Total CVEs
2535
last 14 days
Avg Priority
24.7
of max 220
KEV
7
actively exploited
POC
137
public exploits
Unpatched
391
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
126
CVE-2026-41091
Improper link resolution before file access ('link following') in Microsoft Defender allows an autho
120
CVE-2026-48172
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp
117
CVE-2026-8398
A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows v
116
CVE-2026-48027
Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console,
108
CVE-2026-9082
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
92
CVE-2026-45498
Microsoft Defender Denial of Service Vulnerability
89
CVE-2026-34926
A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authentica
Priority Distribution
| Priority | CVE |
|---|---|
| 41 |
CVE-2026-8994
The Login with NEAR plugin for WordPress is vulnerable to Authentication Bypass
|
| 41 |
CVE-2026-41076
RT is an open source, enterprise-grade issue and ticket tracking system. Version
|
| 41 |
CVE-2026-46402
Microsoft UFO open-source framework for intelligent automation across devices an
|
| 41 |
CVE-2026-48064
pam_usb provides hardware authentication for Linux using ordinary removable medi
|
| 41 |
CVE-2026-47784
In memcached before 1.6.42, password data for SASL password database authenticat
|
| 41 |
CVE-2026-47783
In memcached before 1.6.42, username data for SASL password database authenticat
|
| 41 |
CVE-2025-13392
Improper check for unusual or exceptional conditions vulnerability in SSO in Syn
|
| 41 |
CVE-2026-35194
Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and
|
| 41 |
CVE-2026-44051
In Netatalk 3.0.2 through 4.4.2, arbitrary file read via attacker-controlled sym
|
| 41 |
CVE-2026-4094
The FOX - Currency Switcher Professional for WooCommerce plugin for WordPress is
|
| 41 |
CVE-2026-8969
Mitigation bypass in the DOM: Security component. This vulnerability was fixed i
|
| 41 |
CVE-2026-48149
Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text
|
| 41 |
CVE-2026-7504
A flaw was found in Keycloak's URL validation logic during redirect operations.
|
| 41 |
CVE-2026-34358
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1
|
| 41 |
CVE-2026-46407
Vvveb is a powerful and easy to use CMS with page builder to build websites, blo
|
| 41 |
CVE-2026-24218
NVIDIA DGX OS contains a vulnerability in the factory provisioning process, wher
|
| 41 |
CVE-2026-8962
Mitigation bypass in the DOM: Security component. This vulnerability was fixed i
|
| 41 |
CVE-2026-45574
### Impact
An attacker on the network path between the ePA service and the Konne
|
| 40 |
CVE-2026-9095
Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions withou
|
| 40 |
CVE-2026-45135
### Summary
The FastCGI transport's `splitPos()` in [`modules/caddyhttp/reverse
|
| 40 |
CVE-2026-45062
### Summary
The `splitPos()` function in [`cgi.go`](https://github.com/php/fran
|
| 40 |
CVE-2026-45344
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the s
|
| 40 |
CVE-2026-45707
## Summary
When `ENABLE_MULTI_TENANT=true`, the HTTP transport documents that t
|
| 40 |
CVE-2026-48152
Budibase is an open-source low-code platform. Prior to 3.39.0, the single-dataso
|
| 40 |
CVE-2026-46828
Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (componen
|
| 40 |
CVE-2026-40172
authentik is an open-source identity provider. In versions prior to 2025.12.5 an
|
| 40 |
CVE-2026-45584
Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker
|
| 40 |
CVE-2026-9256
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_mo
|
| 40 |
CVE-2026-45260
### Summary
Pimcore's WebDAV asset endpoint exposes a `MOVE` operation through `
|
| 40 |
CVE-2026-6455
The WP Contact Form 7 DB Handler plugin for WordPress is vulnerable to Cross-Sit
|
| 40 |
CVE-2026-35277
Vulnerability in Oracle REST Data Services (component: Core). Supported version
|
| 40 |
CVE-2026-9277
shell-quote's `quote()` function did not validate object-token inputs against th
|
| 40 |
CVE-2026-24213
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend wher
|
| 40 |
CVE-2026-24214
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend wher
|
| 40 |
CVE-2026-4858
Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.
|
| 40 |
CVE-2026-3012
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. W
|
| 40 |
CVE-2025-11954
Cross-Site request forgery (CSRF) vulnerability in Sitemio Information Technolog
|
| 40 |
CVE-2026-37266
An issue in Responsive File Manager Responsive FileManager Version 9.14.0 allows
|
| 40 |
CVE-2026-45162
# GM-374
## Summary
Multiple locations in Pimcore v11 call PHP's `unserialize()
|
| 40 |
CVE-2026-6957
Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from fed
|
| 40 |
CVE-2026-44711
pam_usb provides hardware authentication for Linux using ordinary removable medi
|
| 40 |
CVE-2026-35266
Vulnerability in Oracle REST Data Services (component: Core). Supported version
|
| 39 |
CVE-2025-69600
Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to ex
|
| 39 |
CVE-2026-45322
Microsoft UFO open-source framework for intelligent automation across devices an
|
| 39 |
CVE-2026-24216
NVIDIA BioNemo for Linux contains a vulnerability where a user could cause a des
|
| 39 |
CVE-2026-8657
Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Prototype P
|
| 39 |
CVE-2026-44709
pam_usb provides hardware authentication for Linux using ordinary removable medi
|
| 39 |
CVE-2026-45250
The setcred(2) system call is only available to privileged users. However, befo
|
| 39 |
CVE-2026-45251
A file descriptor can be closed while a thread is blocked in a poll(2) or select
|
| 39 |
CVE-2026-22554
MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerabilit
|
| 39 |
CVE-2026-41702
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that o
|
| 39 |
CVE-2026-9255
Missing input source validation in the tool authorization prompt in Kiro CLI bef
|
| 39 |
CVE-2026-28764
MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerabil
|
| 39 |
CVE-2026-0856
Improper Access Control vulnerability in Mesalvo Meona Client Launcher Component
|
| 39 |
CVE-2026-41054
Pre-NVD disclosure via oss-security: oss-security mailing list - 2026/05/20. tio
|
| 39 |
CVE-2026-47310
Use after free vulnerability in Samsung Open Source Escargot allows Pointer Mani
|
| 39 |
CVE-2026-47314
Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflo
|
| 39 |
CVE-2025-43306
A logic issue was addressed with improved checks. This issue is fixed in macOS S
|
| 39 |
CVE-2026-47311
Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows
|
| 39 |
CVE-2026-38945
Command injection in Raynet rvia version 12.6 Update 8 and previous versions all
|
| 39 |
CVE-2026-45208
A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow
|
| 39 |
CVE-2025-71214
An origin validation error vulnerability in the Trend Micro Apex One (mac) agent
|
| 39 |
CVE-2025-71217
An origin validation error vulnerability in the Trend Micro Apex One (mac) agent
|
| 39 |
CVE-2026-3623
IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allo
|
| 39 |
CVE-2026-46439
A High severity Server-Side Template Injection (SSTI) vulnerability exists in th
|
| 39 |
CVE-2026-42834
Improper link resolution before file access ('link following') in Azure Portal W
|
| 39 |
CVE-2025-71216
A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agen
|
| 39 |
CVE-2026-49237
An issue was discovered in Canonical Multipass for macOS before version 1.16.3 d
|
| 39 |
CVE-2026-47333
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentia
|
| 39 |
CVE-2026-46432
## Summary
lmdeploy hardcodes `trust_remote_code=True` in multiple HuggingFace
|
| 39 |
CVE-2026-46517
> ## 📋 Reframing (2026-05-02): implicit unsafe remote-code path, not "supply-cha
|
| 39 |
CVE-2026-34927
An origin validation vulnerability in the Apex One/SEP agent could allow a local
|
| 39 |
CVE-2026-45207
An origin validation vulnerability in the Apex One/SEP agent could allow a local
|
| 39 |
CVE-2026-47331
Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock wh
|
| 39 |
CVE-2026-34928
An origin validation vulnerability in the Apex One/SEP agent could allow a local
|
| 39 |
CVE-2025-71212
A link following vulnerability in the Trend Micro Apex One scan engine could all
|
| 39 |
CVE-2025-71213
An origin validation error vulnerability in Trend Micro Apex One could allow a l
|
| 39 |
CVE-2026-45206
An origin validation vulnerability in the Apex One/SEP agent could allow a local
|
| 39 |
CVE-2026-34930
An origin validation vulnerability in the Apex One/SEP agent could allow a local
|
| 39 |
CVE-2026-34929
An origin validation vulnerability in the Apex One/SEP agent could allow a local
|
| 39 |
CVE-2026-26147
Improper input validation in Azure Compute Gallery allows an authorized attacker
|
| 39 |
CVE-2026-8813
This affects versions of the package exifreader before 4.39.0. A crafted image c
|
| 39 |
CVE-2026-6902
A vulnerability in Command-Line Client in P4 Server prior to the 2025.2 Patch 2,
|
| 39 |
CVE-2026-46427
Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at
|
| 39 |
CVE-2026-46359
phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::set
|
| 39 |
CVE-2026-2253
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 an
|
| 39 |
CVE-2026-45715
### Summary
The REST datasource integration follows HTTP redirects without re-c
|
| 39 |
CVE-2026-48146
Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token
|
| 38 |
CVE-2026-9804
A flaw was found in KubeVirt's virt-exportserver component. An attacker with spe
|
| 38 |
CVE-2026-42099
Sparx Pro Cloud Server is vulnerable to a Race Condition in the /data_api/dl_int
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 776d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2344d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2157d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1771d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2274d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 5021d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1242d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1044d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3799d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 946d |