Total CVEs
6152
last 30 days
Avg Priority
31.3
of max 220
KEV
14
actively exploited
POC
495
public exploits
Unpatched
941
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
136
CVE-2026-0300
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service o
133
CVE-2026-41940
cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, an
131
CVE-2026-6973
An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows
131
CVE-2026-42897
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Ex
127
CVE-2026-20182
May 2026: This security advisory provides the details and fix information for a vulnerability that w
126
CVE-2026-41091
Improper link resolution before file access ('link following') in Microsoft Defender allows an autho
120
CVE-2026-48172
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp
118
CVE-2026-45321
## Summary
On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 4
117
CVE-2026-42208
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1
117
CVE-2026-8398
A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows v
Priority Distribution
| Priority | CVE |
|---|---|
| 35 |
CVE-2026-20754
Improper conditions check in some firmware for some Intel(R) NPU Drivers within
|
| 35 |
CVE-2025-48521
Improper input validation in the AMD Secure Processor (ASP) PCI driver could all
|
| 35 |
CVE-2025-0045
Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow
|
| 35 |
CVE-2025-48520
An improper input validation vulnerability within the AMD Platform Management Fr
|
| 35 |
CVE-2026-3291
Samsung Print Service Plugin for Android is potentially vulnerable to informatio
|
| 35 |
CVE-2025-48513
Use of uninitialized resource within the AMD Platform Management Framework (PMF)
|
| 35 |
CVE-2026-20771
Null pointer dereference for some Intel(R) QAT software drivers for Windows befo
|
| 35 |
CVE-2025-48516
Insecure default configuration state of DDR5 memory module by AGESA Bootloader F
|
| 35 |
CVE-2026-34961
barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities i
|
| 35 |
CVE-2026-23679
libusb before version 1.0.30 contains a NULL pointer dereference vulnerability t
|
| 35 |
CVE-2026-34962
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in
|
| 35 |
CVE-2026-45413
MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, user passwo
|
| 35 |
CVE-2026-45222
Summarize versions through 0.14.1, fixed in commit 0cfb0fb, creates the daemon c
|
| 35 |
CVE-2026-21023
Insufficient verification of data authenticity in PackageManagerService prior to
|
| 34 |
CVE-2026-48245
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables
|
| 34 |
CVE-2026-42598
Pode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Si
|
| 34 |
CVE-2026-49129
Music Player Daemon (MPD) before version 0.24.11 contains a server-side request
|
| 34 |
CVE-2026-45557
Technitium DNS Server aggressively tries to fetch missing RRSIG records or misma
|
| 34 |
CVE-2026-48244
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settin
|
| 34 |
CVE-2026-41954
Sensitive information disclosure vulnerability exists in the undisclosed iContro
|
| 34 |
CVE-2026-41585
ZEBRA is a Zcash node written entirely in Rust. From zebrad versions 2.2.0 to be
|
| 34 |
CVE-2026-49130
Music Player Daemon (MPD) before version 0.24.11 contains a CRLF injection vulne
|
| 34 |
CVE-2026-42063
A vulnerability exists in iControl SOAP where an authenticated attacker with the
|
| 34 |
CVE-2026-48735
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an att
|
| 34 |
CVE-2026-48243
Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API
|
| 34 |
CVE-2026-24464
When running in Appliance mode, a directory traversal vulnerability exists in an
|
| 34 |
CVE-2026-41931
Vvveb before version 1.0.8.2 contains an information disclosure vulnerability th
|
| 34 |
CVE-2026-41933
Vvveb before 1.0.8.3 contains a directory listing information disclosure vulnera
|
| 34 |
CVE-2026-47136
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta
|
| 34 |
CVE-2026-25107
ELECOM wireless LAN access point devices use a hard-coded cryptographic key when
|
| 34 |
CVE-2026-44378
Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefi
|
| 34 |
CVE-2026-44720
### Overview
A critical authentication vulnerability was identified in OpenLear
|
| 34 |
CVE-2026-42780
A directory traversal vulnerability exists in BIG-IP SSL Orchestrator that allow
|
| 34 |
CVE-2026-40435
When configured, IP-based access restrictions for httpd do not cover all endpoin
|
| 34 |
CVE-2026-9053
Mothra would respect a default value given by a website for HTML file upload for
|
| 34 |
CVE-2026-4391
A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. T
|
| 34 |
CVE-2026-40460
When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC modul
|
| 34 |
CVE-2026-4392
A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affe
|
| 34 |
CVE-2026-39311
Trilium Notes is a cross-platform, hierarchical note taking application focused
|
| 34 |
CVE-2026-35593
Trilium Notes is an open-source, cross-platform hierarchical note taking applica
|
| 34 |
CVE-2026-45585
Microsoft is aware of a security feature bypass vulnerability in Windows publicl
|
| 34 |
CVE-2026-37982
A flaw was found in Keycloak. This authentication vulnerability allows a remote
|
| 34 |
CVE-2026-8080
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
|
| 34 |
CVE-2026-43901
## Description
### Impact
`wireshark-mcp` exposes a `wireshark_export_objects`
|
| 34 |
CVE-2026-41671
## Summary
The OIDC token introspection endpoint (`/modules/sso/index.php/oidc/
|
| 34 |
CVE-2026-36738
U-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Incor
|
| 34 |
CVE-2026-43875
## Summary
`plugin/MobileManager/oauth2.php` completes an OAuth login by sendin
|
| 34 |
CVE-2026-45025
WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3,
|
| 34 |
CVE-2026-45026
WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3,
|
| 34 |
CVE-2026-4630
A flaw was found in Keycloak. An authenticated client could exploit an Insecure
|
| 34 |
CVE-2026-43911
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, r
|
| 34 |
CVE-2026-42194
### Summary
The incomplete SSRF fix in Admidio's `fetch_metadata.php` validates
|
| 34 |
CVE-2026-42291
SysReptor is a fully customizable pentest reporting platform. From version 2026.
|
| 34 |
CVE-2026-6863
Velociraptor versions prior to 0.76.4 contain a cross organization authorization
|
| 34 |
CVE-2026-1749
There is an Access Control Vulnerability in some HikCentral Professional version
|
| 34 |
CVE-2026-45224
Crabbox before 0.9.0 contains a path traversal vulnerability in the Islo provide
|
| 34 |
CVE-2026-43616
Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows
|
| 34 |
CVE-2026-42586
# Security Vulnerability Report: CRLF Injection in Netty Redis Codec Encoder
##
|
| 34 |
CVE-2026-42312
### Summary
The `set_config_value()` API method (`@permission(Perms.SETTINGS)`)
|
| 34 |
CVE-2026-40951
CVE-2026-40951 is a memory corruption vulnerability on Secure Access
Windows cl
|
| 34 |
CVE-2026-21018
Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local p
|
| 34 |
CVE-2025-35979
Exposure of sensitive information caused by shared microarchitectural predictor
|
| 34 |
CVE-2026-20881
Divide by zero for some Intel(R) QAT software drivers for Windows before version
|
| 34 |
CVE-2025-29944
A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a
|
| 34 |
CVE-2026-2810
Netskope was notified about a potential gap in the Endpoint DLP Module for Netsk
|
| 34 |
CVE-2025-27723
Use after free for some Linux kernel driver for the Intel(R) Ethernet 800 series
|
| 34 |
CVE-2025-36510
Improper buffer restrictions for some Display Virtualization for Windows OS driv
|
| 34 |
CVE-2026-20914
Null pointer dereference for some Intel(R) QAT software drivers for Windows befo
|
| 34 |
CVE-2026-40949
CVE-2026-40949 is a buffer overflow vulnerability in the Secure Access
Windows
|
| 34 |
CVE-2026-9490
A security vulnerability has been identified in Acer Care Center where the ACCSv
|
| 34 |
CVE-2026-0205
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker
|
| 34 |
CVE-2026-21015
Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 a
|
| 34 |
CVE-2026-41704
AgentClient#handle_method (lines 264-303) processes every NATS reply. It calls i
|
| 34 |
CVE-2026-41970
Out-of-bounds write vulnerability in the distributed file system module. Impact:
|
| 34 |
CVE-2026-44305
## Description
### Overview
When LDAP TLS is enabled (`LDAP_USE_TLS = True`),
|
| 34 |
CVE-2026-33603
Attacker can use a specially crafted base64 exchange between Dovecot and Client
|
| 34 |
CVE-2026-6332
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that co
|
| 34 |
CVE-2026-31893
Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In ve
|
| 34 |
CVE-2026-3508
An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control
|
| 34 |
CVE-2026-42000
Insufficient Validation of Names During AXFR
|
| 34 |
CVE-2026-46678
## Summary
When an application using Pydantic AI opts a URL into `force_downloa
|
| 34 |
CVE-2026-44247
### Impact
The Volcano webhook server does not enforce a size limit on incoming
|
| 34 |
CVE-2026-45246
Summarize prior to 0.15.1 contains an insecure file permission vulnerability in
|
| 34 |
CVE-2026-9802
A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persis
|
| 34 |
CVE-2026-20171
A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as featu
|
| 34 |
CVE-2026-45078
### Impact
Local authenticated users can cause Synapse to starve other requests
|
| 34 |
CVE-2025-4397
Medtronic MyCareLink Patient Monitor uses per-product credentials that are store
|
| 34 |
CVE-2026-6008
Authorization bypass through User-Controlled key vulnerability in Im Park Inform
|
| 34 |
CVE-2026-41119
Dell Live Optics Windows and Personal Edition collectors contain an improper cer
|
| 34 |
CVE-2026-36742
Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 776d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2344d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2157d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1771d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2274d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 5021d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1242d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1044d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3799d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 946d |