Total CVEs
6027
last 30 days
Avg Priority
35.1
of max 220
KEV
8
actively exploited
POC
735
public exploits
Unpatched
1182
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-5281
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had co
118
CVE-2026-34621
Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Control
117
CVE-2026-33634
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publi
117
CVE-2026-3055
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP l
114
CVE-2026-34197
Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability i
109
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An
109
CVE-2026-32201
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform
Priority Distribution
| Priority | CVE |
|---|---|
| 10 |
CVE-2026-39388
OpenBao is an open source identity-based secrets management system. Prior to ver
|
| 10 |
CVE-2026-27949
Plane is an an open-source project management tool. Prior to 1.3.0, a vulnerabil
|
| 10 |
CVE-2026-27675
SAP Landscape Transformation contains a vulnerability in an RFC-exposed function
|
| 10 |
CVE-2026-5473
A vulnerability has been found in NASA cFS up to 7.0.0. The impacted element is
|
| 10 |
CVE-2026-32970
OpenClaw before 2026.3.11 contains a credential fallback vulnerability where una
|
| 10 |
CVE-2026-41330
OpenClaw before 2026.3.31 contains an environment variable override vulnerabilit
|
| 10 |
CVE-2026-0233
A certificate validation vulnerability in Palo Alto Networks Autonomous Digital
|
| 10 |
CVE-2026-34850
Race condition vulnerability in the notification service.
Impact: Successful exp
|
| 9 |
CVE-2026-32270
Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through
|
| 9 |
CVE-2026-34743
XZ Utils provide a general-purpose data-compression library plus command-line to
|
| 9 |
CVE-2026-27820
zlib is a Ruby interface for the zlib compression/decompression library. Version
|
| 9 |
CVE-2026-40072
web3.py allows you to interact with the Ethereum blockchain using Python. From 6
|
| 9 |
CVE-2026-34073
## Summary
In versions of cryptography prior to 46.0.5, DNS name constraints we
|
| 7 |
CVE-2026-33402
Sakai is a Collaboration and Learning Environment (CLE). In versions 23.0 throug
|
| 7 |
CVE-2025-12141
In Grafana's alerting system, users with edit permissions for a contact point, s
|
| 7 |
CVE-2026-33161
### Summary
A low-privileged authenticated user can call `assets/image-editor`
|
| 6 |
CVE-2026-33284
GlobaLeaks is free and open-source whistleblowing software. Prior to version 5.0
|
| 5 |
CVE-2026-34983
Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is
|
| 5 |
CVE-2026-40319
## Summary
The RegexMatching check in the `giskard-checks` package passes a user
|
| 3 |
CVE-2026-33525
### Impact
**Official Weighted Severity Rating:** Low
This exploit is very unl
|
| 0 |
CVE-2026-23279
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80
|
| 0 |
CVE-2025-66447
Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone c
|
| 0 |
CVE-2026-32493
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti
|
| 0 |
CVE-2026-39654
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti
|
| 0 |
CVE-2026-23307
In the Linux kernel, the following vulnerability has been resolved:
can: ems_us
|
| 0 |
CVE-2026-23357
In the Linux kernel, the following vulnerability has been resolved:
can: mcp251
|
| 0 |
CVE-2026-31412
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget
|
| 0 |
CVE-2026-23281
In the Linux kernel, the following vulnerability has been resolved:
wifi: liber
|
| 0 |
CVE-2026-23284
In the Linux kernel, the following vulnerability has been resolved:
net: ethern
|
| 0 |
CVE-2026-23286
In the Linux kernel, the following vulnerability has been resolved:
atm: lec: f
|
| 0 |
CVE-2026-23287
In the Linux kernel, the following vulnerability has been resolved:
irqchip/sif
|
| 0 |
CVE-2026-23289
In the Linux kernel, the following vulnerability has been resolved:
IB/mthca: A
|
| 0 |
CVE-2026-23290
In the Linux kernel, the following vulnerability has been resolved:
net: usb: p
|
| 0 |
CVE-2026-23291
In the Linux kernel, the following vulnerability has been resolved:
nfc: pn533:
|
| 0 |
CVE-2026-23292
In the Linux kernel, the following vulnerability has been resolved:
scsi: targe
|
| 0 |
CVE-2026-23293
In the Linux kernel, the following vulnerability has been resolved:
net: vxlan:
|
| 0 |
CVE-2026-23296
In the Linux kernel, the following vulnerability has been resolved:
scsi: core:
|
| 0 |
CVE-2026-23298
In the Linux kernel, the following vulnerability has been resolved:
can: ucan:
|
| 0 |
CVE-2026-23300
In the Linux kernel, the following vulnerability has been resolved:
net: ipv6:
|
| 0 |
CVE-2026-23303
In the Linux kernel, the following vulnerability has been resolved:
smb: client
|
| 0 |
CVE-2026-23304
In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix N
|
| 0 |
CVE-2026-23309
In the Linux kernel, the following vulnerability has been resolved:
tracing: Ad
|
| 0 |
CVE-2026-23312
In the Linux kernel, the following vulnerability has been resolved:
net: usb: k
|
| 0 |
CVE-2026-23315
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76:
|
| 0 |
CVE-2026-23318
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-a
|
| 0 |
CVE-2026-23319
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix a
|
| 0 |
CVE-2026-23321
In the Linux kernel, the following vulnerability has been resolved:
mptcp: pm:
|
| 0 |
CVE-2026-23324
In the Linux kernel, the following vulnerability has been resolved:
can: usb: e
|
| 0 |
CVE-2026-23335
In the Linux kernel, the following vulnerability has been resolved:
RDMA/irdma:
|
| 0 |
CVE-2026-23339
In the Linux kernel, the following vulnerability has been resolved:
nfc: nci: f
|
| 0 |
CVE-2026-23343
In the Linux kernel, the following vulnerability has been resolved:
xdp: produc
|
| 0 |
CVE-2026-23352
In the Linux kernel, the following vulnerability has been resolved:
x86/efi: de
|
| 0 |
CVE-2026-23356
In the Linux kernel, the following vulnerability has been resolved:
drbd: fix "
|
| 0 |
CVE-2026-23359
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix st
|
| 0 |
CVE-2026-23362
In the Linux kernel, the following vulnerability has been resolved:
can: bcm: f
|
| 0 |
CVE-2026-23365
In the Linux kernel, the following vulnerability has been resolved:
net: usb: k
|
| 0 |
CVE-2026-23367
In the Linux kernel, the following vulnerability has been resolved:
wifi: radio
|
| 0 |
CVE-2026-23368
In the Linux kernel, the following vulnerability has been resolved:
net: phy: r
|
| 0 |
CVE-2026-23370
In the Linux kernel, the following vulnerability has been resolved:
platform/x8
|
| 0 |
CVE-2026-23379
In the Linux kernel, the following vulnerability has been resolved:
net/sched:
|
| 0 |
CVE-2026-23381
In the Linux kernel, the following vulnerability has been resolved:
net: bridge
|
| 0 |
CVE-2026-23382
In the Linux kernel, the following vulnerability has been resolved:
HID: Add HI
|
| 0 |
CVE-2026-23388
In the Linux kernel, the following vulnerability has been resolved:
Squashfs: c
|
| 0 |
CVE-2026-23398
In the Linux kernel, the following vulnerability has been resolved:
icmp: fix N
|
| 0 |
CVE-2026-23397
In the Linux kernel, the following vulnerability has been resolved:
nfnetlink_o
|
| 0 |
CVE-2026-23396
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80
|
| 0 |
CVE-2026-23297
In the Linux kernel, the following vulnerability has been resolved:
nfsd: Fix c
|
| 0 |
CVE-2026-23360
In the Linux kernel, the following vulnerability has been resolved:
nvme: fix a
|
| 0 |
CVE-2026-23361
In the Linux kernel, the following vulnerability has been resolved:
PCI: dwc: e
|
| 0 |
CVE-2026-23327
In the Linux kernel, the following vulnerability has been resolved:
cxl/mbox: v
|
| 0 |
CVE-2026-23295
In the Linux kernel, the following vulnerability has been resolved:
accel/amdxd
|
| 0 |
CVE-2026-23363
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76:
|
| 0 |
CVE-2026-23285
In the Linux kernel, the following vulnerability has been resolved:
drbd: fix n
|
| 0 |
CVE-2026-23283
In the Linux kernel, the following vulnerability has been resolved:
regulator:
|
| 0 |
CVE-2026-23409
In the Linux kernel, the following vulnerability has been resolved:
apparmor: f
|
| 0 |
CVE-2026-23369
In the Linux kernel, the following vulnerability has been resolved:
i2c: i801:
|
| 0 |
CVE-2026-23405
In the Linux kernel, the following vulnerability has been resolved:
apparmor: f
|
| 0 |
CVE-2026-23371
In the Linux kernel, the following vulnerability has been resolved:
sched/deadl
|
| 0 |
CVE-2026-23373
In the Linux kernel, the following vulnerability has been resolved:
wifi: rsi:
|
| 0 |
CVE-2026-23374
In the Linux kernel, the following vulnerability has been resolved:
blktrace: f
|
| 0 |
CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved:
mm: thp: de
|
| 0 |
CVE-2026-23326
In the Linux kernel, the following vulnerability has been resolved:
xsk: Fix fr
|
| 0 |
CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76:
|
| 0 |
CVE-2026-23323
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (mac
|
| 0 |
CVE-2026-23377
In the Linux kernel, the following vulnerability has been resolved:
ice: change
|
| 0 |
CVE-2026-23404
In the Linux kernel, the following vulnerability has been resolved:
apparmor: r
|
| 0 |
CVE-2026-23380
In the Linux kernel, the following vulnerability has been resolved:
tracing: Fi
|
| 0 |
CVE-2026-23403
In the Linux kernel, the following vulnerability has been resolved:
apparmor: f
|
| 0 |
CVE-2026-23402
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86/mm
|
| 0 |
CVE-2026-23399
In the Linux kernel, the following vulnerability has been resolved:
nf_tables:
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 739d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2307d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2120d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1734d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2237d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4985d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1205d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1007d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3762d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 909d |