Total CVEs
2374
last 14 days
Avg Priority
26.2
of max 220
KEV
7
actively exploited
POC
137
public exploits
Unpatched
389
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
126
CVE-2026-41091
Improper link resolution before file access ('link following') in Microsoft Defender allows an autho
120
CVE-2026-48172
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp
117
CVE-2026-8398
A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows v
116
CVE-2026-48027
Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console,
108
CVE-2026-9082
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
92
CVE-2026-45498
Microsoft Defender Denial of Service Vulnerability
89
CVE-2026-34926
A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authentica
Priority Distribution
| Priority | CVE |
|---|---|
| 44 |
CVE-2026-44741
# GM-369
## Summary
SQL injection in Pimcore's translation grid date filter - t
|
| 44 |
CVE-2026-44926
InfoScale CmdServer before 7.4.2 mishandles access control.
|
| 44 |
CVE-2026-46837
Vulnerability in the Oracle Flow Manufacturing product of Oracle E-Business Suit
|
| 44 |
CVE-2026-41085
Thermo Fisher Scientific Torrent Suite Dx through 5.14.2 has a privilege escalat
|
| 44 |
CVE-2026-45717
## Summary
Budibase exposes a REST API for datasource management. The route `PU
|
| 44 |
CVE-2026-7498
Improper neutralization of input during web page generation ('cross-site scripti
|
| 44 |
CVE-2026-35676
phpMyFAQ before 4.1.3 contains an unauthenticated password reset vulnerability i
|
| 44 |
CVE-2026-45805
### Summary
The MCP module's `ReplServer` binds to all interfaces (`0.0.0.0:440
|
| 44 |
CVE-2026-46827
Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (componen
|
| 44 |
CVE-2026-9009
The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnera
|
| 44 |
CVE-2026-8992
An improper certificate validation vulnerability in Ivanti Secure Access Client
|
| 44 |
CVE-2026-9018
The Easy Elements for Elementor - Addons & Website Templates plugin for WordPres
|
| 44 |
CVE-2025-57282
ngrok v4.3.3 and 5.0.0-beta.2 is vulnerable to Command Injection.
|
| 44 |
CVE-2026-8915
Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflo
|
| 44 |
CVE-2026-48235
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/r
|
| 44 |
CVE-2026-46519
## Summary
`mcp-server-kubernetes` exposes three environment variables (`ALLOW_
|
| 44 |
CVE-2026-45044
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta
|
| 44 |
CVE-2026-6226
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthent
|
| 44 |
CVE-2026-36828
A command injection vulnerability exists in the /cgi-bin/tools/ajax_cmd endpoint
|
| 44 |
CVE-2026-46612
### Summary
The Fission `storagesvc` component registers archive CRUD handlers
|
| 44 |
CVE-2026-46826
Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (componen
|
| 44 |
CVE-2026-9208
Tanium addressed an unauthorized code execution vulnerability in Connect.
|
| 44 |
CVE-2026-5065
IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credential
|
| 44 |
CVE-2026-45230
DumbAssets through 1.0.11 contains a path traversal vulnerability in the POST /a
|
| 44 |
CVE-2026-36044
@pensar/apex <= 0.0.58 is vulnerable to OS command injection via the smart_enume
|
| 44 |
CVE-2026-8179
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM A
|
| 44 |
CVE-2026-8695
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list()
|
| 44 |
CVE-2026-8696
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() fu
|
| 44 |
CVE-2026-48544
Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in
|
| 44 |
CVE-2026-3294
An authentication logic vulnerability in multiple TP-Link range extenders allows
|
| 44 |
CVE-2026-44886
Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 202
|
| 44 |
CVE-2026-46366
phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the ge
|
| 44 |
CVE-2025-41669
The Web-based Management allows a remote low privileged Engineer user to install
|
| 44 |
CVE-2026-41147
### Impact
NukeViet CMS <= 4.5.08 contains a Stored Cross-Site Scripting (XSS)
|
| 44 |
CVE-2026-40850
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40811
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-9003
E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerabil
|
| 44 |
CVE-2026-40819
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40813
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40818
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40817
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40816
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40814
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40812
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40810
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40815
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-8654
Improper input validation in Delphix Continuous Data connectors allows an authen
|
| 44 |
CVE-2026-39352
Frappe is a full-stack web application framework. Versions prior to 15.105.0 and
|
| 44 |
CVE-2026-42959
NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vu
|
| 44 |
CVE-2026-42944
NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability
|
| 44 |
CVE-2026-47356
Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF)
|
| 44 |
CVE-2026-34241
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1
|
| 44 |
CVE-2026-8686
Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.
|
| 44 |
CVE-2025-41670
A local user with low privileges may be able to influence the behavior of a priv
|
| 44 |
CVE-2026-40165
authentik is an open-source identity provider. Versions 2025.12.4 and prior, and
|
| 44 |
CVE-2026-45800
Vvveb is a powerful and easy to use CMS with page builder to build websites, blo
|
| 44 |
CVE-2026-47102
LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /us
|
| 44 |
CVE-2026-44830
Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Serv
|
| 44 |
CVE-2026-49128
Music Player Daemon (MPD) before version 0.24.11 contains a path traversal vulne
|
| 44 |
CVE-2026-47100
Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing aut
|
| 44 |
CVE-2026-45270
## Summary
The `Pages` backend module registers the `html_purify` validation ru
|
| 44 |
CVE-2026-35089
In Slican telephone exchanges secure key is generated in a predictable manner us
|
| 44 |
CVE-2026-6009
Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote
|
| 44 |
CVE-2026-47074
Improper Certificate Validation vulnerability in ex-aws ex_aws_sns (ExAws.SNS, E
|
| 44 |
CVE-2026-42096
Sparx Pro Cloud Server is vulnerable to Broken Access Control within communicati
|
| 44 |
CVE-2026-47759
TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, t
|
| 44 |
CVE-2026-42197
RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd
|
| 44 |
CVE-2026-35671
phpMyFAQ before 4.1.3 contains an insecure direct object reference vulnerability
|
| 44 |
CVE-2026-47101
LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API key
|
| 44 |
CVE-2026-6346
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail
|
| 44 |
CVE-2026-47762
TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, t
|
| 44 |
CVE-2026-25606
A SQL injection vulnerability has been identified in STER. Improper neutralizati
|
| 44 |
CVE-2026-47760
TinyMCE is an open source rich text editor. From 6.8.0 to before 7.1.0, TinyMCE
|
| 44 |
CVE-2026-28445
Typebot is a chatbot builder tool. In versions 3.15.2 and prior, the RatingButto
|
| 44 |
CVE-2026-42098
Sparx Enterprise Architect software has a security feature that limits user's ac
|
| 44 |
CVE-2026-8697
Due to improper enforcement of authentication rate-limiting on a debug SSH servi
|
| 44 |
CVE-2026-44739
### Summary
The columnConfigAction endpoint in the CustomReportsBundle is vulner
|
| 44 |
CVE-2026-27173
JWT tokens that were used by workers in Kubernetes Executors have been exposed t
|
| 44 |
CVE-2026-35672
phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in API v4.
|
| 44 |
CVE-2026-45041
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta
|
| 44 |
CVE-2026-47761
TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, t
|
| 44 |
CVE-2026-24425
Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerabi
|
| 43 |
CVE-2026-26978
FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the back
|
| 43 |
CVE-2026-44088
SzafirHost verifies the signature of the downloaded JAR file using class JarInpu
|
| 43 |
CVE-2026-2652
A vulnerability in mlflow/mlflow versions 3.9.0 and earlier allows unauthenticat
|
| 43 |
CVE-2026-39310
Trilium Notes is a cross-platform, hierarchical note taking application focused
|
| 43 |
CVE-2026-42737
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
|
| 43 |
CVE-2025-30028
A vulnerability in Active Backup for Business allows unauthorized remote attacke
|
| 43 |
CVE-2026-8958
Information disclosure, sandbox escape in the Security: Process Sandboxing compo
|
| 43 |
CVE-2026-8851
SOGo 5.12.7 contains a SQL injection vulnerability in the Access Control List ma
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 776d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2344d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2157d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1771d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2274d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 5021d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1242d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1044d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3798d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 946d |