Total CVEs
2737
last 14 days
Avg Priority
33.0
of max 220
KEV
3
actively exploited
POC
359
public exploits
Unpatched
712
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-5281
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had co
109
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An
Priority Distribution
| Priority | CVE |
|---|---|
| 47 |
CVE-2026-39382
dbt enables data analysts and engineers to transform their data using the same p
|
| 47 |
CVE-2026-5251
A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown
|
| 47 |
CVE-2026-5248
A vulnerability has been found in gougucms 4.08.18. This affects the function re
|
| 47 |
CVE-2026-6125
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted i
|
| 47 |
CVE-2026-5594
A weakness has been identified in premAI-io premsql up to 0.2.1. Affected is the
|
| 47 |
CVE-2026-5561
A vulnerability was determined in Campcodes Complete POS Management and Inventor
|
| 47 |
CVE-2026-6111
A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. Thi
|
| 47 |
CVE-2026-5999
A vulnerability has been found in JeecgBoot up to 3.9.1. This impacts an unknown
|
| 47 |
CVE-2026-5556
A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. Thi
|
| 47 |
CVE-2026-6117
A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affect
|
| 47 |
CVE-2026-5535
A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts
|
| 47 |
CVE-2026-34361
## Summary
The FHIR Validator HTTP service exposes an unauthenticated `/loadIG`
|
| 47 |
CVE-2026-35459
## Summary
The fix for CVE-2026-33992 (GHSA-m74m-f7cr-432x) added IP validation
|
| 47 |
CVE-2026-5615
A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected eleme
|
| 47 |
CVE-2026-5181
A vulnerability has been found in SourceCodester Simple Doctors Appointment Syst
|
| 47 |
CVE-2026-5259
A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affect
|
| 47 |
CVE-2026-5472
A flaw has been found in ProjectsAndPrograms School Management System up to 6b6f
|
| 47 |
CVE-2026-5607
A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0
|
| 47 |
CVE-2026-5470
A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e06
|
| 47 |
CVE-2026-6032
A vulnerability was found in code-projects Simple Laundry System 1.0. This impac
|
| 47 |
CVE-2026-5541
A vulnerability was found in code-projects Simple Laundry System 1.0. This issue
|
| 47 |
CVE-2026-5316
A vulnerability was identified in Nothings stb up to 1.22. The impacted element
|
| 47 |
CVE-2026-5328
A weakness has been identified in shsuishang modulithshop up to 829bac71f507e846
|
| 47 |
CVE-2026-5620
A vulnerability has been found in itsourcecode Construction Management System 1.
|
| 47 |
CVE-2026-6034
A flaw has been found in code-projects Vehicle Showroom Management System 1.0. I
|
| 47 |
CVE-2026-5317
A security flaw has been discovered in Nothings stb up to 1.22. This affects the
|
| 47 |
CVE-2026-6035
A vulnerability has been found in code-projects Vehicle Showroom Management Syst
|
| 47 |
CVE-2026-5314
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function s
|
| 47 |
CVE-2026-5255
A vulnerability was detected in code-projects Simple Laundry System 1.0. This af
|
| 47 |
CVE-2026-5539
A flaw has been found in code-projects Simple Laundry System 1.0. This affects a
|
| 47 |
CVE-2026-5157
A vulnerability was identified in code-projects Online Food Ordering System 1.0.
|
| 47 |
CVE-2026-5625
A weakness has been identified in assafelovic gpt-researcher up to 3.4.3. This i
|
| 47 |
CVE-2026-5542
A vulnerability was determined in code-projects Simple Laundry System 1.0. Impac
|
| 47 |
CVE-2026-5533
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element
|
| 47 |
CVE-2026-5215
A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, D
|
| 47 |
CVE-2026-35614
Frappe is a full-stack web application framework. Prior to 16.14.0 and 15.104.0,
|
| 47 |
CVE-2026-39324
Rack::Session is a session management implementation for Rack. From 2.0.0 to bef
|
| 47 |
CVE-2026-6030
A flaw has been found in itsourcecode Construction Management System 1.0. The im
|
| 47 |
CVE-2026-6005
A flaw has been found in code-projects Patient Record Management System 1.0. The
|
| 47 |
CVE-2026-5640
A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1.
|
| 47 |
CVE-2026-5197
A vulnerability was found in code-projects Student Membership System 1.0. The af
|
| 47 |
CVE-2026-5196
A vulnerability has been found in code-projects Student Membership System 1.0. I
|
| 47 |
CVE-2026-5719
A flaw has been found in itsourcecode Construction Management System 1.0. This a
|
| 47 |
CVE-2026-5560
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The
|
| 47 |
CVE-2026-5558
A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up
|
| 47 |
CVE-2026-5649
A vulnerability has been found in code-projects Online Application System for Ad
|
| 47 |
CVE-2026-6010
A security flaw has been discovered in CodeAstro Online Classroom 1.0/2.php. Aff
|
| 47 |
CVE-2026-6006
A vulnerability has been found in code-projects Patient Record Management System
|
| 47 |
CVE-2026-5641
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The
|
| 47 |
CVE-2026-6033
A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an
|
| 47 |
CVE-2026-5543
A vulnerability was identified in PHPGurukul User Registration & Login and User
|
| 47 |
CVE-2026-6007
A vulnerability was found in itsourcecode Construction Management System 1.0. Th
|
| 47 |
CVE-2026-5206
A security vulnerability has been detected in code-projects Simple Gym Managemen
|
| 47 |
CVE-2026-25197
A specific endpoint allows authenticated users to pivot to other user profiles b
|
| 47 |
CVE-2026-5563
A security flaw has been discovered in AutohomeCorp frostmourne up to 1.0. Affec
|
| 47 |
CVE-2026-5537
A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affec
|
| 47 |
CVE-2026-5596
A vulnerability was detected in griptape-ai griptape 0.19.4. Affected by this is
|
| 47 |
CVE-2026-5587
A vulnerability was identified in wbbeyourself MAC-SQL up to 31a9df5e0d520be4769
|
| 47 |
CVE-2026-34580
Botan is a C++ cryptography library. In 3.11.0, the function Certificate_Store::
|
| 47 |
CVE-2026-5597
A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown pa
|
| 47 |
CVE-2026-5318
A weakness has been identified in LibRaw up to 0.22.0. This impacts the function
|
| 47 |
CVE-2026-32917
OpenClaw before 2026.3.13 contains a remote command injection vulnerability in t
|
| 47 |
CVE-2026-5126
A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this is
|
| 47 |
CVE-2026-5826
A flaw has been found in code-projects Simple IT Discussion Forum 1.0. This issu
|
| 47 |
CVE-2026-5546
A flaw has been found in Campcodes Complete Online Learning Management System 1.
|
| 47 |
CVE-2026-5825
A vulnerability was detected in code-projects Simple Laundry System 1.0. This vu
|
| 47 |
CVE-2026-6119
A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected
|
| 47 |
CVE-2026-5319
A security vulnerability has been detected in itsourcecode Payroll Management Sy
|
| 47 |
CVE-2026-5630
A flaw has been found in assafelovic gpt-researcher up to 3.4.3. The impacted el
|
| 47 |
CVE-2026-5553
A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affe
|
| 47 |
CVE-2026-5639
A flaw has been found in PHPGurukul Online Shopping Portal Project 2.1. Impacted
|
| 47 |
CVE-2026-5635
A security flaw has been discovered in PHPGurukul Online Shopping Portal Project
|
| 47 |
CVE-2026-5583
A security vulnerability has been detected in PHPGurukul Online Shopping Portal
|
| 47 |
CVE-2026-5529
A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerabili
|
| 47 |
CVE-2026-5578
A vulnerability was found in CodeAstro Online Classroom 1.0. This vulnerability
|
| 47 |
CVE-2026-5552
A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1.
|
| 47 |
CVE-2026-5580
A vulnerability was identified in CodeAstro Online Classroom 1.0. Impacted is an
|
| 47 |
CVE-2026-5636
A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1.
|
| 47 |
CVE-2026-1346
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify
|
| 47 |
CVE-2026-6109
A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impa
|
| 47 |
CVE-2026-5321
A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is s
|
| 46 |
CVE-2026-5812
A security flaw has been discovered in SourceCodester Pharmacy Product Managemen
|
| 46 |
CVE-2026-33698
Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack
|
| 46 |
CVE-2026-5681
A flaw has been found in itsourcecode sanitize or validate this input 1.0. This
|
| 46 |
CVE-2026-5194
Missing hash/digest size and OID checks allow digests smaller than allowed when
|
| 46 |
CVE-2026-5811
A vulnerability was identified in SourceCodester Online Food Ordering System 1.0
|
| 46 |
CVE-2026-33784
A Use of Default Password vulnerability in the Juniper Networks
Support Insigh
|
| 46 |
CVE-2026-5660
A vulnerability was determined in itsourcecode Construction Management System 1.
|
| 46 |
CVE-2026-5659
A vulnerability was found in pytries datrie up to 0.8.3. The affected element is
|
| 46 |
CVE-2026-34424
Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-st
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 730d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2298d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2111d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1725d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2228d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4975d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1196d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 998d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3753d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 900d |