Daily updates · NVD & CISA KEV
Appaloosa Scout
CVE watchtower for your mobile app fleet.
Public CVE references for iOS and Android mobile apps. Search by bundle ID, CISA KEV tracking, transparent methodology.
2 323 Tracked apps · 156 Indexed CVEs · 137 Active KEVs
Apps currently in KEV
All KEVs →
Microsoft Word
iOS
com.microsoft.Office.Word
10 ouvertes
10 exploited
Microsoft Word
Android
com.microsoft.office.word
10 ouvertes
10 exploited
Microsoft Edge
iOS
com.microsoft.msedge
9 ouvertes
9 exploited
Microsoft Edge
Android
com.microsoft.emmx
9 ouvertes
9 exploited
Microsoft Excel
iOS
com.microsoft.Office.Excel
6 ouvertes
6 exploited
Microsoft Excel
Android
com.microsoft.office.excel
6 ouvertes
6 exploited
Recently indexed CVEs
All CVEs →- CVE-2026-42090 CRITICAL 9.6 Notesnook is a note-taking app focused on user privacy & ease of use. Prior to Notesnook Web/Desktop version 3.3.15 and prior to Notesnook …
- CVE-2026-5281 HIGH 8.8 KEV Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execu…
- CVE-2026-3909 HIGH 8.8 KEV Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a …
- CVE-2026-3910 HIGH 8.8 KEV Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a san…
- CVE-2026-2441 HIGH 8.8 KEV Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a cr…
- CVE-2025-14174 HIGH 8.8 KEV Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds mem…
- CVE-2025-13223 HIGH 8.8 KEV Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafte…
- CVE-2025-10585 CRITICAL 9.8 KEV Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafte…
- CVE-2025-55177 MEDIUM 5.4 KEV Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.2…
- CVE-2025-6558 HIGH 8.8 KEV Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potential…
- CVE-2025-6554 HIGH 8.1 KEV Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML p…
- CVE-2025-5419 HIGH 8.8 KEV Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption…
Tracked apps
View all →
3cxphone14
iOS
com.3cx.3cxphone14
Aucune vulnérabilité connue
A
Android
fr.gouv.tchap.a
Aucune vulnérabilité connue
A
Android
com.zoho.creator.a
Aucune vulnérabilité connue
A120s
Android
air.com.multimaths.A120s
Aucune vulnérabilité connue
Aas2
Android
com.rsupport.rs.activity.rsupport.aas2
Aucune vulnérabilité connue
Abc
Android
com.binibambini.abc
Aucune vulnérabilité connue
Absworkout
Android
sixpack.sixpackabs.absworkout
Aucune vulnérabilité connue
Acalendar
Android
org.withouthat.acalendar
Aucune vulnérabilité connue
Accilinemobile
Android
com.ayming.accilinemobile
Aucune vulnérabilité connue
Accountaccess
Android
com.fullsix.android.labanquepostale.accountaccess
Aucune vulnérabilité connue
Accountaccess
Android
com.adobe.ims.accountaccess
Aucune vulnérabilité connue
Accubattery
Android
com.digibites.accubattery
Aucune vulnérabilité connue
Why Appaloosa Scout?
Public reference source for mobile security.
Official sourcesNVD (NIST) and CISA KEV only. No scraping of unverified sources.
Daily updatesHourly NVD sync, daily KEV. Every mobile CVE published during the day appears here.
Search by bundle IDBuilt for CISOs and MDM admins: com.microsoft.Office.Outlook matches directly.
Need full MDM management for your mobile fleet?
Discover Appaloosa MDM →