Skip to main content

Security Dashboard

7d 14d 30d 90d
Total CVEs
6202
last 30 days
Avg Priority
31.3
of max 220
KEV
14
actively exploited
POC
495
public exploits
Unpatched
938
CRIT/HIGH without patch
How is Priority Score calculated?

Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:

KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low 40-80 Medium 80-120 High 120+ Critical

Patch Now — Known Exploited Vulnerabilities

136
CVE-2026-0300
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service o
CRITICAL
133
CVE-2026-41940
cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, an
CRITICAL
131
CVE-2026-6973
An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows 
HIGH
131
CVE-2026-42897
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Ex
HIGH
127
CVE-2026-20182
May 2026: This security advisory provides the details and fix information for a vulnerability that w
CRITICAL
126
CVE-2026-41091
Improper link resolution before file access ('link following') in Microsoft Defender allows an autho
HIGH
120
CVE-2026-48172
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp
CRITICAL
118
CVE-2026-45321
## Summary On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 4
CRITICAL
117
CVE-2026-42208
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1
CRITICAL
117
CVE-2026-8398
A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows v
CRITICAL

Priority Distribution

CRITICAL HIGH MEDIUM LOW KEV Only POC Only Unpatched CRIT/HIGH
Priority CVE
57 CVE-2026-7675
A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to
57 CVE-2026-9346
A flaw has been found in Edimax EW-7438RPn up to 1.31. This impacts the function
57 CVE-2026-8775
A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2
57 CVE-2026-7420
A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-18053
57 CVE-2026-9348
A vulnerability was found in Edimax EW-7438RPn up to 1.31. Affected by this vuln
57 CVE-2026-7419
A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. Th
57 CVE-2026-7418
A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. Th
57 CVE-2026-7685
A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unkn
57 CVE-2026-7684
A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This
57 CVE-2026-8234
A security vulnerability has been detected in EFM ipTIME A8004T 14.18.2. This vu
57 CVE-2026-9360
A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this
57 CVE-2026-9344
A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The
57 CVE-2026-8776
A vulnerability has been found in Edimax BR-6428NS 1.10. This vulnerability affe
57 CVE-2026-7855
A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issu
57 CVE-2026-9294
A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is
57 CVE-2026-9295
A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the f
57 CVE-2026-7851
A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the fu
57 CVE-2026-7857
A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability
57 CVE-2026-7856
A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part
57 CVE-2026-8764
A security vulnerability has been detected in H3C Magic B3 up to 100R002. This a
56 CVE-2025-70103
Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to th
56 CVE-2026-31266
Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in th
56 CVE-2026-7833
A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerabilit
56 CVE-2026-38751
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulner
56 CVE-2026-6495
The Ajax Load More WordPress plugin before 7.8.4 does not sanitise and escape a
56 CVE-2026-46333
In the Linux kernel, the following vulnerability has been resolved: ptrace: sli
55 CVE-2026-8207
Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection v
55 CVE-2026-6860
A TCP client can perform a TLS handshake and present the server name extension w
54 CVE-2026-33741
EspoCRM is an open source customer relationship management application. Versions
53 CVE-2026-42220
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.
53 CVE-2026-5337
During the analysis, it was identified that authenticated attackers with Subscri
52 CVE-2026-41141
EspoCRM is an open source customer relationship management application. Prior to
52 CVE-2026-7832
A security flaw has been discovered in IObit Advanced SystemCare 19. This affect
51 CVE-2026-5776
The Email Encoder WordPress plugin before 2.4.7 does not escape email addresses
51 CVE-2026-44166
A pre-hijacking issue was discovered with the OAuth2 autolinking by [Alardiians]
50 CVE-2026-41950
Dify before version 1.14.0 contains an authorization bypass vulnerability that a
50 CVE-2026-6815
An arbitrary file write vulnerability exists in Casdoor's Local File System stor
49 CVE-2026-7567
The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass
49 CVE-2026-7385
The Decent Comments WordPress plugin before 3.0.2 does not restrict access to co
49 CVE-2026-7593
A security vulnerability has been detected in Sunwood-ai-labs command-executor-m
49 CVE-2026-7812
A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391
49 CVE-2026-7785
A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94
49 CVE-2026-7698
A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.
49 CVE-2026-9367
A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f1948
48 CVE-2026-7446
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects
48 CVE-2026-7443
A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0.4. Affecte
48 CVE-2026-42048
## Summary Langflow is vulnerable to Path Traversal in the Knowledge Bases API (
48 CVE-2026-7416
A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affec
48 CVE-2026-8305
A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element i
48 CVE-2026-7633
A vulnerability was identified in Totolink N300RH 6.1c.1353_B20190305. This impa
48 CVE-2026-7723
A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown
48 CVE-2026-7630
A vulnerability has been found in innocommerce InnoShop up to 0.7.8. The affecte
48 CVE-2026-7714
A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affec
48 CVE-2026-8321
A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affect
48 CVE-2026-9351
A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.16
48 CVE-2026-7679
A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This im
48 CVE-2026-7722
A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the
48 CVE-2026-9368
A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. Thi
48 CVE-2026-8759
A vulnerability was identified in xiandafu beetl up to 3.20.2. Affected is an un
48 CVE-2026-8757
A vulnerability was found in adenhq hive up to 0.11.0. This affects the function
48 CVE-2026-7645
A vulnerability was found in ruvnet sublinear-time-solver 1.5.0. Affected by thi
48 CVE-2026-46383
Microsoft APM is an open-source, community-driven dependency manager for AI agen
48 CVE-2026-7703
A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impac
48 CVE-2026-8244
A vulnerability was identified in Industrial Application Software IAS Canias ERP
48 CVE-2026-8737
A weakness has been identified in Sanluan PublicCMS 5.202506.d. This issue affec
48 CVE-2026-8031
A vulnerability was detected in PicoTronica e-Clinic Healthcare System ECHS 5.7.
48 CVE-2026-7594
A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is th
48 CVE-2026-7810
A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b
48 CVE-2026-7788
A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028
48 CVE-2026-7811
A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d9363
48 CVE-2026-7579
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0.
48 CVE-2026-7417
A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function
48 CVE-2026-7733
A flaw has been found in funadmin up to 7.1.0-rc6. This affects the function Upl
48 CVE-2026-9353
A security vulnerability has been detected in NousResearch hermes-agent up to 20
48 CVE-2026-9354
A vulnerability was detected in NousResearch hermes-agent up to 2026.4.16. The a
48 CVE-2026-7505
A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. Th
48 CVE-2026-8115
A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4.
48 CVE-2026-9366
A vulnerability was found in NousResearch hermes-agent 2026.4.23. The impacted e
48 CVE-2026-8319
A weakness has been identified in aiwaves-cn agents up to e8c4e3c2d19739d3dff59e
48 CVE-2026-8318
A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c67
48 CVE-2026-7536
A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affect
48 CVE-2026-8225
A vulnerability was identified in Open5GS up to 2.7.7. This affects the function
48 CVE-2026-8226
A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability a
48 CVE-2026-9372
A flaw has been found in ItzCrazyKns Vane up to 1.12.1. This vulnerability affec
48 CVE-2026-7468
A security vulnerability has been detected in 1024-lab smart-admin up to 3.30.0.
48 CVE-2026-8738
A security vulnerability has been detected in Sanluan PublicCMS 5.202506.d. Impa
48 CVE-2026-7668
A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability a
48 CVE-2026-7681
A security vulnerability has been detected in jsbroks COCO Annotator up to 0.11.
48 CVE-2026-8758
A vulnerability was determined in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This
48 CVE-2026-9350
A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. Thi

Oldest Unpatched Critical/High CVEs

CVE Severity CVSS Priority Days Open
CVE-2024-3400 CRITICAL 10.0 224 776d
CVE-2019-19781 CRITICAL 9.8 223 2344d
CVE-2020-5902 CRITICAL 9.8 223 2157d
CVE-2021-35464 CRITICAL 9.8 223 1771d
CVE-2020-10189 CRITICAL 9.8 223 2274d
CVE-2012-4681 CRITICAL 9.8 223 5021d
CVE-2022-42475 CRITICAL 9.8 223 1242d
CVE-2023-3519 CRITICAL 9.8 223 1044d
CVE-2015-7450 CRITICAL 9.8 222 3798d
CVE-2023-34048 CRITICAL 9.8 222 946d
Prev 2 / 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy