richard Hofrance Bankouezi
Concevoir la défense.
La tenir · avec vous.
Me contacter
MÉRIDIEN 002 · 47.0°N // 2.3°E · UTC+2
Disponible Q3 2027 · réponse < 48 h
© 2026 Richard Hofrance Bankouezi
Mentions légales · Conditions · Confidentialité