Total CVEs
5836
last 30 days
Avg Priority
34.0
of max 220
KEV
6
actively exploited
POC
816
public exploits
Unpatched
1604
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-5281
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had co
117
CVE-2026-33634
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publi
117
CVE-2026-33017
## Summary
The `POST /api/v1/build_public_tmp/{flow_id}/flow` endpoint allows building public flows
117
CVE-2026-3055
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP l
109
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An
Priority Distribution
| Priority | CVE |
|---|---|
| 30 |
CVE-2026-32884
Botan is a C++ cryptography library. Prior to version 3.11.0, during processing
|
| 30 |
CVE-2026-34610
The leancrypto library is a cryptographic library that exclusively contains only
|
| 30 |
CVE-2026-22174
OpenClaw versions prior to 2026.2.22 inject the x-OpenClaw-relay-token header in
|
| 30 |
CVE-2026-5295
A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wc_PKCS7
|
| 30 |
CVE-2026-32632
## Summary
Glances recently added DNS rebinding protection for the MCP endpoint
|
| 30 |
CVE-2026-34778
### Impact
A service worker running in a session could spoof reply messages on t
|
| 30 |
CVE-2026-21001
Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker t
|
| 30 |
CVE-2026-3579
wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software imple
|
| 30 |
CVE-2026-33349
## Summary
The `DocTypeReader` in fast-xml-parser uses JavaScript truthy checks
|
| 30 |
CVE-2026-34946
Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and
|
| 30 |
CVE-2026-33424
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-late
|
| 30 |
CVE-2026-34942
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0
|
| 30 |
CVE-2026-34353
In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and result
|
| 30 |
CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capab
|
| 30 |
CVE-2026-32935
phpseclib is a PHP secure communications library. Projects using versions 1.0.26
|
| 30 |
CVE-2026-29772
Astro is a web framework. Prior to version 10.0.0, Astro's Server Islands POST h
|
| 30 |
CVE-2025-64648
IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an
|
| 30 |
CVE-2026-21713
A flaw in Node.js HMAC verification uses a non-constant-time comparison when val
|
| 30 |
CVE-2025-33242
NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malic
|
| 30 |
CVE-2026-21002
Improper verification of cryptographic signature in Galaxy Store prior to versio
|
| 30 |
CVE-2026-34859
UAF vulnerability in the kernel module.
Impact: Successful exploitation of this
|
| 30 |
CVE-2026-39865
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.13.
|
| 30 |
CVE-2026-35201
### Summary
A signed length truncation bug causes an out-of-bounds read in the
|
| 30 |
CVE-2026-5300
Unauthenticated functionality in CoolerControl/coolercontrold <4.0.0 allows una
|
| 30 |
CVE-2026-39844
### Summary
The upload filename sanitization introduced in GHSA-9ffm-fxg3-xrhh
|
| 30 |
CVE-2026-34721
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0
|
| 30 |
CVE-2025-55266
HCL Aftermarket DPC is affected by Session Fixation which allows attacker to tak
|
| 29 |
CVE-2026-32000
OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability i
|
| 29 |
CVE-2026-2454
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail
|
| 29 |
CVE-2026-34761
## Summary
Ella Core panics when processing a NGAP handover failure message.
#
|
| 29 |
CVE-2026-1712
Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Esc
|
| 29 |
CVE-2026-33081
### **The /download endpoint validates only the initial URL provided by the user
|
| 29 |
CVE-2026-4366
A flaw was identified in Keycloak, an identity and access management solution, w
|
| 29 |
CVE-2026-5374
An issue that allowed MCP agents to access remediation and asset information fro
|
| 29 |
CVE-2026-5384
An issue that could allow a credential to be updated and used for a task from ou
|
| 29 |
CVE-2026-5378
An issue that allowed administrators to create and update users outside of their
|
| 29 |
CVE-2026-33996
LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to ver
|
| 29 |
CVE-2026-34360
## Summary
The `/loadIG` HTTP endpoint in the FHIR Validator HTTP service accep
|
| 29 |
CVE-2026-33061
exactyl is a customisable game management panel and billing system. Commits afte
|
| 29 |
CVE-2025-52644
HCL AION is affected by a vulnerability where certain user actions are not adequ
|
| 29 |
CVE-2026-34452
The Claude SDK for Python provides access to the Claude API from Python applicat
|
| 29 |
CVE-2026-34772
### Impact
Apps that allow downloads and programmatically destroy sessions may b
|
| 29 |
CVE-2026-25704
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use (TOCTOU) Race C
|
| 29 |
CVE-2026-22217
OpenClaw version 2026.2.22 prior to 2026.2.23 contain an arbitrary code executio
|
| 29 |
CVE-2026-33144
GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-bas
|
| 29 |
CVE-2026-33729
### Description
In OpenFGA, under specific conditions, models using conditions w
|
| 29 |
CVE-2026-32988
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in fs
|
| 29 |
CVE-2026-32977
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in th
|
| 29 |
CVE-2026-33574
OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills d
|
| 29 |
CVE-2026-27646
OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in th
|
| 29 |
CVE-2026-34981
The whisperX API is a tool for enhancing and analyzing audio content. From 0.3.1
|
| 29 |
CVE-2026-28455
OpenClaw before 2026.2.22 contains an allowlist bypass vulnerability in system.r
|
| 29 |
CVE-2026-32047
OpenClaw before 2026.2.22 contains an allowlist bypass vulnerability in system.r
|
| 29 |
CVE-2026-20709
Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Pr
|
| 29 |
CVE-2026-28483
OpenClaw before 2026.3.2 contains a race condition vulnerability in ZIP extracti
|
| 29 |
CVE-2026-32912
OpenClaw versions 2026.2.26 before 2026.3.1 contain a current working directory
|
| 29 |
CVE-2026-34387
Fleet is open source device management software. Prior to 4.81.1, a command inje
|
| 29 |
CVE-2026-22902
A command injection vulnerability has been reported to affect QuNetSwitch. If a
|
| 29 |
CVE-2026-30867
CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior
|
| 29 |
CVE-2026-1502
CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host.
|
| 29 |
CVE-2026-33542
Incus is a system container and virtual machine manager. Prior to version 6.23.0
|
| 29 |
CVE-2026-33739
FOG is a free open-source cloning/imaging/rescue suite/inventory management syst
|
| 29 |
CVE-2025-14806
IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to tri
|
| 29 |
CVE-2026-33473
### Summary
Any user that has enabled 2FA can have their TOTP reused during the
|
| 29 |
CVE-2026-39901
### Summary
A transaction integrity flaw allows an authenticated tenant user to
|
| 29 |
CVE-2026-27656
Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.
|
| 29 |
CVE-2025-24819
Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due t
|
| 29 |
CVE-2026-1516
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 b
|
| 29 |
CVE-2026-32755
## Summary
The `save_membership` action in `modules/profile/profile_function.ph
|
| 29 |
CVE-2025-14974
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to
|
| 29 |
CVE-2026-26931
Memory Allocation with Excessive Size Value (CWE-789) in the Prometheus remote_w
|
| 29 |
CVE-2026-32816
Admidio is an open-source user management solution. In versions 5.0.0 through 5.
|
| 29 |
CVE-2026-21712
A flaw in Node.js URL processing causes an assertion failure in native code when
|
| 29 |
CVE-2026-32009
OpenClaw versions prior to 2026.2.24 contain a policy bypass vulnerability in th
|
| 29 |
CVE-2026-34855
Out-of-bounds write vulnerability in the kernel module.
Impact: Successful explo
|
| 29 |
CVE-2026-34854
UAF vulnerability in the kernel module.
Impact: Successful exploitation of this
|
| 29 |
CVE-2026-26933
Improper Validation of Array Index (CWE-129) in multiple protocol parser compone
|
| 28 |
CVE-2025-55267
HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allow
|
| 28 |
CVE-2024-13785
The The Contact Form, Survey, Quiz & Popup Form Builder - ARForms plugin for Wor
|
| 28 |
CVE-2026-4349
A vulnerability was determined in Duende IdentityServer 4. The affected element
|
| 28 |
CVE-2026-33412
Vim is an open source, command line text editor. Prior to version 9.2.0202, a co
|
| 28 |
CVE-2026-40190
LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform.
|
| 28 |
CVE-2026-2414
Authorization bypass through User-Controlled key vulnerability in HYPR Server al
|
| 28 |
CVE-2026-5271
pymanager included the current working directory in sys.path meaning modules cou
|
| 28 |
CVE-2025-62845
An improper neutralization of escape, meta, or control sequences vulnerability h
|
| 28 |
CVE-2026-5673
A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability
|
| 28 |
CVE-2026-34943
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0
|
| 28 |
CVE-2025-7024
Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA Connectivity Ser
|
| 28 |
CVE-2026-34867
Double free vulnerability in the multi-mode input system.
Impact: Successful exp
|
| 28 |
CVE-2025-52638
HCL AION is affected by a vulnerability where container base images are not prop
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 731d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2299d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2112d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1725d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2229d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4976d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1197d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 998d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3753d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 900d |