Total CVEs
5705
last 30 days
Avg Priority
34.0
of max 220
KEV
6
actively exploited
POC
783
public exploits
Unpatched
1571
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-5281
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had co
117
CVE-2026-33634
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publi
117
CVE-2026-33017
## Summary
The `POST /api/v1/build_public_tmp/{flow_id}/flow` endpoint allows building public flows
117
CVE-2026-3055
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP l
109
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An
Priority Distribution
| Priority | CVE |
|---|---|
| 49 |
CVE-2026-4554
A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element
|
| 49 |
CVE-2026-5153
A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the functio
|
| 49 |
CVE-2026-3300
The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Executio
|
| 49 |
CVE-2026-3584
The Kali Forms plugin for WordPress is vulnerable to Remote Code Execution in al
|
| 49 |
CVE-2026-4257
The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side
|
| 49 |
CVE-2026-26832
node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tessera
|
| 49 |
CVE-2026-1830
The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution
|
| 49 |
CVE-2026-20160
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allo
|
| 49 |
CVE-2026-30313
DSAI-Cline's command auto-approval module contains a critical OS command injecti
|
| 49 |
CVE-2026-30312
DSAI-Cline's command auto-approval module contains a critical OS command injecti
|
| 49 |
CVE-2026-31027
TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAp
|
| 49 |
CVE-2026-28430
Chamilo LMS is a learning management system. Prior to version 1.11.34, there is
|
| 49 |
CVE-2026-4001
The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to
|
| 49 |
CVE-2026-30307
Roo Code's command auto-approval module contains a critical OS command injection
|
| 49 |
CVE-2026-30305
Syntx's command auto-approval module contains a critical OS command injection vu
|
| 49 |
CVE-2026-30314
Ridvay Code's command auto-approval module contains a critical OS command inject
|
| 49 |
CVE-2026-30311
Ridvay Code's command auto-approval module contains a critical OS command inject
|
| 49 |
CVE-2026-34159
llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492
|
| 49 |
CVE-2026-4312
GCB/FCB Audit Software developed by DrangSoft has a Missing Authentication vulne
|
| 49 |
CVE-2026-27065
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
|
| 49 |
CVE-2026-30703
A command injection vulnerability exists in the web management interface of the
|
| 49 |
CVE-2025-69902
A command injection vulnerability in the minimal_wrapper.py component of kubectl
|
| 49 |
CVE-2026-0558
A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows un
|
| 49 |
CVE-2026-32968
Due to the improper neutralisation of special elements used in an OS command, an
|
| 49 |
CVE-2026-32194
Improper neutralization of special elements used in a command ('command injectio
|
| 49 |
CVE-2026-32191
Improper neutralization of special elements used in an os command ('os command i
|
| 49 |
CVE-2026-26833
thumbler through 1.1.2 allows OS command injection via the input, output, time,
|
| 49 |
CVE-2025-67113
OS command injection in the CWMP client (/ftl/bin/cwmp) of Small Cell Sercomm SC
|
| 49 |
CVE-2026-4631
Cockpit's remote login feature passes user-supplied hostnames and usernames from
|
| 49 |
CVE-2026-30872
OpenWrt Project is a Linux operating system targeting embedded devices. In versi
|
| 49 |
CVE-2026-6057
FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability
|
| 49 |
CVE-2026-26831
textract through 2.5.0 is vulnerable to OS Command Injection via the file path p
|
| 49 |
CVE-2026-4851
GRID::Machine versions through 0.127 for Perl allows arbitrary code execution vi
|
| 49 |
CVE-2026-0740
The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary f
|
| 49 |
CVE-2026-30643
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code vi
|
| 49 |
CVE-2025-67114
Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Sm
|
| 49 |
CVE-2026-33746
Convoy is a KVM server management panel for hosting businesses. From version 3.9
|
| 49 |
CVE-2026-34877
An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4
|
| 49 |
CVE-2026-22738
In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a
|
| 49 |
CVE-2026-35392
### Summary
* PUT upload has no path sanitization | `httpserver/updown.go:20-69`
|
| 49 |
CVE-2026-35471
### Summary
* `deleteFile()` missing return after path traversal check | `httpse
|
| 49 |
CVE-2026-35393
### Summary
* POST multipart upload directory not sanitized | `httpserver/updown
|
| 49 |
CVE-2026-4755
CWE-20 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects An
|
| 49 |
CVE-2026-33670
### Details
The /api/file/readDir interface was used to traverse and retrieve t
|
| 49 |
CVE-2026-30694
An issue in DedeCMS v.5.7.118 and before allows a remote attacker to execute arb
|
| 49 |
CVE-2026-4038
The Aimogen Pro plugin for WordPress is vulnerable to Arbitrary Function Call th
|
| 49 |
CVE-2026-5121
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerabi
|
| 49 |
CVE-2026-33032
### Summary
The nginx-ui MCP (Model Context Protocol) integration exposes two HT
|
| 49 |
CVE-2025-59706
In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request p
|
| 49 |
CVE-2025-59707
In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential remote code execu
|
| 49 |
CVE-2026-28858
A buffer overflow was addressed with improved bounds checking. This issue is fix
|
| 49 |
CVE-2025-70888
An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote a
|
| 49 |
CVE-2026-34934
## Summary
The `get_all_user_threads` function constructs raw SQL queries using
|
| 49 |
CVE-2025-67112
Use of a hard-coded AES-256-CBC key in the configuration backup/restore implemen
|
| 49 |
CVE-2026-32767
## Summary
SiYuan Note v3.6.0 (and likely prior versions) contains an authoriza
|
| 49 |
CVE-2026-4254
A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerabilit
|
| 49 |
CVE-2026-1114
In parisneo/lollms version 2.1.0, the application's session management is vulner
|
| 49 |
CVE-2026-33669
### Details
Document IDs were retrieved via the /api/file/readDir interface, an
|
| 49 |
CVE-2026-21994
Vulnerability in the Oracle Edge Cloud Infrastructure Designer and Visualisation
|
| 49 |
CVE-2026-34875
An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buf
|
| 49 |
CVE-2026-21413
A heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw
|
| 49 |
CVE-2026-20889
A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functi
|
| 49 |
CVE-2026-20911
A heap-based buffer overflow vulnerability exists in the HuffTable::initval func
|
| 49 |
CVE-2026-32945
PJSIP is a free and open source multimedia communication library written in C. V
|
| 49 |
CVE-2025-60237
Deserialization of Untrusted Data vulnerability in Themeton Finag allows Object
|
| 49 |
CVE-2026-32038
OpenClaw before 2026.2.24 contains a sandbox network isolation bypass vulnerabil
|
| 49 |
CVE-2025-60233
Deserialization of Untrusted Data vulnerability in Themeton Zuut allows Object I
|
| 49 |
CVE-2026-27542
Incorrect Privilege Assignment vulnerability in Rymera Web Co Pty Ltd. Woocommer
|
| 49 |
CVE-2026-31059
A remote command execution (RCE) vulnerability in the /goform/formDia component
|
| 49 |
CVE-2026-25449
Deserialization of Untrusted Data vulnerability in Shinetheme Traveler allows Ob
|
| 49 |
CVE-2026-31271
megagao production_ssm v1.0 contains an authorization bypass vulnerability in th
|
| 49 |
CVE-2026-31946
OpenOlat is an open source web-based e-learning platform for teaching, learning,
|
| 49 |
CVE-2025-69809
A write-what-where condition in p2r3 Bareiron commit 8e4d40 allows unauthenticat
|
| 49 |
CVE-2025-62319
Boolean-Based SQL Injection is a type of blind SQL injection where an attacker m
|
| 49 |
CVE-2026-20093
A vulnerability in the change password functionality of Cisco Integrated Managem
|
| 49 |
CVE-2026-32714
SciTokens is a reference library for generating and using SciTokens. Prior to ve
|
| 49 |
CVE-2026-0968
A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol
|
| 49 |
CVE-2026-30702
The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken a
|
| 49 |
CVE-2026-4691
Use-after-free in the CSS Parsing and Computation component. This vulnerability
|
| 49 |
CVE-2026-33195
### Impact
Active Storage's `DiskService#path_for` does not validate that the re
|
| 49 |
CVE-2026-33816
Memory-safety vulnerability in github.com/jackc/pgx/v5.
|
| 49 |
CVE-2026-25029
Deserialization of Untrusted Data vulnerability in park_of_ideas KIDZ kidz allow
|
| 49 |
CVE-2026-25035
Authentication Bypass Using an Alternate Path or Channel vulnerability in Wasili
|
| 49 |
CVE-2026-27082
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory
|
| 49 |
CVE-2026-27095
Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Boo
|
| 49 |
CVE-2026-27083
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Compan
|
| 49 |
CVE-2026-30079
In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state
|
| 49 |
CVE-2026-27049
Authentication Bypass Using an Alternate Path or Channel vulnerability in NooThe
|
| 49 |
CVE-2026-27084
Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allo
|
| 49 |
CVE-2026-32502
Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgho
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 730d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2298d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2111d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1725d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2228d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4976d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1196d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 998d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3753d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 900d |