dahua
CVE Numbering Authority
Latest CVE published
Overview
dahua is a CVE Numbering Authority that has published 45 CVE records since 2017. It is currently classified as active, with 10 CVEs published in the last two years. Its CVE data quality is graded F (53.9% overall completeness).
Among the 370 CNAs tracked here, dahua ranks #176 by CVE volume and reports more complete records than 9% of all CNAs.
Data quality report card
How complete and consistent dahua's CVE records are, scored across vendor, product, CVSS, and CWE coverage.
A CVE record only requires a description to be published. “Completeness” measures how often dahua also fills in the optional — but extremely useful — fields that make a vulnerability actually actionable: the affected vendor and product, a CVSS severity score, and a CWE weakness type. A higher score means more of this CNA’s CVEs include those details, so defenders spend less time enriching records by hand.
Report card grade
53.9%
Overall score
What these scores mean
- Vendor completeness
- The share of this CNA's CVEs that name an affected vendor.
- Product completeness
- The share that name a specific affected product.
- CVSS completeness
- The share that include a CVSS severity score.
- CWE completeness
- The share mapped to a CWE weakness type.
- Update rate
- How often this CNA revises CVE records after first publishing them.
- Vendor diversity
- How many distinct vendors this CNA publishes CVEs for.
Severity and exploitation
How the CVSS severity of dahua's published CVEs breaks down, and how many are known to be exploited in the wild.
In CISA’s Known Exploited Vulnerabilities catalog
2
2 of dahua's CVEs are confirmed exploited in the wild and carry a CISA remediation deadline.
Common weakness types
The CWE weakness categories dahua most often assigns to its CVEs. Follow any weakness to its full explanation.
- CWE-306Missing Authentication for Critical Function4 CVEs
- CWE-617Reachable Assertion3 CVEs
- CWE-284Improper Access Control3 CVEs
- CWE-770Allocation of Resources Without Limits or Throttling2 CVEs
- CWE-287Improper Authentication2 CVEs
- CWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')2 CVEs
- CWE-552Files or Directories Accessible to External Parties1 CVE
- CWE-434Unrestricted Upload of File with Dangerous Type1 CVE
Publishing activity by year
How many CVEs dahua has published each year.
Top vendors
The vendors dahua publishes the most CVEs for.
- dahuasecurity42 CVEs
- Dahua27 CVEs
- microsoft3 CVEs
- linux2 CVEs
Top products
The products dahua publishes the most CVEs for.
- dhi-dss7016dr-s2 firmware12 CVEs
- dss express12 CVEs
- dhi-dss4004-s2 firmware12 CVEs
- dhi-dss7016dr-s212 CVEs
- dhi-dss7016d-s212 CVEs
- dhi-dss7016d-s2 firmware12 CVEs
- dhi-dss4004-s212 CVEs
- dss professional12 CVEs
Latest CVEs
The most recent CVEs assigned by dahua.
- CVE-2026-29116CWE-617High · CVSS 8.7EPSS 0.4%2026-06-10
- CVE-2026-29115CWE-617Medium · CVSS 6.9EPSS 0.4%2026-06-10
- CVE-2026-29114CWE-538Low · CVSS 2.3EPSS 0.2%2026-06-10
- CVE-2025-31703CWE-305Low · CVSS 2.4EPSS 0.2%2026-03-18
- CVE-2025-31702CWE-732Medium · CVSS 6.8EPSS 0.3%2025-10-15
- CVE-2025-31701CWE-120High · CVSS 8.1EPSS 0.8%2025-07-23
- CVE-2025-31700CWE-120High · CVSS 8.1EPSS 0.8%2025-07-23
- CVE-2024-39950CWE-121Critical · CVSS 9.8EPSS 0.5%2024-07-31
- CVE-2024-39949CWE-617High · CVSS 7.5EPSS 0.6%2024-07-31
- CVE-2024-39948CWE-476High · CVSS 7.5EPSS 0.6%2024-07-31
- CVE-2024-39947Medium · CVSS 6.5EPSS 0.5%2024-07-31
- CVE-2024-39946High · CVSS 7.2EPSS 0.4%2024-07-31
Track new dahua CVEs as they are published and get AI-written analysis and remediation guidance.
Monitor dahua CVEsOther CNAs
Compare data quality across other CVE Numbering Authorities.
Frequently asked questions
Common questions about the dahua CNA.
- What is the dahua CNA?
- dahua is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 45 CVE records since 2017.
- How many CVEs has dahua published?
- dahua has published 45 CVE records, including 10 in the last two years.
- What is dahua's CVE data quality grade?
- RadicalNotion.AI grades dahua's CVE data quality as F, with an overall completeness score of 53.9%. This reflects how consistently its CVE records include vendor (42.2%), product (100%), CVSS (22.2%), and CWE (51.1%) information.
- What products does dahua publish CVEs for?
- dahua most frequently publishes CVEs for dhi-dss7016dr-s2 firmware, dss express, dhi-dss4004-s2 firmware, dhi-dss7016dr-s2, dhi-dss7016d-s2.
- Which vendors does dahua cover?
- dahua publishes CVEs across 4 distinct vendors, most often dahuasecurity, Dahua, microsoft, linux.
- Is dahua actively publishing CVEs?
- dahua is currently active, based on 10 CVEs in the last two years.
- What is the average severity of dahua's CVEs?
- The average CVSS base score across dahua's scored CVEs is 7.2.
- How many critical CVEs has dahua published?
- dahua has published 7 critical-severity CVEs and 21 high-severity CVEs.
- Are any of dahua's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- Yes. 2 of dahua's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
- What are the most common weakness types in dahua's CVEs?
- dahua's CVEs most often map to these CWE weakness types: CWE-306 (Missing Authentication for Critical Function), CWE-617 (Reachable Assertion), CWE-284 (Improper Access Control), CWE-770 (Allocation of Resources Without Limits or Throttling).
- How does dahua rank among CNAs?
- By total CVE volume, dahua ranks #176 of 370 CNAs, and it reports more complete CVE records than 9% of all CNAs.
References
- Official CVE.org list of CNA partners (opens in a new tab)
- Learn: What is a CNA?
- CWE directory: the weakness types this CNA maps its CVEs to
CNA report-card grades are computed by RadicalNotion.AI from published CVE records. CVE data is sourced from the CVE Program.
Track dahua CVEs
Monitor new vulnerabilities as this CNA publishes them, with AI-written analysis and remediation guidance.