Vendor Products CVEs KEV Avg EPSS Worst Severity 1 8 0 27.1% CRITICAL
CVE ID Description Severity CVSS KEV EPSS Published CVE-2026-44603 Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007. CRITICAL 9.1 — 26.1% May 7, 2026 CVE-2026-44602 Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006. HIGH 7.5 — 24.7% May 7, 2026 CVE-2026-44601 Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009. HIGH 7.5 — 25.5% May 7, 2026 CVE-2026-44600 Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010. MEDIUM 5.3 — 29.7% May 7, 2026 CVE-2026-44599 Tor before 0.4.9.7 can attempt or accept BEGIN_DIR via conflux legs, aka TROVE-2026-008. MEDIUM 5.3 — 20.4% May 7, 2026 CVE-2026-44597 Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011. CRITICAL 9.1 — 35.9% May 7, 2026 CVE-2023-23589 The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. MEDIUM 6.5 — — Jan 14, 2023 CVE-2022-33903 Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation. HIGH 7.5 — — Jul 17, 2022