Every CVE whose affected-product data names Tecnick Tcpdf, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2018-17057 — CVSS 9.8 (critical): An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.