Total CVEs
6141
last 30 days
Avg Priority
31.2
of max 220
KEV
14
actively exploited
POC
492
public exploits
Unpatched
914
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
136
CVE-2026-0300
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service o
133
CVE-2026-41940
cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, an
131
CVE-2026-6973
An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows
131
CVE-2026-42897
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Ex
127
CVE-2026-20182
May 2026: This security advisory provides the details and fix information for a vulnerability that w
126
CVE-2026-41091
Improper link resolution before file access ('link following') in Microsoft Defender allows an autho
120
CVE-2026-48172
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp
118
CVE-2026-45321
## Summary
On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 4
117
CVE-2026-42208
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1
117
CVE-2026-8398
A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows v
Priority Distribution
| Priority | CVE |
|---|---|
| 136 |
CVE-2026-0300
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Capti
|
| 133 |
CVE-2026-41940
cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0
|
| 127 |
CVE-2026-20182
May 2026: This security advisory provides the details and fix information for a
|
| 120 |
CVE-2026-48172
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possi
|
| 118 |
CVE-2026-45321
## Summary
On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicio
|
| 117 |
CVE-2026-42208
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) fo
|
| 117 |
CVE-2026-8398
A supply chain attack compromised the official installation packages of DAEMON T
|
| 116 |
CVE-2026-48027
Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious ver
|
| 69 |
CVE-2026-24118
### Summary
VM2 suffers from a sandbox breakout vulnerability. This allows atta
|
| 69 |
CVE-2026-26956
vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerab
|
| 69 |
CVE-2026-24120
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix f
|
| 69 |
CVE-2026-31072
The JSONSerializer and CBORSerializer in APScheduler (all versions including 3.1
|
| 69 |
CVE-2026-45185
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable u
|
| 68 |
CVE-2026-6722
Pre-NVD disclosure via GitHub release 'PHP 8.2.31' (php/php-src). The PHP develo
|
| 67 |
CVE-2026-41922
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command in
|
| 67 |
CVE-2026-43944
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ft
|
| 67 |
CVE-2026-41923
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command in
|
| 67 |
CVE-2025-71284
Synway SMG Gateway Management Software contains an OS command injection vulnerab
|
| 67 |
CVE-2026-41925
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command in
|
| 67 |
CVE-2026-41926
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command in
|
| 67 |
CVE-2026-41924
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command in
|
| 67 |
CVE-2026-44643
Angular Expressions provides expressions for the Angular.JS web framework as a s
|
| 67 |
CVE-2026-41948
Dify version 1.14.1 and prior contain a path traversal vulnerability that allows
|
| 67 |
CVE-2026-41947
Dify version 1.14.1 and prior contains an authorization bypass vulnerability tha
|
| 66 |
CVE-2026-24444
SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 con
|
| 66 |
CVE-2026-42945
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_mo
|
| 66 |
CVE-2026-31071
API endpoints in LalanaChami Pharmacy Management System (commit 5c3d028) lack au
|
| 66 |
CVE-2026-45091
sealed-env is a cross-stack, zero-trust secret management library for Node.js an
|
| 55 |
CVE-2026-42826
Exposure of sensitive information to an unauthorized actor in Azure DevOps allow
|
| 55 |
CVE-2026-42898
Improper control of generation of code ('code injection') in Microsoft Dynamics
|
| 55 |
CVE-2026-33109
Improper access control in Azure Managed Instance for Apache Cassandra allows an
|
| 55 |
CVE-2026-42823
Improper access control in Azure Logic Apps allows an authorized attacker to ele
|
| 54 |
CVE-2026-41089
Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker
|
| 54 |
CVE-2026-4670
Authentication bypass by primary weakness vulnerability in Progress Software MOV
|
| 54 |
CVE-2026-41096
Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attac
|
| 53 |
CVE-2026-35428
Improper neutralization of special elements used in a command ('command injectio
|
| 53 |
CVE-2026-33823
Improper authorization in Microsoft Teams allows an authorized attacker to discl
|
| 52 |
CVE-2026-40379
Exposure of sensitive information to an unauthorized actor in Azure Entra ID all
|
| 52 |
CVE-2026-40402
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate pri
|
| 51 |
CVE-2026-41103
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for
|
| 51 |
CVE-2026-42833
Execution with unnecessary privileges in Microsoft Dynamics 365 (on-premises) al
|
| 51 |
CVE-2026-33117
Improper authentication in Azure SDK allows an unauthorized attacker to bypass a
|
| 50 |
CVE-2026-41553
PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to
|
| 50 |
CVE-2026-8054
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
|
| 50 |
CVE-2026-38360
Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 through v.0.
|
| 50 |
CVE-2026-2031
An Improper Access Control vulnerability in several internal API endpoints for G
|
| 50 |
CVE-2026-26015
DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before v
|
| 50 |
CVE-2026-40412
Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows a
|
| 50 |
CVE-2026-41104
Deserialization of untrusted data in Microsoft Planetary Computer Pro allows an
|
| 50 |
CVE-2026-42288
ChurchCRM is an open-source church management system. Prior to 7.3.2, The fix fo
|
| 50 |
CVE-2026-34234
CtrlPanel is open-source billing software for hosting providers. In versions 1.1
|
| 50 |
CVE-2026-37541
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.00
|
| 50 |
CVE-2026-6213
A vulnerability in Remote Spark SparkView before build 1122 allows an attacker t
|
| 50 |
CVE-2026-42369
GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surve
|
| 50 |
CVE-2026-45829
A pre-authentication, code injection vulnerability in version 1.0.0 or later of
|
| 50 |
CVE-2026-42298
Postiz is an AI social media scheduling tool. Prior to commit da44801, a "Pwn Re
|
| 50 |
CVE-2026-42869
SOCFortress CoPilot focuses on providing a single pane of glass for all your sec
|
| 50 |
CVE-2026-7411
In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequat
|
| 50 |
CVE-2026-8153
OS command injection in Dashboard Server interface in Universal Robots PolyScope
|
| 50 |
CVE-2026-42822
Improper authentication in Azure Local Disconnected Operations allows an unautho
|
| 50 |
CVE-2026-40281
## Vulnerability Details
**CWE**: CWE-20 - Improper Input Validation
The metad
|
| 50 |
CVE-2026-23652
Improper neutralization of special elements used in a command ('command injectio
|
| 50 |
CVE-2026-42160
Data Space Portal is an open-source Software as a Service (SaaS) solution design
|
| 50 |
CVE-2026-9152
A missing authentication vulnerability exists in the Altium 365 SearchService. A
|
| 50 |
CVE-2026-47280
Improper authentication in Azure Resource Manager (ARM) allows an unauthorized a
|
| 50 |
CVE-2026-33844
Improper input validation in Azure Managed Instance for Apache Cassandra allows
|
| 50 |
CVE-2026-43997
### Summary
It is possible to obtain the host `Object`, https://github.com/patr
|
| 50 |
CVE-2026-44006
### Summary
It is possible to reach `BaseHandler.getPrototypeOf`, which can be
|
| 50 |
CVE-2026-44329
### Summary
free5GC's SMF mounts the `UPI` management route group without OAuth2
|
| 50 |
CVE-2026-45087
# GHSA: Unauthenticated Remote Code Execution via `found-action` in Dalfox Serve
|
| 50 |
CVE-2026-44005
### Summary
vm2's bridge exposes mutable proxies for real host-realm intrinsic p
|
| 50 |
CVE-2026-45444
Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift
|
| 50 |
CVE-2026-44327
### Summary
free5GC's NEF mounts the `nnef-oam` route group without inbound OAut
|
| 50 |
CVE-2026-3325
SQL injection (SQLi) in MegaCMS v12.0.0, specifically in the “id_territorio” par
|
| 50 |
CVE-2026-42287
Emlog is an open source website building system. Prior to version 2.6.11, direct
|
| 50 |
CVE-2026-42901
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to
|
| 50 |
CVE-2026-46595
Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server
|
| 50 |
CVE-2026-42996
JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer
|
| 50 |
CVE-2026-44523
#### Summary
No minimum length or entropy is enforced on the `JWT_SECRET` confi
|
| 50 |
CVE-2026-46695
#### Summary
Boxlite is a sandbox service that allows users to create lightweig
|
| 50 |
CVE-2026-34908
A malicious actor with access to the network could exploit an Improper Access Co
|
| 50 |
CVE-2026-33712
Typebot is a chatbot builder tool. In versions 3.15.2 and prior, the preview cha
|
| 50 |
CVE-2026-43898
### Summary
Sandbox-defined functions expose `Function.caller`, allowing sandbox
|
| 50 |
CVE-2026-46339
## Summary
9router exposes two unauthenticated API endpoints that, when chained
|
| 50 |
CVE-2026-34909
A malicious actor with access to the network could exploit a Path Traversal vuln
|
| 50 |
CVE-2026-44330
### Summary
free5GC's NEF mounts the `nnef-pfdmanagement` route group without in
|
| 50 |
CVE-2026-36767
A path traversal vulnerability in the /content/images/add endpoint of shopizer v
|
| 50 |
CVE-2026-34910
A malicious actor with access to the network could exploit an Improper Input Val
|
| 50 |
CVE-2026-20223
A vulnerability in the access validation of internal REST APIs of Cisco Sec
|
| 50 |
CVE-2026-46412
## Summary
Between 2026-05-11 20:19 UTC and 22:56 UTC, an attacker used a compr
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 776d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2344d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2157d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1771d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2274d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 5021d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1242d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1044d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3798d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 946d |
1 / 7
Next