ietf
Security Risk Profile
34
/100
lowSecurity Risk Score
Comprehensive risk assessment based on 24 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from April 25, 2007 to present
24
Total CVEs
7
Critical+High
4
Exploited
4
Unpatched
Threat Assessment
Avg CVSS
6.3
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
4
Critical/High
Risk Level
34/100
low
⚠️ 4 Active Exploits⚡ 3 Zero-Days
Severity Distribution
Critical
0High
7Medium
14Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
3Age Distribution
Common Weaknesses (CWE)
1
CSRF
1
Most Affected Products
1. Apache Tomcat14
2. Microsoft Windows 1011
3. Cisco IOS XE11
4. Microsoft Visual Studio 20227
5. Siemens Sinec Ins6
Recent Vulnerabilities
See more →REDHAT-BUG-2456338
CVSS 7.0high
4/8/2026🔧 No Patch
https://www.theregister.com/2025/08/14/madeyoureset_http2_flaw_lets_attackers/
unknown
'MadeYouReset' HTTP/2 flaw lets attackers DoS servers
8/14/2025🔧 No Patch
CVE-2025-27371
CVSS 6.9EPSS 0%medium
3/3/2025🔧 No Patch
CVE-2024-7596
CVSS 6.5medium
Generic UDP Encapsulation (GUE) (IETF Draft) do not validate or verify the source of a network packet
2/5/2025🔧 No Patch
CVE-2024-7595
CVSS 6.5medium
GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet
2/5/2025🔧 No Patch
CVE-2025-23018
CVSS 6.5EPSS 0%medium
1/14/2025🔧 No Patch
CVE-2025-23019
CVSS 6.5EPSS 0%medium
1/14/2025🔧 No Patch
CVE-2023-50923
CVSS 4.3medium
2/20/2024🔧 No Patch
REDHAT-BUG-2263240
CVSS 7.0high
2/7/2024🔧 No Patch
darkreading-20231010183742
unknown
Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event
10/10/2023⚠ Exploited⚡ Zero-Day🔧 No Patch
Monitor ietf in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.