Total CVEs
5813
last 30 days
Avg Priority
34.0
of max 220
KEV
6
actively exploited
POC
811
public exploits
Unpatched
1594
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-5281
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had co
117
CVE-2026-33634
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publi
117
CVE-2026-33017
## Summary
The `POST /api/v1/build_public_tmp/{flow_id}/flow` endpoint allows building public flows
117
CVE-2026-3055
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP l
109
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An
Priority Distribution
| Priority | CVE |
|---|---|
| 38 |
CVE-2026-33154
### Summary
Dynaconf is vulnerable to Server-Side Template Injection (SSTI) due
|
| 38 |
CVE-2026-29871
A path traversal vulnerability exists in the awesome-llm-apps project in commit
|
| 38 |
CVE-2025-69768
SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker
|
| 38 |
CVE-2026-33287
### Summary
The `replace_first` filter in LiquidJS uses JavaScript's `String.pro
|
| 38 |
CVE-2026-1233
The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress is vulner
|
| 38 |
CVE-2026-33204
## Summary
An unauthenticated attacker can perform a Denial of Service via JWE
|
| 38 |
CVE-2026-35526
Strawberry GraphQL's WebSocket subscription handlers for both the `graphql-trans
|
| 38 |
CVE-2026-33418
## Summary
The `ensureSize()` function in `@dicebear/converter` used a regex-ba
|
| 38 |
CVE-2026-33285
### Summary
LiquidJS's `memoryLimit` security mechanism can be completely bypas
|
| 38 |
CVE-2025-57834
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod
|
| 38 |
CVE-2026-27833
Piwigo is an open source photo gallery application for the web. Prior to version
|
| 38 |
CVE-2026-33069
PJSIP is a free and open source multimedia communication library written in C. V
|
| 38 |
CVE-2026-33554
ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response
|
| 38 |
CVE-2026-33184
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake pro
|
| 38 |
CVE-2026-4598
Versions of the package jsrsasign before 11.1.1 are vulnerable to Infinite loop
|
| 38 |
CVE-2026-4602
Versions of the package jsrsasign before 11.1.1 are vulnerable to Incorrect Conv
|
| 38 |
CVE-2026-33164
libde265 is an open source implementation of the h.265 video codec. Prior to ver
|
| 38 |
CVE-2026-33231
### Summary
`nltk.app.wordnet_app` allows unauthenticated remote shutdown of the
|
| 38 |
CVE-2026-22743
Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in N
|
| 38 |
CVE-2026-34601
## Summary
`@xmldom/xmldom` allows attacker-controlled strings containing the C
|
| 38 |
CVE-2026-34376
PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user
|
| 38 |
CVE-2026-32933
AutoMapper is a convention-based object-object mapper in .NET. Versions prior to
|
| 38 |
CVE-2026-25443
Missing Authorization vulnerability in Dotstore Fraud Prevention For Woocommerce
|
| 38 |
CVE-2026-34829
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, a
|
| 38 |
CVE-2026-34827
Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before
|
| 38 |
CVE-2026-31934
Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before vers
|
| 38 |
CVE-2026-35405
### Summary
The`libp2p-rendezvous` server has no limit on how many namespaces a
|
| 38 |
CVE-2026-35611
Addressable is an alternative implementation to the URI implementation that is p
|
| 38 |
CVE-2026-33891
## Summary
A Denial of Service (DoS) vulnerability exists in the node-forge lib
|
| 38 |
CVE-2026-33671
### Impact
`picomatch` is vulnerable to Regular Expression Denial of Service (Re
|
| 38 |
CVE-2026-29181
multi-value `baggage:` header extraction parses each header field-value independ
|
| 38 |
CVE-2026-39376
FastFeedParser is a high performance RSS, Atom and RDF parser. Prior to 0.5.10,
|
| 38 |
CVE-2026-31935
Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.
|
| 38 |
CVE-2026-33856
Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherr
|
| 38 |
CVE-2025-58136
A bug in POST request handling causes a crash under a certain condition.
This i
|
| 38 |
CVE-2026-25833
Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x5
|
| 38 |
CVE-2026-27979
## Summary
A request containing the `next-resume: 1` header (corresponding with
|
| 38 |
CVE-2026-32011
OpenClaw versions prior to 2026.3.2 contain a denial of service vulnerability in
|
| 38 |
CVE-2026-31937
Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, ineffici
|
| 38 |
CVE-2026-24458
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail
|
| 38 |
CVE-2026-4046
The iconv() function in the GNU C Library versions 2.43 and earlier may crash du
|
| 38 |
CVE-2026-33852
Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherr
|
| 38 |
CVE-2026-6069
NASM’s disasm() function contains a stack based buffer overflow when formatting
|
| 38 |
CVE-2026-34148
Fedify is a TypeScript library for building federated server apps powered by Act
|
| 38 |
CVE-2026-26008
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an ou
|
| 38 |
CVE-2026-33011
### Impact
In a NestJS application using `@nestjs/platform-fastify`, GET middle
|
| 38 |
CVE-2026-30922
### Summary
The `pyasn1` library is vulnerable to a Denial of Service (DoS) atta
|
| 38 |
CVE-2026-31933
Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.
|
| 38 |
CVE-2026-31932
Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.
|
| 38 |
CVE-2026-4926
Impact:
A bad regular expression is generated any time you have multiple sequen
|
| 38 |
CVE-2026-34771
### Impact
Apps that register an asynchronous `session.setPermissionRequestHandl
|
| 38 |
CVE-2026-33984
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio
|
| 38 |
CVE-2026-32949
SQLBot is an intelligent data query system based on a large language model and R
|
| 38 |
CVE-2026-32815
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, t
|
| 38 |
CVE-2026-33986
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio
|
| 38 |
CVE-2026-24175
NVIDIA Triton Inference Server contains a vulnerability where an attacker could
|
| 38 |
CVE-2026-33128
## Summary
`createEventStream` in h3 is vulnerable to Server-Sent Events (SSE)
|
| 38 |
CVE-2026-4867
Impact:
A bad regular expression is generated any time you have three or more p
|
| 38 |
CVE-2026-24158
NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint whe
|
| 38 |
CVE-2026-24174
NVIDIA Triton Inference Server contains a vulnerability where an attacker could
|
| 38 |
CVE-2026-33939
## Summary
When a Handlebars template contains decorator syntax referencing an
|
| 38 |
CVE-2026-24146
NVIDIA Triton Inference Server contains a vulnerability where insufficient input
|
| 38 |
CVE-2026-26828
A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.
|
| 38 |
CVE-2026-33292
## Summary
The HLS streaming endpoint (`view/hls.php`) is vulnerable to a path
|
| 38 |
CVE-2026-32875
### Summary
`ujson.dumps()` crashes the Python interpreter (segmentation fault)
|
| 38 |
CVE-2026-33036
## Summary
The fix for CVE-2026-26278 added entity expansion limits (`maxTotalE
|
| 38 |
CVE-2026-3547
Out-of-bounds read in ALPN parsing due to incomplete validation. wolfSSL 5.8.4 a
|
| 38 |
CVE-2026-29097
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (C
|
| 38 |
CVE-2026-32873
ewe is a Gleam web server. Versions 0.8.0 through 3.0.4 contain a bug in the han
|
| 38 |
CVE-2026-29112
### Impact
The `ensureSize()` function in `@dicebear/converter` (versions < 9.4
|
| 38 |
CVE-2026-5284
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote
|
| 38 |
CVE-2026-24173
NVIDIA Triton Inference Server contains a vulnerability where an attacker could
|
| 38 |
CVE-2026-4276
LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that al
|
| 38 |
CVE-2026-3902
An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4
|
| 38 |
CVE-2026-35385
In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setg
|
| 38 |
CVE-2026-31940
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, in
|
| 38 |
CVE-2026-33895
## Summary
Ed25519 signature verification accepts forged non-canonical signature
|
| 38 |
CVE-2026-40116
PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /media-stream Web
|
| 38 |
CVE-2026-5277
Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 al
|
| 38 |
CVE-2025-33238
NVIDIA Triton Inference Server Sagemaker HTTP server contains a vulnerability wh
|
| 38 |
CVE-2025-33254
NVIDIA Triton Inference Server contains a vulnerability where an attacker may ca
|
| 38 |
CVE-2026-22750
When configuring SSL bundles in Spring Cloud Gateway by using the configuration
|
| 38 |
CVE-2026-30075
OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing
|
| 38 |
CVE-2026-33512
WWBN AVideo is an open source video platform. In versions up to and including 26
|
| 38 |
CVE-2026-39356
Drizzle is a modern TypeScript ORM. Prior to 0.45.2 and 1.0.0-beta.20, Drizzle O
|
| 38 |
CVE-2026-35036
### Summary
Ech0 implements **link preview** (editor fetches a page title) thro
|
| 38 |
CVE-2026-34226
Happy DOM is a JavaScript implementation of a web browser without its graphical
|
| 38 |
CVE-2026-39885
## Summary
The `mcp-from-openapi` library uses `@apidevtools/json-schema-ref-pa
|
| 38 |
CVE-2026-35486
text-generation-webui is an open-source web interface for running Large Language
|
| 38 |
CVE-2026-33180
### Impact
When setting headers in HTTP requests, the internal HTTP client sends
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 731d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2299d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2112d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1725d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2228d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4976d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1197d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 998d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3753d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 900d |