Total CVEs
6138
last 30 days
Avg Priority
35.1
of max 220
KEV
8
actively exploited
POC
753
public exploits
Unpatched
1232
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-5281
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had co
118
CVE-2026-34621
Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Control
117
CVE-2026-33634
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publi
117
CVE-2026-3055
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP l
114
CVE-2026-34197
Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability i
109
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An
109
CVE-2026-32201
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform
Priority Distribution
| Priority | CVE |
|---|---|
| 39 |
CVE-2026-3991
Symantec Data Loss Prevention Windows Endpoint, prior to 25.1 MP1, 16.1 MP2, 16.
|
| 39 |
CVE-2026-40176
### Impact
The `Perforce::generateP4Command()` method constructed shell commands
|
| 39 |
CVE-2026-3775
The application's update service, when checking for updates, loads certain syste
|
| 39 |
CVE-2026-27806
## Summary
The Orbit agent's FileVault disk encryption key rotation flow on col
|
| 39 |
CVE-2026-5397
It has been identified that a vulnerability (CWE-427) exists in the UPS (Uninter
|
| 39 |
CVE-2026-30874
OpenWrt Project is a Linux operating system targeting embedded devices. In versi
|
| 39 |
CVE-2025-14821
A flaw was found in libssh. This vulnerability allows local man-in-the-middle at
|
| 39 |
CVE-2026-25203
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalat
|
| 39 |
CVE-2026-27310
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer O
|
| 39 |
CVE-2026-27312
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer O
|
| 39 |
CVE-2026-27311
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer O
|
| 39 |
CVE-2026-21371
Memory Corruption when retrieving output buffer with insufficient size validatio
|
| 39 |
CVE-2026-21376
Memory Corruption when accessing an output buffer without validating its size du
|
| 39 |
CVE-2025-47391
Memory corruption while processing a frame request from user.
|
| 39 |
CVE-2026-21374
Memory Corruption when processing auxiliary sensor input/output control commands
|
| 39 |
CVE-2025-47390
Memory corruption while preprocessing IOCTL request in JPEG driver.
|
| 39 |
CVE-2026-21372
Memory Corruption when sending IOCTL requests with invalid buffer sizes during m
|
| 39 |
CVE-2025-47389
Memory corruption when buffer copy operation fails due to integer overflow durin
|
| 39 |
CVE-2026-22619
Eaton Intelligent Power Protector (IPP) is affected by insecure library loading
|
| 39 |
CVE-2026-5726
ASDA-Soft Stack-based Buffer Overflow Vulnerability
|
| 39 |
CVE-2025-36568
Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7
|
| 39 |
CVE-2026-1995
IDrive’s id_service.exe process runs with elevated privileges and regularly read
|
| 39 |
CVE-2026-40516
OpenHarness before commit bd4df81 contains a server-side request forgery vulnera
|
| 39 |
CVE-2026-32907
OpenClaw before 2026.2.19 contains a local command injection vulnerability in Wi
|
| 39 |
CVE-2026-34172
## Summary
`ChatWorkflow.chat(message)` passes its string argument directly as
|
| 39 |
CVE-2026-32271
Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through
|
| 39 |
CVE-2026-20125
A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS X
|
| 39 |
CVE-2026-33935
MyTube is a self-hosted downloader and player for several video websites Prior t
|
| 39 |
CVE-2026-29141
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass
|
| 39 |
CVE-2026-34200
Nhost is an open source Firebase alternative with GraphQL. Prior to version 1.41
|
| 39 |
CVE-2026-5709
Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio
|
| 39 |
CVE-2026-32176
Improper neutralization of special elements used in an sql command ('sql injecti
|
| 39 |
CVE-2026-27913
Improper input validation in Windows BitLocker allows an unauthorized attacker t
|
| 39 |
CVE-2026-35650
OpenClaw before 2026.3.22 contains an environment variable override handling vul
|
| 39 |
CVE-2026-34619
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limi
|
| 39 |
CVE-2026-24031
Dovecot SQL based authentication can be bypassed when auth_username_chars is cle
|
| 39 |
CVE-2026-32167
Improper neutralization of special elements used in an sql command ('sql injecti
|
| 39 |
CVE-2026-32897
OpenClaw versions prior to 2026.2.22 reuse gateway.auth.token as a fallback hash
|
| 39 |
CVE-2026-33153
Tandoor Recipes is an application for managing recipes, planning meals, and buil
|
| 39 |
CVE-2025-15608
This vulnerability in AX53 v1 results from insufficient input sanitization in th
|
| 39 |
CVE-2026-23920
Host and event action script input is validated with a regex (set by the adminis
|
| 39 |
CVE-2026-4498
Execution with Unnecessary Privileges (CWE-250) in Kibana’s Fleet plugin debug r
|
| 39 |
CVE-2026-34041
## Summary
act unconditionally processes the deprecated `::set-env::` and `::ad
|
| 39 |
CVE-2026-40180
Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients
|
| 39 |
CVE-2026-35666
OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.r
|
| 39 |
CVE-2026-33544
### Summary
All three OAuth service implementations (`GenericOAuthService`, `Gi
|
| 39 |
CVE-2026-4588
A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the functio
|
| 39 |
CVE-2026-33530
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6,
|
| 39 |
CVE-2026-35187
## Vulnerability Details
**CWE-918**: Server-Side Request Forgery (SSRF)
The `
|
| 39 |
CVE-2026-34056
OpenEMR is a free and open source electronic health records and medical practice
|
| 39 |
CVE-2026-34936
### Summary
`passthrough()` and `apassthrough()` in `praisonai` accept a caller
|
| 39 |
CVE-2026-39843
Plane is an an open-source project management tool. From 0.28.0 to before 1.3.0,
|
| 39 |
CVE-2026-40150
PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, the web_crawl()
|
| 39 |
CVE-2026-29925
Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery
|
| 39 |
CVE-2026-39361
OpenObserve is a cloud-native observability platform. In 0.70.3 and earlier, the
|
| 39 |
CVE-2026-31945
LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 throug
|
| 39 |
CVE-2026-34746
Payload is a free and open source headless content management system. Prior to v
|
| 39 |
CVE-2026-33399
Wallos is an open-source, self-hostable personal subscription tracker. Prior to
|
| 39 |
CVE-2026-34163
FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, FastGPT's M
|
| 39 |
CVE-2026-33913
OpenEMR is a free and open source electronic health records and medical practice
|
| 39 |
CVE-2026-31941
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Ch
|
| 39 |
CVE-2026-22558
An Authenticated NoSQL Injection vulnerability found in UniFi Network Applicatio
|
| 39 |
CVE-2026-32067
OpenClaw versions prior to 2026.2.26 contains an authorization bypass vulnerabil
|
| 39 |
CVE-2026-32050
OpenClaw versions prior to 2026.2.25 contain an access control vulnerability in
|
| 39 |
CVE-2026-40188
goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, th
|
| 39 |
CVE-2026-29140
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause
|
| 39 |
CVE-2026-32252
Chartbrew is an open-source web application that can connect directly to databas
|
| 39 |
CVE-2026-24970
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
|
| 39 |
CVE-2026-24969
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
|
| 39 |
CVE-2026-34214
### Summary
Iceberg connector REST catalog static credentials (access key) or v
|
| 39 |
CVE-2026-34769
### Impact
An undocumented `commandLineSwitches` webPreference allowed arbitrary
|
| 39 |
CVE-2026-31851
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implem
|
| 39 |
CVE-2026-4368
Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configur
|
| 39 |
CVE-2026-32441
Missing Authorization vulnerability in WebToffee Comments Import & Export commen
|
| 39 |
CVE-2026-40683
In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert
|
| 39 |
CVE-2026-5190
Out-of-bounds write in the streaming decoder component in aws-c-event-stream bef
|
| 39 |
CVE-2026-35533
### Summary
`mise` loads trust-control settings from a local project `.mise.tom
|
| 39 |
CVE-2026-25835
Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Ra
|
| 39 |
CVE-2026-34242
Weblate is a web based localization tool. In versions prior to 5.17, the ZIP dow
|
| 39 |
CVE-2026-30463
Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnera
|
| 39 |
CVE-2024-51346
An issue in Eufy Homebase 2 version 3.3.4.1h allows a local attacker to obtain s
|
| 39 |
CVE-2026-4115
A vulnerability was detected in PuTTY 0.83. Affected is the function eddsa_verif
|
| 39 |
CVE-2026-34222
Open WebUI is a self-hosted artificial intelligence platform designed to operate
|
| 39 |
CVE-2019-25652
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contai
|
| 39 |
CVE-2026-34853
Permission bypass vulnerability in the LBS module.
Impact: Successful exploitati
|
| 38 |
CVE-2026-35409
### Summary
A Server-Side Request Forgery (SSRF) protection bypass has been iden
|
| 38 |
CVE-2026-32623
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based
|
| 38 |
CVE-2026-4760
From
Panorama Web HMI, an attacker can gain read access to certain Web HMI serve
|
| 38 |
CVE-2026-35446
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web app
|
| 38 |
CVE-2026-33461
Incorrect Authorization (CWE-863) in Kibana can lead to information disclosure v
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 735d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2303d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2116d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1730d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2233d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4980d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1201d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1003d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3757d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 905d |