Total CVEs
1345
last 7 days
Avg Priority
21.2
of max 220
KEV
1
actively exploited
POC
66
public exploits
Unpatched
231
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
Priority Distribution
| Priority | CVE |
|---|---|
| 43 |
CVE-2026-44461
Zed is a code editor. Prior to 0.227.1, Zed builds SSH/WSL remote commands as a
|
| 43 |
CVE-2026-44463
Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system ca
|
| 43 |
CVE-2026-8652
An OS Command Injection vulnerability exists in Aterm. If a malicious third pers
|
| 43 |
CVE-2026-3515
A vulnerability in the `GitHubRepository` block of the `prefect-github` integrat
|
| 43 |
CVE-2026-42730
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
|
| 43 |
CVE-2026-9489
NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation (LPE) vulner
|
| 43 |
CVE-2026-9789
A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense softwar
|
| 42 |
CVE-2025-48977
Relative Path Traversal vulnerability in Apache Ignite REST API.
Authenticated
|
| 42 |
CVE-2026-46820
Vulnerability in the Oracle Financials Common Modules product of Oracle E-Busine
|
| 42 |
CVE-2026-46717
## Summary
nezha's dashboard supports two user roles: `RoleAdmin` (Role==0) and
|
| 42 |
CVE-2026-48153
Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the
|
| 42 |
CVE-2026-5509
An authenticated command injection vulnerability exists in the Archer BE450 v1 a
|
| 42 |
CVE-2026-49046
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
|
| 42 |
CVE-2026-33590
Insecure default settings of Portainer CE grant regular (non-admin) users privil
|
| 42 |
CVE-2026-40851
A local attacker can perform a confusion attack on the cfgparser via a specially
|
| 42 |
CVE-2026-46345
**Relevant Products/Components:**
* `trestle/core/commands/author/jinja.py`
* `
|
| 42 |
CVE-2026-45108
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune.
|
| 42 |
CVE-2026-49238
An issue was discovered in Canonical Multipass before version 1.16.3. The host-s
|
| 42 |
CVE-2026-7365
IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Anal
|
| 42 |
CVE-2026-7766
Kenik Camera management Panel is vulnerable to Path Traversal vulnerability. An
|
| 41 |
CVE-2026-9284
The WooCommerce PayPal Payments plugin for WordPress is vulnerable to unauthoriz
|
| 41 |
CVE-2026-47077
Allocation of Resources Without Limits or Throttling vulnerability in benoitc ha
|
| 41 |
CVE-2026-42735
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic
|
| 41 |
CVE-2026-44712
pam_usb provides hardware authentication for Linux using ordinary removable medi
|
| 41 |
CVE-2026-4868
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 bef
|
| 41 |
CVE-2026-44358
Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflo
|
| 41 |
CVE-2026-5260
A flaw was found in libgnutls. A remote attacker, by sending an extremely short
|
| 41 |
CVE-2026-5843
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM librar
|
| 41 |
CVE-2026-5817
The vllm-metal inference backend in Docker Model Runner on macOS unconditionally
|
| 41 |
CVE-2026-42013
A flaw was found in gnutls. When validating certificates, an oversized Subject A
|
| 41 |
CVE-2026-46727
An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a us
|
| 41 |
CVE-2026-8994
The Login with NEAR plugin for WordPress is vulnerable to Authentication Bypass
|
| 41 |
CVE-2026-41076
RT is an open source, enterprise-grade issue and ticket tracking system. Version
|
| 41 |
CVE-2026-46402
Microsoft UFO open-source framework for intelligent automation across devices an
|
| 41 |
CVE-2026-48064
pam_usb provides hardware authentication for Linux using ordinary removable medi
|
| 41 |
CVE-2025-13392
Improper check for unusual or exceptional conditions vulnerability in SSO in Syn
|
| 41 |
CVE-2026-48149
Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text
|
| 40 |
CVE-2026-9277
shell-quote's `quote()` function did not validate object-token inputs against th
|
| 40 |
CVE-2026-45344
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the s
|
| 40 |
CVE-2026-9256
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_mo
|
| 40 |
CVE-2026-46828
Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (componen
|
| 40 |
CVE-2026-48152
Budibase is an open-source low-code platform. Prior to 3.39.0, the single-dataso
|
| 40 |
CVE-2026-35277
Vulnerability in Oracle REST Data Services (component: Core). Supported version
|
| 40 |
CVE-2026-6455
The WP Contact Form 7 DB Handler plugin for WordPress is vulnerable to Cross-Sit
|
| 40 |
CVE-2026-45260
### Summary
Pimcore's WebDAV asset endpoint exposes a `MOVE` operation through `
|
| 40 |
CVE-2026-9095
Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions withou
|
| 40 |
CVE-2026-40172
authentik is an open-source identity provider. In versions prior to 2025.12.5 an
|
| 40 |
CVE-2026-3012
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. W
|
| 40 |
CVE-2026-37266
An issue in Responsive File Manager Responsive FileManager Version 9.14.0 allows
|
| 40 |
CVE-2026-6957
Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from fed
|
| 40 |
CVE-2026-45162
# GM-374
## Summary
Multiple locations in Pimcore v11 call PHP's `unserialize()
|
| 40 |
CVE-2026-44711
pam_usb provides hardware authentication for Linux using ordinary removable medi
|
| 40 |
CVE-2026-35266
Vulnerability in Oracle REST Data Services (component: Core). Supported version
|
| 39 |
CVE-2025-69600
Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to ex
|
| 39 |
CVE-2026-45322
Microsoft UFO open-source framework for intelligent automation across devices an
|
| 39 |
CVE-2026-44709
pam_usb provides hardware authentication for Linux using ordinary removable medi
|
| 39 |
CVE-2026-9255
Missing input source validation in the tool authorization prompt in Kiro CLI bef
|
| 39 |
CVE-2025-43306
A logic issue was addressed with improved checks. This issue is fixed in macOS S
|
| 39 |
CVE-2026-38945
Command injection in Raynet rvia version 12.6 Update 8 and previous versions all
|
| 39 |
CVE-2026-3623
IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allo
|
| 39 |
CVE-2026-46439
A High severity Server-Side Template Injection (SSTI) vulnerability exists in th
|
| 39 |
CVE-2026-49237
An issue was discovered in Canonical Multipass for macOS before version 1.16.3 d
|
| 39 |
CVE-2026-47333
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentia
|
| 39 |
CVE-2026-47331
Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock wh
|
| 39 |
CVE-2026-26147
Improper input validation in Azure Compute Gallery allows an authorized attacker
|
| 39 |
CVE-2026-46427
Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at
|
| 39 |
CVE-2026-2253
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 an
|
| 39 |
CVE-2026-48146
Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token
|
| 38 |
CVE-2026-42398
Server-Side Request Forgery (CWE-918) in Kibana allows authenticated users with
|
| 38 |
CVE-2026-45296
OpenReplay is a self-hosted session replay suite. Prior to 1.26.0, OpenReplay's
|
| 38 |
CVE-2026-39965
TypeBot is a chatbot builder tool. Versions 3.15.2 and prior contain an SSRF via
|
| 38 |
CVE-2026-34911
A malicious actor with access to the network and low privileges could exploit a
|
| 38 |
CVE-2026-46823
Vulnerability in the Oracle Public Sector Financials (International) product of
|
| 38 |
CVE-2026-46821
Vulnerability in the Oracle Financials Common Modules product of Oracle E-Busine
|
| 38 |
CVE-2026-9804
A flaw was found in KubeVirt's virt-exportserver component. An attacker with spe
|
| 38 |
CVE-2026-42790
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_c
|
| 38 |
CVE-2026-48545
Gradio before version 6.15.0 contains a cookie injection vulnerability that allo
|
| 38 |
CVE-2026-46701
# Unauthenticated Cross-Origin MCP Tool Invocation via Empty Default Secret
| F
|
| 38 |
CVE-2026-34207
TypeBot is a chatbot builder tool. SSRF protection for Webhook / HTTP Request b
|
| 38 |
CVE-2026-48922
Jenkins Credentials Binding Plugin 720.v3f6decef43ea_ and earlier does not prope
|
| 38 |
CVE-2026-44847
MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's web
|
| 38 |
CVE-2026-9200
The Query Shortcode plugin for WordPress is vulnerable to Local File Inclusion i
|
| 38 |
CVE-2026-23663
Improper privilege management in Azure Entra ID allows an unauthorized attacker
|
| 38 |
CVE-2026-48921
Jenkins Pipeline: Groovy Libraries Plugin 797.v90ea_a_9b_e45a_0 and earlier does
|
| 38 |
CVE-2026-48829
In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting bo
|
| 38 |
CVE-2026-42760
Authentication Bypass Using an Alternate Path or Channel vulnerability in revmak
|
| 38 |
CVE-2026-42736
Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Be
|
| 38 |
CVE-2026-43988
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26
|
| 38 |
CVE-2026-48151
Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schem
|
| 38 |
CVE-2025-14713
An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Ed
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 776d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2344d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2157d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1771d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2274d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 5021d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1242d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1044d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3798d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 946d |