What these flaws actually unlock
Exploitability evidence earns attention; an attacker’s use case earns a decision. Every known-exploited record on this site aligns to one or more of five canonical attacker-outcome narratives — the bridge between a technical detail and a resource conversation. Tag the outcome, and the “why care” writes itself. Every count below is recomputed deterministically from the same cited record corpus; no new data, no model in the loop.
Most consequential exploits span more than one outcome: a pre-auth RCE is the front door a named crew uses to reach the keys to the kingdom and, from there, lights-out. A record counts toward every outcome its attack path reaches. Named-adversary attribution is sparse and surfaced as a coverage finding on each page — never papered over.
I’m inside from the internet — no credentials, no phishing required.
I turn one foothold into domain, cloud-tenant, or administrative control.
I pivot from a forgotten edge device into the systems that actually matter.
I read, copy, or exfiltrate the data that defines your liability.
I can halt your operations or hold them for ransom.