Total CVEs
5736
last 30 days
Avg Priority
34.0
of max 220
KEV
6
actively exploited
POC
775
public exploits
Unpatched
1588
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-5281
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had co
117
CVE-2026-33634
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publi
117
CVE-2026-33017
## Summary
The `POST /api/v1/build_public_tmp/{flow_id}/flow` endpoint allows building public flows
117
CVE-2026-3055
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP l
109
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An
Priority Distribution
| Priority | CVE |
|---|---|
| 39 |
CVE-2026-4222
A vulnerability was determined in SSCMS up to 7.4.0. This vulnerability affects
|
| 39 |
CVE-2026-32897
OpenClaw versions prior to 2026.2.22 reuse gateway.auth.token as a fallback hash
|
| 39 |
CVE-2026-4588
A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the functio
|
| 39 |
CVE-2026-32067
OpenClaw versions prior to 2026.2.26 contains an authorization bypass vulnerabil
|
| 39 |
CVE-2026-32050
OpenClaw versions prior to 2026.2.25 contain an access control vulnerability in
|
| 39 |
CVE-2026-4115
A vulnerability was detected in PuTTY 0.83. Affected is the function eddsa_verif
|
| 38 |
CVE-2026-4239
A vulnerability was found in Lagom WHMCS Template up to 2.3.7. Impacted is an un
|
| 38 |
CVE-2026-4166
A vulnerability was found in Wavlink WL-NU516U1 240425. The impacted element is
|
| 38 |
CVE-2026-4186
A vulnerability was determined in UEditor up to 1.4.3.2. This issue affects some
|
| 38 |
CVE-2026-4494
A vulnerability was identified in atjiu pybbs 6.0.0. This affects the function c
|
| 38 |
CVE-2026-4495
A security flaw has been discovered in atjiu pybbs 6.0.0. This impacts the funct
|
| 37 |
CVE-2026-4539
A security flaw has been discovered in pygments up to 2.19.2. The impacted eleme
|
| 37 |
CVE-2026-4174
A vulnerability has been found in Radare2 5.9.9. This issue affects the function
|
| 37 |
CVE-2026-4219
A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF A
|
| 37 |
CVE-2026-21716
An incomplete fix for CVE-2024-36137 leaves `FileHandle.chmod()` and `FileHandle
|
| 36 |
CVE-2026-4590
A security flaw has been discovered in kalcaddle kodbox 1.64. The impacted eleme
|
| 36 |
CVE-2026-4584
A flaw has been found in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. This affe
|
| 33 |
CVE-2026-32058
OpenClaw versions prior to 2026.2.26 contain an approval context-binding weaknes
|
| 33 |
CVE-2026-4218
A vulnerability was detected in myAEDES App up to 1.18.4 on Android. Affected is
|
| 33 |
CVE-2026-4242
A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up t
|
| 33 |
CVE-2026-4250
A vulnerability was found in Albert Sağlık Hizmetleri ve Ticaret Albert Health u
|
| 33 |
CVE-2026-4217
A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on An
|
| 33 |
CVE-2026-4251
A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Aff
|
| 33 |
CVE-2026-4541
A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknow
|
| 32 |
CVE-2026-4544
A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unk
|
| 32 |
CVE-2026-4356
A flaw has been found in itsourcecode University Management System 1.0. Affected
|
| 32 |
CVE-2026-4577
A vulnerability was found in code-projects Exam Form Submission 1.0. The affecte
|
| 32 |
CVE-2026-4576
A vulnerability has been found in code-projects Exam Form Submission 1.0. Impact
|
| 32 |
CVE-2026-4578
A vulnerability was determined in code-projects Exam Form Submission 1.0. The im
|
| 32 |
CVE-2026-4168
A vulnerability was identified in Tecnick TCExam 16.5.0. This impacts an unknown
|
| 32 |
CVE-2026-4575
A flaw has been found in code-projects Exam Form Submission 1.0. This issue affe
|
| 32 |
CVE-2026-4595
A vulnerability was determined in code-projects Exam Form Submission 1.0. This v
|
| 32 |
CVE-2026-4225
A security flaw has been discovered in CMS Made Simple up to 2.2.21. Impacted is
|
| 32 |
CVE-2026-4958
A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the functio
|
| 31 |
CVE-2026-6000
A vulnerability was found in code-projects Online Library Management System 1.0.
|
| 31 |
CVE-2026-5847
A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impa
|
| 30 |
CVE-2026-5960
A weakness has been identified in code-projects Patient Record Management System
|
| 30 |
CVE-2026-5420
A security flaw has been discovered in Shinrays Games Goods Triple App up to 1.2
|
| 30 |
CVE-2026-5310
A vulnerability was identified in Enter Software Iperius Backup up to 8.7.2. Thi
|
| 30 |
CVE-2026-4823
A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by
|
| 30 |
CVE-2026-4993
A vulnerability has been found in wandb OpenUI up to 0.0.0.0/1.0. This impacts a
|
| 30 |
CVE-2026-5452
A flaw has been found in UCC CampusConnect App up to 14.3.5 on Android. This vul
|
| 30 |
CVE-2026-5453
A vulnerability has been found in Rico só vantagem pra investir App up to 4.58.3
|
| 30 |
CVE-2026-5456
A vulnerability was identified in Align Technology My Invisalign App 3.12.4 on A
|
| 30 |
CVE-2026-5457
A security flaw has been discovered in PropertyGuru AgentNet Singapore App up to
|
| 30 |
CVE-2026-5458
A weakness has been identified in Noelse Individuals & Pro App up to 2.1.7 on An
|
| 30 |
CVE-2026-5471
A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on
|
| 30 |
CVE-2026-5462
A vulnerability was identified in Wahoo Fitness SYSTM App up to 7.2.1 on Android
|
| 30 |
CVE-2026-5454
A vulnerability was found in GRID Organiser App up to 1.0.5 on Android. Impacted
|
| 30 |
CVE-2026-5455
A vulnerability was determined in Dialogue App up to 4.3.2 on Android. The affec
|
| 19 |
CVE-2026-27860
If auth_username_chars is empty, it is possible to inject arbitrary LDAP filter
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 730d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2298d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2111d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1725d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2228d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4975d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1196d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 998d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3752d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 900d |