Security Dashboard

Priority	CVE	Severity	CVSS	EPSS	Indicators	Published
44	CVE-2026-22790 EVerest is an EV charging software stack. Prior to version 2026.02.0, `HomeplugM	HIGH	8.8	0.1%		2026-03-26
44	CVE-2025-70887 An issue in ralphje Signify before v.0.9.2 allows a remote attacker to escalate	HIGH	8.8	0.1%	FIX	2026-03-25
44	CVE-2026-32693 In Juju from version 3.0.0 through 3.6.18, the authorization of the "secret-set"	HIGH	8.8	0.1%	FIX	2026-03-18
44	CVE-2026-5884 Insufficient validation of untrusted input in Media in Google Chrome prior to 14	HIGH	8.8	0.1%	FIX	2026-04-08
44	CVE-2026-5465 The Booking for Appointments and Events Calendar - Amelia plugin for WordPress i	HIGH	8.8	0.1%		2026-04-07
44	CVE-2026-5879 Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prio	HIGH	8.8	0.1%	FIX	2026-04-08
44	CVE-2026-33053 Detection Method: Kolega.dev Deep Code Scan \| Attribute \| Value \| \|---\|---\|	HIGH	8.8	0.0%	FIX	2026-03-18
44	CVE-2026-5144 The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalat	HIGH	8.8	0.0%		2026-04-11
44	CVE-2026-32513 Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List	HIGH	8.8	0.0%		2026-03-25
44	CVE-2026-3666 The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion i	HIGH	8.8	0.0%		2026-04-04
44	CVE-2026-25445 Deserialization of Untrusted Data vulnerability in Membership Software WishList	HIGH	8.8	0.0%		2026-03-19
44	CVE-2026-4451 Insufficient validation of untrusted input in Navigation in Google Chrome prior	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-35567 ChurchCRM is an open-source church management system. Prior to 7.1.0, the NewRol	HIGH	8.8	0.0%		2026-04-07
44	CVE-2026-39891 ## Summary Direct insertion of unescaped user input into template-rendering tool	HIGH	8.8	0.0%	FIX	2026-04-08
44	CVE-2026-33991 WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the	HIGH	8.8	0.0%		2026-03-27
44	CVE-2026-28228 OpenOlat is an open source web-based e-learning platform for teaching, learning,	HIGH	8.8	0.0%		2026-03-30
44	CVE-2025-50881 The `flow/admin/moniteur.php` script in Use It Flow administration website befor	HIGH	8.8	0.0%		2026-03-16
44	CVE-2026-4946 Ghidra versions prior to 12.0.3 improperly process annotation directives embedde	HIGH	8.8	0.0%		2026-03-29
44	CVE-2026-33687 ### Summary The `code16/sharp` Laravel admin panel package contains a vulnerabi	HIGH	8.8	0.0%	FIX	2026-03-25
44	CVE-2025-67030 Directory Traversal vulnerability in the extractFile method of org.codehaus.plex	HIGH	8.8	0.0%	FIX	2026-03-25
44	CVE-2026-33511 pyLoad is a free and open-source download manager written in Python. From versio	HIGH	8.8	0.0%		2026-03-24
44	CVE-2026-24164 NVIDIA BioNeMo contains a vulnerability where a user could cause a deserializati	HIGH	8.8	0.0%		2026-03-31
44	CVE-2025-15540 "Functions" module in Raytha CMS allows privileged users to write custom code to	HIGH	8.8	0.0%		2026-03-16
44	CVE-2026-33717 WWBN AVideo is an open source video platform. In versions up to and including 26	HIGH	8.8	0.0%		2026-03-23
44	CVE-2026-39937 Improper removal of sensitive information before storage or transfer vulnerabili	HIGH	8.8	0.0%		2026-04-07
44	CVE-2026-35044 ## Summary The Dockerfile generation function `generate_containerfile()` in `sr	HIGH	8.8	0.0%	FIX	2026-04-03
44	CVE-2026-2931 The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object	HIGH	8.8	0.0%		2026-03-26
44	CVE-2026-34184 Hydrosystem Control System does not enforce authorization for some directories.	HIGH	8.8	0.0%		2026-04-09
44	CVE-2026-4342 A security issue was discovered in ingress-nginx where a combination of Ingress	HIGH	8.8	0.0%	FIX	2026-03-19
44	CVE-2026-4314 The 'The Ultimate WordPress Toolkit - WP Extended' plugin for WordPress is vulne	HIGH	8.8	0.0%		2026-03-22
44	CVE-2026-35610 PolarLearn is a free and open-source learning program. In 0-PRERELEASE-14 and ea	HIGH	8.8	0.0%		2026-04-07
44	CVE-2026-33848 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerab	HIGH	8.8	0.0%	FIX	2026-03-24
44	CVE-2026-33510 Homarr is an open-source dashboard. Prior to 1.57.0, a DOM-based Cross-Site Scri	HIGH	8.8	0.0%		2026-04-06
44	CVE-2026-33854 Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This iss	HIGH	8.8	0.0%	FIX	2026-03-24
44	CVE-2026-33849 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerab	HIGH	8.8	0.0%	FIX	2026-03-24
44	CVE-2026-23514 Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks	HIGH	8.8	0.0%		2026-03-25
44	CVE-2026-4484 The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in	HIGH	8.8	0.0%		2026-03-26
44	CVE-2026-4261 The Expire Users plugin for WordPress is vulnerable to Privilege Escalation in a	HIGH	8.8	0.0%		2026-03-21
44	CVE-2025-10681 Storage credentials are hardcoded in the mobile app and device firmware. These c	HIGH	8.8	0.0%		2026-04-03
44	CVE-2026-2941 The Linksy Search and Replace plugin for WordPress is vulnerable to unauthorized	HIGH	8.8	0.0%		2026-03-21
44	CVE-2026-4447 Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allo	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-5866 Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote	HIGH	8.8	0.0%	FIX	2026-04-08
44	CVE-2026-5279 Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remot	HIGH	8.8	0.0%	FIX	2026-04-01
44	CVE-2026-5872 Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote	HIGH	8.8	0.0%	FIX	2026-04-08
44	CVE-2026-5871 Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote at	HIGH	8.8	0.0%	FIX	2026-04-08
44	CVE-2026-5287 Use after free in PDF in Google Chrome prior to 146.0.7680.178 allowed a remote	HIGH	8.8	0.0%	FIX	2026-04-01
44	CVE-2026-5286 Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote	HIGH	8.8	0.0%	FIX	2026-04-01
44	CVE-2026-5873 Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allow	HIGH	8.8	0.0%	FIX	2026-04-08
44	CVE-2026-33124 Frigate is a network video recorder (NVR) with realtime local object detection f	HIGH	8.8	0.0%		2026-03-20
44	CVE-2026-4374 Improper Restriction of XML External Entity Reference vulnerability in RTI Conne	HIGH	8.8	0.0%		2026-04-01
44	CVE-2026-5908 Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remo	HIGH	8.8	0.0%	FIX	2026-04-08
44	CVE-2026-4464 Integer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a rem	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4462 Out of bounds read in Blink in Google Chrome prior to 146.0.7680.153 allowed a r	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4461 Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allo	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4460 Out of bounds read in Skia in Google Chrome prior to 146.0.7680.153 allowed a re	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4457 Type Confusion in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote a	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4456 Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.1	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4454 Use after free in Network in Google Chrome prior to 146.0.7680.153 allowed a rem	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4452 Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.153 al	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4450 Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a rem	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4449 Use after free in Blink in Google Chrome prior to 146.0.7680.153 allowed a remot	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4441 Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remote	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-5274 Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a re	HIGH	8.8	0.0%	FIX	2026-04-01
44	CVE-2026-5909 Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remo	HIGH	8.8	0.0%	FIX	2026-04-08
44	CVE-2026-5910 Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remo	HIGH	8.8	0.0%	FIX	2026-04-08
44	CVE-2026-5275 Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 146.0.7680.178 al	HIGH	8.8	0.0%	FIX	2026-04-01
44	CVE-2026-22730 A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionCon	HIGH	8.8	0.0%	FIX	2026-03-18
44	CVE-2026-5278 Use after free in Web MIDI in Google Chrome on Android prior to 146.0.7680.178 a	HIGH	8.8	0.0%	FIX	2026-04-01
44	CVE-2026-5280 Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a r	HIGH	8.8	0.0%	FIX	2026-04-01
44	CVE-2026-5285 Use after free in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remot	HIGH	8.8	0.0%	FIX	2026-04-01
44	CVE-2026-30568 A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester In	MEDIUM	4.8	0.0%	POC	2026-03-27
44	CVE-2026-4459 Out of bounds read and write in WebAudio in Google Chrome prior to 146.0.7680.15	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4455 Heap buffer overflow in PDFium in Google Chrome prior to 146.0.7680.153 allowed	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4448 Heap buffer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4446 Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remo	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4445 Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remo	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4442 Heap buffer overflow in CSS in Google Chrome prior to 146.0.7680.153 allowed a r	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4440 Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 a	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4439 Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-5912 Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a rem	HIGH	8.8	0.0%	FIX	2026-04-08
44	CVE-2026-35182 Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing	HIGH	8.8	0.0%		2026-04-06
44	CVE-2026-27893 vLLM is an inference and serving engine for large language models (LLMs). Starti	HIGH	8.8	0.0%	FIX	2026-03-27
44	CVE-2026-5292 Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed	HIGH	8.8	0.0%	FIX	2026-04-01
44	CVE-2026-28805 ## Description Multiple AJAX select handlers in OpenSTAManager <= 2.10.1 are vu	HIGH	8.8	0.0%	FIX	2026-04-01
44	CVE-2026-4443 Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.153 allowe	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-4616 A security flaw has been discovered in bolo-blog 까지 2.6.4. The affected element	MEDIUM	4.8	0.0%	POC	2026-03-24
44	CVE-2026-33025 AVideo is a video-sharing Platform. Versions prior to 8.0 contain a SQL Injectio	HIGH	8.8	0.0%		2026-03-20
44	CVE-2026-5836 A vulnerability has been found in code-projects Online Shoe Store 1.0. Affected	MEDIUM	4.8	0.0%	POC	2026-04-09
44	CVE-2026-4463 Heap buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed	HIGH	8.8	0.0%	FIX	2026-03-20
44	CVE-2026-39318 ChurchCRM is an open-source church management system. Prior to 7.1.0, the GroupP	HIGH	8.8	0.0%		2026-04-07

Oldest Unpatched Critical/High CVEs

CVE	Severity	CVSS	Priority	Days Open
CVE-2024-3400	CRITICAL	10.0	224	731d
CVE-2019-19781	CRITICAL	9.8	223	2298d
CVE-2020-5902	CRITICAL	9.8	223	2111d
CVE-2021-35464	CRITICAL	9.8	223	1725d
CVE-2020-10189	CRITICAL	9.8	223	2228d
CVE-2012-4681	CRITICAL	9.8	223	4976d
CVE-2022-42475	CRITICAL	9.8	223	1197d
CVE-2023-3519	CRITICAL	9.8	223	998d
CVE-2015-7450	CRITICAL	9.8	222	3753d
CVE-2023-34048	CRITICAL	9.8	222	900d

Prev 15 / 65 Next