Security Dashboard

Priority	CVE	Severity	CVSS	EPSS	Indicators	Published
46	CVE-2026-39834 When writing data larger than 4GB in a single Write call on an SSH channel, an i	CRITICAL	9.1	0.0%	FIX	2026-05-22
46	CVE-2026-7876 IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19	CRITICAL	9.1	0.0%		2026-05-27
46	CVE-2026-31986 Use of Hard-coded Cryptographic Key vulnerability in Apache OFBiz. This issue a	CRITICAL	9.1	0.0%	FIX	2026-05-19
46	CVE-2026-39832 When adding a key to a remote agent constraint extensions such as restrict-desti	CRITICAL	9.1	0.0%	FIX	2026-05-22
46	CVE-2026-42508 Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked	CRITICAL	9.1	0.0%	FIX	2026-05-22
46	CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values	CRITICAL	9.1	0.0%	FIX	2026-05-20
46	CVE-2026-8598 An undocumented configuration export port is accessible on some models of ZKTec	CRITICAL	9.1	0.1%		2026-05-20
46	CVE-2026-33000 A malicious actor with access to the network and high privileges could exploit a	CRITICAL	9.1	0.1%	FIX	2026-05-22
46	CVE-2026-46819 Vulnerability in the Oracle Internet Procurement Connector product of Oracle E-B	CRITICAL	9.1	-		2026-05-28
46	CVE-2026-46354 ## Summary `azureidentity.Validate()` verifies that the PKCS#7 signer certifica	CRITICAL	9.1	-	FIX	2026-05-19
46	CVE-2026-44449 Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the prima	CRITICAL	9.1	0.1%	FIX	2026-05-26
46	CVE-2026-44632 ### Summary A Server-Side Code Injection vulnerability exists in the Yamcs algor	CRITICAL	9.1	-	FIX	2026-05-27
46	CVE-2026-46621 ### Summary A Server-Side Code Injection vulnerability exists in the Yamcs scrip	CRITICAL	9.1	-	FIX	2026-05-27
45	CVE-2026-22314 Improper Control of Generation of Code ('Code Injection') vulnerability in Mesal	CRITICAL	9.0	0.0%		2026-05-20
45	CVE-2026-48150 Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/ro	CRITICAL	9.0	0.0%	FIX	2026-05-27
45	CVE-2026-45721 ### Summary When Algernon is asked for any URL path that resolves to a director	CRITICAL	9.0	0.2%	FIX	2026-05-19
45	CVE-2026-46833 Vulnerability in the Net Service component of Oracle Database Server. Supported	CRITICAL	9.0	-		2026-05-28
45	CVE-2026-32999 Insufficient character filtering in backup agent signing module on Comet Backup	CRITICAL	9.0	0.0%	FIX	2026-05-28
0	CVE-2026-48700 An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When	CRITICAL	9.3	0.0%		2026-05-22
0	CVE-2026-46395 ### Summary The `hmacBase64()` function in the HAXcms Node.js backend contains t	CRITICAL	-	-	FIX	2026-05-19
0	CVE-2026-45568 ## Summary Alice exposes a Python SDK `ProxyShare` with a fixed target URL. Bob	CRITICAL	-	-		2026-05-19
0	CVE-2026-46633 ### Description `Compiler::string()` escapes `"`, `$`, `\`, NUL and TAB when ge	CRITICAL	-	-	FIX	2026-05-21
0	CVE-2026-46421 ## Impact On April 29, 2026, compromised versions of `@cap-js/sqlite@2.2.2`, `@	CRITICAL	-	-	FIX	2026-05-20

Oldest Unpatched Critical/High CVEs

CVE	Severity	CVSS	Priority	Days Open
CVE-2024-3400	CRITICAL	10.0	224	776d
CVE-2019-19781	CRITICAL	9.8	223	2344d
CVE-2020-5902	CRITICAL	9.8	223	2157d
CVE-2021-35464	CRITICAL	9.8	223	1771d
CVE-2020-10189	CRITICAL	9.8	223	2274d
CVE-2012-4681	CRITICAL	9.8	223	5021d
CVE-2022-42475	CRITICAL	9.8	223	1242d
CVE-2023-3519	CRITICAL	9.8	223	1044d
CVE-2015-7450	CRITICAL	9.8	222	3799d
CVE-2023-34048	CRITICAL	9.8	222	946d

Prev 3 / 3