Famous CVEs

A small catalog of vulnerabilities that earned their own names. Every card links to the canonical CVE-detail page so the severity, EPSS, KEV status, and mitigating-control analysis is one hop away. Updated 29 May 2026 12:36 UTC .

regreSSHion

CVE-2024-6387 · 2024

Signal-handler race in OpenSSH sshd that re-introduced a 2006 RCE — pre-auth, root, exploitable under tight conditions.

XZ backdoor

CVE-2024-3094 · 2024

Multi-year supply-chain implant in xz-utils that targeted OpenSSH via systemd's liblzma linkage — caught days before it hit stable distros.

Dirty Pipe

CVE-2022-0847 · 2022

Linux pipe-buffer flag mishandling let an unprivileged user overwrite data in arbitrary read-only files.

Follina

CVE-2022-30190 · 2022

Office MSDT URI handler executed arbitrary PowerShell from a Word document — no macros required.

Log4Shell

CVE-2021-44228 · 2021

Unauthenticated RCE in Apache Log4j via JNDI lookup substitution in a single logged string.

PrintNightmare

CVE-2021-34527 · 2021

Windows Print Spooler RCE/LPE — Microsoft patched it, then re-patched, then re-patched again.

ProxyLogon

CVE-2021-26855 · 2021

Exchange SSRF that became pre-auth RCE when chained — the first half of HAFNIUM's mass-compromise spree.

ProxyShell

CVE-2021-34473 · 2021

Exchange Server pre-auth RCE chain (path confusion + privilege escalation + arbitrary write) used heavily by ransomware crews.

ZeroLogon

CVE-2020-1472 · 2020

Netlogon cryptographic flaw let any unauthenticated attacker on the network reset a domain controller's machine password.

BlueKeep

CVE-2019-0708 · 2019

Pre-auth wormable RCE in Windows RDP — Microsoft was alarmed enough to ship XP patches.

Meltdown

CVE-2017-5754 · 2018

Out-of-order execution side channel on Intel CPUs that let unprivileged code read kernel memory.

Spectre

CVE-2017-5753 · 2018

Speculative-execution side channel (bounds-check bypass) that leaks data across security boundaries on virtually every modern CPU.

EternalBlue

CVE-2017-0144 · 2017

SMBv1 RCE leaked from the NSA via Shadow Brokers; the engine behind WannaCry and NotPetya.

KRACK

CVE-2017-13077 · 2017

WPA2 four-way handshake key-reinstallation flaw that let an attacker decrypt Wi-Fi traffic.

Dirty COW

CVE-2016-5195 · 2016

Race condition in the Linux kernel's copy-on-write handling that turned read-only mappings into a local root primitive.

DROWN

CVE-2016-0800 · 2016

Cross-protocol attack reusing a still-enabled SSLv2 endpoint to break TLS sessions sharing the same RSA key.

GHOST

CVE-2015-0235 · 2015

Heap buffer overflow in glibc's gethostbyname() reachable from many network-facing daemons.

Heartbleed

CVE-2014-0160 · 2014

OpenSSL TLS heartbeat extension leaked up to 64 KB of process memory per request, exposing keys and passwords.

POODLE

CVE-2014-3566 · 2014

SSL 3.0 CBC padding oracle that let a network attacker decrypt session cookies one byte at a time.

Shellshock

CVE-2014-6271 · 2014

Bash parsed function definitions out of environment variables, turning CGI servers into remote shells.