Security Dashboard

Priority	CVE	Severity	CVSS	EPSS	Indicators	Published
108	CVE-2026-9082 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti	MEDIUM	6.5	0.0%	KEV POC FIX	2026-05-20
92	CVE-2026-45498 Microsoft Defender Denial of Service Vulnerability	MEDIUM	4.0	2.3%	KEV POC FIX	2026-05-20
89	CVE-2026-34926 A directory traversal vulnerability in the Apex One (on-premise) server could al	MEDIUM	6.7	0.3%	KEV FIX	2026-05-21
54	CVE-2026-33741 EspoCRM is an open source customer relationship management application. Versions	MEDIUM	6.8	0.0%	POC FIX	2026-05-19
52	CVE-2026-41141 EspoCRM is an open source customer relationship management application. Prior to	MEDIUM	6.5	-	POC FIX	2026-05-28
51	CVE-2026-5776 The Email Encoder WordPress plugin before 2.4.7 does not escape email addresses	MEDIUM	6.1	0.1%	POC FIX	2026-05-20
49	CVE-2026-7385 The Decent Comments WordPress plugin before 3.0.2 does not restrict access to co	MEDIUM	5.8	0.0%	POC FIX	2026-05-20
49	CVE-2026-9367 A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f1948	MEDIUM	5.5	1.0%	POC	2026-05-24
48	CVE-2026-9351 A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.16	MEDIUM	5.5	0.1%	POC	2026-05-24
48	CVE-2026-9368 A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. Thi	MEDIUM	5.5	0.1%	POC	2026-05-24
48	CVE-2026-8759 A vulnerability was identified in xiandafu beetl up to 3.20.2. Affected is an un	MEDIUM	5.5	0.1%	POC	2026-05-17
48	CVE-2026-8757 A vulnerability was found in adenhq hive up to 0.11.0. This affects the function	MEDIUM	5.5	0.1%	POC	2026-05-17
48	CVE-2026-46383 Microsoft APM is an open-source, community-driven dependency manager for AI agen	MEDIUM	5.5	0.1%	POC FIX	2026-05-15
48	CVE-2026-8737 A weakness has been identified in Sanluan PublicCMS 5.202506.d. This issue affec	MEDIUM	5.5	0.0%	POC	2026-05-17
48	CVE-2026-9353 A security vulnerability has been detected in NousResearch hermes-agent up to 20	MEDIUM	5.5	0.0%	POC	2026-05-24
48	CVE-2026-9354 A vulnerability was detected in NousResearch hermes-agent up to 2026.4.16. The a	MEDIUM	5.5	0.0%	POC	2026-05-24
48	CVE-2026-9366 A vulnerability was found in NousResearch hermes-agent 2026.4.23. The impacted e	MEDIUM	5.5	0.0%	POC	2026-05-24
48	CVE-2026-9372 A flaw has been found in ItzCrazyKns Vane up to 1.12.1. This vulnerability affec	MEDIUM	5.5	0.0%	POC	2026-05-24
48	CVE-2026-8738 A security vulnerability has been detected in Sanluan PublicCMS 5.202506.d. Impa	MEDIUM	5.5	0.0%	POC	2026-05-17
48	CVE-2026-8725 A weakness has been identified in CoreWorxLab CAAL up to 1.6.0. The affected ele	MEDIUM	5.5	0.0%	POC	2026-05-17
48	CVE-2026-9350 A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. Thi	MEDIUM	5.5	0.0%	POC	2026-05-24
48	CVE-2026-8758 A vulnerability was determined in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This	MEDIUM	5.5	0.0%	POC	2026-05-17
48	CVE-2026-8751 A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the	MEDIUM	5.5	0.0%	POC	2026-05-17
48	CVE-2026-9355 A flaw has been found in SourceCodester Hospitals Patient Records Management Sys	MEDIUM	5.5	0.0%	POC	2026-05-24
48	CVE-2026-9356 A vulnerability has been found in SourceCodester Hospitals Patient Records Manag	MEDIUM	5.5	0.0%	POC	2026-05-24
48	CVE-2026-9349 A vulnerability was determined in calcom cal.diy up to 4.9.4. Affected by this i	MEDIUM	5.5	0.0%	POC	2026-05-24
48	CVE-2026-8785 A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Af	MEDIUM	5.5	0.0%	POC	2026-05-18
48	CVE-2026-8750 A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue	MEDIUM	5.5	0.0%	POC	2026-05-17
48	CVE-2026-9352 A weakness has been identified in NousResearch hermes-agent up to 2026.4.23. Thi	MEDIUM	5.5	0.0%	POC	2026-05-24
48	CVE-2026-8739 A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected eleme	MEDIUM	5.5	0.0%	POC	2026-05-17
48	CVE-2026-8752 A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability aff	MEDIUM	5.5	0.0%	POC	2026-05-17
48	CVE-2026-9364 A flaw has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is	MEDIUM	5.5	0.0%	POC	2026-05-24
48	CVE-2026-8734 A vulnerability was determined in Oinone Pamirs up to 7.2.0. Affected by this is	MEDIUM	5.5	0.0%	POC	2026-05-17
48	CVE-2026-9580 A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is	MEDIUM	5.5	0.0%	POC FIX	2026-05-26
48	CVE-2026-9606 A vulnerability has been found in itsourcecode Courier Management System 1.0. Im	MEDIUM	5.5	0.0%	POC	2026-05-26
48	CVE-2026-9584 A security vulnerability has been detected in code-projects Project Management S	MEDIUM	5.5	0.0%	POC	2026-05-26
48	CVE-2026-9603 A security vulnerability has been detected in SourceCodester eDoc Doctor Appoint	MEDIUM	5.5	0.0%	POC	2026-05-26
47	CVE-2026-1631 The Feeds for YouTube (YouTube video, channel, and gallery plugin) WordPress plu	MEDIUM	5.4	0.0%	POC FIX	2026-05-18
42	CVE-2025-70116 A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 fi	MEDIUM	4.3	0.0%	POC	2026-05-27
42	CVE-2026-41160 EspoCRM is an open source customer relationship management application. Prior to	MEDIUM	4.3	-	POC FIX	2026-05-28
42	CVE-2026-9807 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9	MEDIUM	4.3	0.0%	POC FIX	2026-05-28
36	CVE-2026-8605 In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could al	MEDIUM	5.1	0.0%		2026-05-19
35	CVE-2026-45248 Hedera Guardian through 3.5.1 contains an authentication bypass vulnerability in	MEDIUM	6.9	0.1%		2026-05-14
35	CVE-2026-46721 The create and edit flows do not restrict which user properties may be submitted	MEDIUM	6.9	0.1%	FIX	2026-05-19
35	CVE-2026-44679 Tuist is a virtual platform team for Swift app devs. Prior to 1.180.10, the forg	MEDIUM	6.9	0.1%	FIX	2026-05-14
35	CVE-2026-0393 The affected product may expose credentials remotely between low privileged visu	MEDIUM	6.9	0.0%	FIX	2026-05-21
35	CVE-2026-42534 NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the	MEDIUM	6.9	0.0%	FIX	2026-05-20
35	CVE-2026-6826 Concrete CMS 9.5.0 and below is vulnerable to unauthenticated file usage disclo	MEDIUM	6.9	0.0%		2026-05-21
35	CVE-2026-44390 NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when h	MEDIUM	6.9	0.0%	FIX	2026-05-20
35	CVE-2026-42923 NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the	MEDIUM	6.9	0.0%	FIX	2026-05-20
35	CVE-2026-40826 A high privileged remote attacker can exploit an unauthenticated SQL Injection v	MEDIUM	6.9	0.0%		2026-05-27
35	CVE-2026-40821 A high privileged remote attacker can exploit an unauthenticated SQL Injection v	MEDIUM	6.9	0.0%		2026-05-27
35	CVE-2026-40822 A high privileged remote attacker can exploit an unauthenticated SQL Injection v	MEDIUM	6.9	0.0%		2026-05-27
35	CVE-2026-43620 Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read v	MEDIUM	6.9	0.0%	FIX	2026-05-20
35	CVE-2025-48520 An improper input validation vulnerability within the AMD Platform Management Fr	MEDIUM	6.9	0.0%		2026-05-15
35	CVE-2025-48521 Improper input validation in the AMD Secure Processor (ASP) PCI driver could all	MEDIUM	6.9	0.0%		2026-05-15
35	CVE-2025-0045 Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow	MEDIUM	6.9	0.0%		2026-05-15
35	CVE-2025-48513 Use of uninitialized resource within the AMD Platform Management Framework (PMF)	MEDIUM	6.9	0.0%		2026-05-15
35	CVE-2025-48516 Insecure default configuration state of DDR5 memory module by AGESA Bootloader F	MEDIUM	6.9	0.0%		2026-05-15
35	CVE-2026-23679 libusb before version 1.0.30 contains a NULL pointer dereference vulnerability t	MEDIUM	6.9	0.0%	FIX	2026-05-27
35	CVE-2026-45413 MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, user passwo	MEDIUM	6.9	0.0%	FIX	2026-05-26
34	CVE-2026-45557 Technitium DNS Server aggressively tries to fetch missing RRSIG records or misma	MEDIUM	6.9	0.0%	FIX	2026-05-19
34	CVE-2026-48244 Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settin	MEDIUM	6.9	0.0%	FIX	2026-05-21
34	CVE-2026-48245 Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables	MEDIUM	6.9	0.0%	FIX	2026-05-21
34	CVE-2026-47136 RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta	MEDIUM	6.9	-		2026-05-28
34	CVE-2026-9053 Mothra would respect a default value given by a website for HTML file upload for	MEDIUM	6.9	0.0%		2026-05-22
34	CVE-2026-48243 Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API	MEDIUM	6.9	0.0%	FIX	2026-05-21
34	CVE-2026-4392 A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affe	MEDIUM	6.9	0.0%		2026-05-27
34	CVE-2026-44378 Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefi	MEDIUM	6.9	0.0%	FIX	2026-05-27
34	CVE-2026-48735 pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an att	MEDIUM	6.9	-	FIX	2026-05-28
34	CVE-2026-4391 A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. T	MEDIUM	6.9	0.0%		2026-05-27
34	CVE-2026-39311 Trilium Notes is a cross-platform, hierarchical note taking application focused	MEDIUM	6.8	0.1%	FIX	2026-05-20
34	CVE-2026-35593 Trilium Notes is an open-source, cross-platform hierarchical note taking applica	MEDIUM	6.8	0.1%		2026-05-20
34	CVE-2026-45585 Microsoft is aware of a security feature bypass vulnerability in Windows publicl	MEDIUM	6.8	0.1%		2026-05-20
34	CVE-2026-37982 A flaw was found in Keycloak. This authentication vulnerability allows a remote	MEDIUM	6.8	0.0%	FIX	2026-05-19
34	CVE-2026-4630 A flaw was found in Keycloak. An authenticated client could exploit an Insecure	MEDIUM	6.8	0.0%	FIX	2026-05-19
34	CVE-2025-29944 A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a	MEDIUM	6.8	0.0%		2026-05-15
34	CVE-2026-9490 A security vulnerability has been identified in Acer Care Center where the ACCSv	MEDIUM	6.8	0.0%		2026-05-25
34	CVE-2026-41704 AgentClient#handle_method (lines 264-303) processes every NATS reply. It calls i	MEDIUM	6.8	0.0%	FIX	2026-05-27
34	CVE-2026-41970 Out-of-bounds write vulnerability in the distributed file system module. Impact:	MEDIUM	6.8	0.0%		2026-05-15
34	CVE-2026-42000 Insufficient Validation of Names During AXFR	MEDIUM	6.8	0.0%	FIX	2026-05-21
34	CVE-2026-9802 A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persis	MEDIUM	6.8	0.0%		2026-05-28
34	CVE-2026-45246 Summarize prior to 0.15.1 contains an insecure file permission vulnerability in	MEDIUM	6.8	0.0%	FIX	2026-05-18
34	CVE-2026-9617 PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superu	MEDIUM	6.8	0.0%	FIX	2026-05-27
34	CVE-2026-20171 A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as featu	MEDIUM	6.8	0.0%		2026-05-20
34	CVE-2026-41119 Dell Live Optics Windows and Personal Edition collectors contain an improper cer	MEDIUM	6.8	0.0%	FIX	2026-05-18
34	CVE-2026-9704 A flaw was found in Keycloak. An authenticated user with low privileges can expl	MEDIUM	6.8	0.0%		2026-05-27
34	CVE-2026-46678 ## Summary When an application using Pydantic AI opts a URL into `force_downloa	MEDIUM	6.8	-	FIX	2026-05-21
34	CVE-2026-44076 In Netatalk 3.1.0 through 4.4.2, shell injection via volume path. Fixed in 4.4.3	MEDIUM	6.7	0.0%	FIX	2026-05-21
34	CVE-2026-48065 pam_usb provides hardware authentication for Linux using ordinary removable medi	MEDIUM	6.7	0.0%	FIX	2026-05-27

Oldest Unpatched Critical/High CVEs

CVE	Severity	CVSS	Priority	Days Open
CVE-2024-3400	CRITICAL	10.0	224	776d
CVE-2019-19781	CRITICAL	9.8	223	2344d
CVE-2020-5902	CRITICAL	9.8	223	2157d
CVE-2021-35464	CRITICAL	9.8	223	1771d
CVE-2020-10189	CRITICAL	9.8	223	2274d
CVE-2012-4681	CRITICAL	9.8	223	5021d
CVE-2022-42475	CRITICAL	9.8	223	1242d
CVE-2023-3519	CRITICAL	9.8	223	1044d
CVE-2015-7450	CRITICAL	9.8	222	3798d
CVE-2023-34048	CRITICAL	9.8	222	946d

1 / 10 Next