Total CVEs
2535
last 14 days
Avg Priority
24.7
of max 220
KEV
7
actively exploited
POC
137
public exploits
Unpatched
391
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
126
CVE-2026-41091
Improper link resolution before file access ('link following') in Microsoft Defender allows an autho
120
CVE-2026-48172
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp
117
CVE-2026-8398
A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows v
116
CVE-2026-48027
Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console,
108
CVE-2026-9082
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
92
CVE-2026-45498
Microsoft Defender Denial of Service Vulnerability
89
CVE-2026-34926
A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authentica
Priority Distribution
| Priority | CVE |
|---|---|
| 44 |
CVE-2025-41669
The Web-based Management allows a remote low privileged Engineer user to install
|
| 44 |
CVE-2026-41147
### Impact
NukeViet CMS <= 4.5.08 contains a Stored Cross-Site Scripting (XSS)
|
| 44 |
CVE-2026-40810
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40812
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40813
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40811
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40817
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40816
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40815
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-9003
E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerabil
|
| 44 |
CVE-2026-40814
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40818
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40850
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-40819
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
|
| 44 |
CVE-2026-8654
Improper input validation in Delphix Continuous Data connectors allows an authen
|
| 44 |
CVE-2026-39352
Frappe is a full-stack web application framework. Versions prior to 15.105.0 and
|
| 44 |
CVE-2026-42959
NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vu
|
| 44 |
CVE-2026-42944
NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability
|
| 44 |
CVE-2026-47356
Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF)
|
| 44 |
CVE-2026-34241
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1
|
| 44 |
CVE-2026-8686
Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.
|
| 44 |
CVE-2025-41670
A local user with low privileges may be able to influence the behavior of a priv
|
| 44 |
CVE-2026-40165
authentik is an open-source identity provider. Versions 2025.12.4 and prior, and
|
| 44 |
CVE-2026-45800
Vvveb is a powerful and easy to use CMS with page builder to build websites, blo
|
| 44 |
CVE-2026-6346
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail
|
| 44 |
CVE-2026-47100
Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing aut
|
| 44 |
CVE-2026-44739
### Summary
The columnConfigAction endpoint in the CustomReportsBundle is vulner
|
| 44 |
CVE-2026-47102
LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /us
|
| 44 |
CVE-2026-42098
Sparx Enterprise Architect software has a security feature that limits user's ac
|
| 44 |
CVE-2026-44830
Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Serv
|
| 44 |
CVE-2026-47761
TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, t
|
| 44 |
CVE-2026-49128
Music Player Daemon (MPD) before version 0.24.11 contains a path traversal vulne
|
| 44 |
CVE-2026-8697
Due to improper enforcement of authentication rate-limiting on a debug SSH servi
|
| 44 |
CVE-2026-28445
Typebot is a chatbot builder tool. In versions 3.15.2 and prior, the RatingButto
|
| 44 |
CVE-2026-47759
TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, t
|
| 44 |
CVE-2026-27173
JWT tokens that were used by workers in Kubernetes Executors have been exposed t
|
| 44 |
CVE-2026-35672
phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in API v4.
|
| 44 |
CVE-2026-35671
phpMyFAQ before 4.1.3 contains an insecure direct object reference vulnerability
|
| 44 |
CVE-2026-47101
LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API key
|
| 44 |
CVE-2026-42197
RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd
|
| 44 |
CVE-2026-25606
A SQL injection vulnerability has been identified in STER. Improper neutralizati
|
| 44 |
CVE-2026-47760
TinyMCE is an open source rich text editor. From 6.8.0 to before 7.1.0, TinyMCE
|
| 44 |
CVE-2026-47762
TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, t
|
| 44 |
CVE-2026-39929
Lakeside SysTrack Agent versions prior to 11.2.1.28, 11.3.0.38, 11.4.0.24, 11.5.
|
| 44 |
CVE-2026-42096
Sparx Pro Cloud Server is vulnerable to Broken Access Control within communicati
|
| 44 |
CVE-2026-6009
Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote
|
| 44 |
CVE-2026-24425
Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerabi
|
| 44 |
CVE-2026-35089
In Slican telephone exchanges secure key is generated in a predictable manner us
|
| 44 |
CVE-2026-47074
Improper Certificate Validation vulnerability in ex-aws ex_aws_sns (ExAws.SNS, E
|
| 44 |
CVE-2026-45041
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta
|
| 44 |
CVE-2026-45270
## Summary
The `Pages` backend module registers the `html_purify` validation ru
|
| 43 |
CVE-2026-26978
FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the back
|
| 43 |
CVE-2026-44088
SzafirHost verifies the signature of the downloaded JAR file using class JarInpu
|
| 43 |
CVE-2026-2652
A vulnerability in mlflow/mlflow versions 3.9.0 and earlier allows unauthenticat
|
| 43 |
CVE-2026-39310
Trilium Notes is a cross-platform, hierarchical note taking application focused
|
| 43 |
CVE-2026-42737
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
|
| 43 |
CVE-2025-30028
A vulnerability in Active Backup for Business allows unauthorized remote attacke
|
| 43 |
CVE-2026-8958
Information disclosure, sandbox escape in the Security: Process Sandboxing compo
|
| 43 |
CVE-2026-8851
SOGo 5.12.7 contains a SQL injection vulnerability in the Access Control List ma
|
| 43 |
CVE-2026-9157
Improper input validation, Unrestricted upload of file with dangerous type vulne
|
| 43 |
CVE-2026-45298
## Summary
In a default dozzle deploy (the documented quickstart, no `DOZZLE_AU
|
| 43 |
CVE-2026-47107
Windmill prior to 1.703.2 contains an incorrect default permissions vulnerabilit
|
| 43 |
CVE-2026-44466
Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system ca
|
| 43 |
CVE-2026-46491
## Summary
`simplesamlphp-module-casserver` builds file paths for the file-base
|
| 43 |
CVE-2026-44463
Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system ca
|
| 43 |
CVE-2026-42089
### Impact
`yeoman-environment` versions `>= 2.9.0` and `< 6.0.1` install missi
|
| 43 |
CVE-2026-44465
Zed is a code editor. Prior to 0.227.1, Zed IDE executes arbitrary commands when
|
| 43 |
CVE-2026-9039
A configuration weakness in the device’s remote management service allows an aut
|
| 43 |
CVE-2026-44461
Zed is a code editor. Prior to 0.227.1, Zed builds SSH/WSL remote commands as a
|
| 43 |
CVE-2026-9038
A stack-based buffer overflow vulnerability in the charging controller’s signal-
|
| 43 |
CVE-2026-32997
A vulnerability allowing an authenticated user with the Backup Administrator rol
|
| 43 |
CVE-2026-8652
An OS Command Injection vulnerability exists in Aterm. If a malicious third pers
|
| 43 |
CVE-2026-3515
A vulnerability in the `GitHubRepository` block of the `prefect-github` integrat
|
| 43 |
CVE-2026-8632
A potential security vulnerability has been identified in the HP Linux Imaging a
|
| 43 |
CVE-2025-54517
Out of bounds write in AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could allow a l
|
| 43 |
CVE-2026-42730
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
|
| 43 |
CVE-2026-9789
A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense softwar
|
| 43 |
CVE-2026-9489
NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation (LPE) vulner
|
| 43 |
CVE-2026-28761
Cross-site request forgery vulnerability exists in Musetheque V4 Information Dis
|
| 43 |
CVE-2025-48519
An improper input validation vulnerability within the AMD Platform Management Fr
|
| 43 |
CVE-2025-52540
An improper input validation vulnerability within the AMD Platform Management Fr
|
| 43 |
CVE-2026-7373
Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that
|
| 43 |
CVE-2026-44933
`PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot`, this ro
|
| 43 |
CVE-2026-0432
Incorrect default permissions in the installation directory for the AMD chipset
|
| 42 |
CVE-2026-46372
## Resolution
SillyTavern 1.18.0 added a generic server-side request filter (Pr
|
| 42 |
CVE-2026-33590
Insecure default settings of Portainer CE grant regular (non-admin) users privil
|
| 42 |
CVE-2026-5509
An authenticated command injection vulnerability exists in the Archer BE450 v1 a
|
| 42 |
CVE-2026-49046
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
|
| 42 |
CVE-2026-46820
Vulnerability in the Oracle Financials Common Modules product of Oracle E-Busine
|
| 42 |
CVE-2026-46717
## Summary
nezha's dashboard supports two user roles: `RoleAdmin` (Role==0) and
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 776d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2344d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2157d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1771d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2274d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 5021d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1242d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1044d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3799d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 946d |