Total CVEs
2735
last 14 days
Avg Priority
33.0
of max 220
KEV
3
actively exploited
POC
356
public exploits
Unpatched
709
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-5281
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had co
109
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An
Priority Distribution
| Priority | CVE |
|---|---|
| 12 |
CVE-2026-35648
OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued no
|
| 12 |
CVE-2026-34720
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0
|
| 12 |
CVE-2026-5448
X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A
|
| 11 |
CVE-2026-5381
An issue that could expose task information outside of the authorized organizati
|
| 11 |
CVE-2026-32607
Discourse is an open-source discussion platform. From versions 2026.1.0-latest t
|
| 11 |
CVE-2026-4794
Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF before 25.
|
| 11 |
CVE-2026-35200
### Impact
A file can be uploaded with a filename extension that passes the fil
|
| 11 |
CVE-2026-39349
OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to
|
| 11 |
CVE-2026-5476
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is th
|
| 11 |
CVE-2025-7741
Hardcoded Password Vulnerability have been found in CENTUM. Affected products co
|
| 11 |
CVE-2026-28527
BlueKitchen BTstack contains an out-of-bounds read vulnerability in the AVRCP Co
|
| 11 |
CVE-2026-28526
BlueKitchen BTstack contains an out-of-bounds read vulnerability in the AVRCP Co
|
| 11 |
CVE-2026-28528
BlueKitchen BTstack contains an out-of-bounds read vulnerability in the AVRCP Br
|
| 10 |
CVE-2026-34248
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0
|
| 10 |
CVE-2026-5772
A 1-byte stack buffer over-read was identified in the MatchDomainName function (
|
| 10 |
CVE-2026-5778
Integer underflow in wolfSSL packet sniffer <= 5.9.0 allows an attacker to cause
|
| 10 |
CVE-2026-33073
Discourse is an open-source discussion platform. From versions 2026.1.0-latest t
|
| 10 |
CVE-2026-27949
Plane is an an open-source project management tool. Prior to 1.3.0, a vulnerabil
|
| 10 |
CVE-2026-5473
A vulnerability has been found in NASA cFS up to 7.0.0. The impacted element is
|
| 10 |
CVE-2026-32970
OpenClaw before 2026.3.11 contains a credential fallback vulnerability where una
|
| 9 |
CVE-2026-34743
XZ Utils provide a general-purpose data-compression library plus command-line to
|
| 8 |
CVE-2026-40072
web3.py allows you to interact with the Ethereum blockchain using Python. From 6
|
| 5 |
CVE-2026-34983
Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 730d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2298d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2111d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1725d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2228d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4975d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1196d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 998d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3752d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 900d |
Prev
2 / 2