Total CVEs
1501
last 7 days
Avg Priority
32.1
of max 220
KEV
0
actively exploited
POC
183
public exploits
Unpatched
430
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Priority Distribution
| Priority | CVE |
|---|---|
| 22 |
CVE-2026-1752
GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 bef
|
| 22 |
CVE-2026-35596
## Summary
The `hasAccessToLabel` function contains a SQL operator precedence b
|
| 22 |
CVE-2026-33118
Microsoft Edge (Chromium-based) Spoofing Vulnerability
|
| 22 |
CVE-2026-2619
GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 bef
|
| 22 |
CVE-2026-35598
## Summary
The CalDAV `GetResource` and `GetResourcesByList` methods fetch task
|
| 21 |
CVE-2026-32602
Homarr is an open-source dashboard. Prior to 1.57.0, the user registration endpo
|
| 21 |
CVE-2026-35041
fast-jwt provides fast JSON Web Token (JWT) implementation. From 5.0.0 to 6.2.0,
|
| 21 |
CVE-2026-39413
## Summary
The LightRAG API is vulnerable to a JWT algorithm confusion attack wh
|
| 21 |
CVE-2026-1163
An insufficient session expiration vulnerability exists in the latest version of
|
| 20 |
CVE-2026-35177
Vim is an open source, command line text editor. Prior to 9.2.0280, a path trave
|
| 20 |
CVE-2026-5507
When restoring a session from cache, a pointer from the serialized session data
|
| 20 |
CVE-2026-35601
## Summary
The CalDAV output generator builds iCalendar VTODO entries via raw s
|
| 20 |
CVE-2026-34944
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0
|
| 20 |
CVE-2026-39316
OpenPrinting CUPS is an open source printing system for Linux and other Unix-lik
|
| 20 |
CVE-2026-39314
OpenPrinting CUPS is an open source printing system for Linux and other Unix-lik
|
| 20 |
CVE-2026-40394
Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "w
|
| 20 |
CVE-2026-40386
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Ol
|
| 20 |
CVE-2026-40396
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (da
|
| 20 |
CVE-2026-40385
In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote
|
| 20 |
CVE-2026-40395
Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of serv
|
| 0 |
CVE-2026-39398
## Affected
openclaw-claude-bridge v1.1.0
## Issue
v1.1.0 spawns the Claude C
|
| 0 |
CVE-2026-40260
### Impact
An attacker who uses this vulnerability can craft a PDF which leads
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 730d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2298d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2111d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1725d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2228d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4976d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1196d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 998d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3753d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 900d |
Prev
8 / 8