Security Dashboard

7d 14d 30d 90d
Total CVEs
1524
last 7 days
Avg Priority
32.2
of max 220
KEV
0
actively exploited
POC
192
public exploits
Unpatched
437
CRIT/HIGH without patch
How is Priority Score calculated?

Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:

KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low 40-80 Medium 80-120 High 120+ Critical

Priority Distribution

CRITICAL HIGH MEDIUM LOW KEV Only POC Only Unpatched CRIT/HIGH
Priority CVE
67 CVE-2026-23696
Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vul
66 CVE-2026-35022
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection v
66 CVE-2026-22679
Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthentica
65 CVE-2026-6025
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This af
65 CVE-2026-5852
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affecte
65 CVE-2026-5851
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Th
65 CVE-2026-5853
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
65 CVE-2026-6112
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affecte
65 CVE-2026-6113
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
65 CVE-2026-5994
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Th
65 CVE-2026-5995
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Impacte
65 CVE-2026-6026
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Th
65 CVE-2026-5997
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The impac
65 CVE-2026-5996
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
65 CVE-2026-5993
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vu
65 CVE-2026-6114
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected
65 CVE-2026-5850
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This af
65 CVE-2026-6028
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
65 CVE-2026-6029
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affec
65 CVE-2026-6116
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vu
65 CVE-2026-6027
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This is
65 CVE-2026-6115
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the
65 CVE-2026-5854
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected
64 CVE-2026-5975
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. The imp
64 CVE-2026-5976
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Th
64 CVE-2026-5977
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This im
64 CVE-2026-5978
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
64 CVE-2026-22683
Windmill versions 1.56.0 through 1.614.0 contain a missing authorization vulnera
63 CVE-2026-5684
A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issu
63 CVE-2026-35020
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection v
63 CVE-2026-29002
CouchCMS contains a privilege escalation vulnerability that allows authenticated
62 CVE-2026-35021
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection v
58 CVE-2026-4338
The ActivityPub WordPress plugin before 8.0.2 does not properly filter posts to
57 CVE-2026-6123
A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromA
57 CVE-2026-6016
A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the
57 CVE-2026-5604
A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element
57 CVE-2026-6121
A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is t
57 CVE-2026-6122
A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is
57 CVE-2026-5830
A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the funct
57 CVE-2026-6015
A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the functio
57 CVE-2026-6120
A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fro
57 CVE-2026-6124
A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects
57 CVE-2026-5609
A flaw has been found in Tenda i12 1.0.0.11(3862). Affected by this vulnerabilit
57 CVE-2026-6014
A flaw has been found in D-Link DIR-513 1.10. This issue affects the function fo
57 CVE-2026-6013
A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects
57 CVE-2026-6012
A security vulnerability has been detected in D-Link DIR-513 1.10. This affects
57 CVE-2026-5614
A security flaw has been discovered in Belkin F9K1015 1.00.10. Impacted is the f
57 CVE-2026-5612
A vulnerability was determined in Belkin F9K1015 1.00.10. This vulnerability aff
57 CVE-2026-5608
A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function
57 CVE-2026-5610
A vulnerability has been found in Belkin F9K1015 1.00.10. Affected by this issue
57 CVE-2026-5611
A vulnerability was found in Belkin F9K1015 1.00.10. This affects the function f
57 CVE-2026-5628
A security vulnerability has been detected in Belkin F9K1015 1.00.10. Impacted i
57 CVE-2026-5613
A vulnerability was identified in Belkin F9K1015 1.00.10. This issue affects the
57 CVE-2026-5605
A weakness has been identified in Tenda CH22 1.0.0.1. This affects the function
57 CVE-2026-5979
A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulner
57 CVE-2026-5981
A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the func
57 CVE-2026-5989
A flaw has been found in Tenda F451 1.0.0.7. Affected is the function fromRouteS
57 CVE-2026-5685
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the func
57 CVE-2026-5982
A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects
57 CVE-2026-5815
A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the f
57 CVE-2026-5844
A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sp
57 CVE-2025-13926
An attacker could use data obtained by sniffing the network traffic to forge pa
56 CVE-2025-14815
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric
56 CVE-2025-14816
Cleartext Storage of Sensitive Information in GUI vulnerability in Mitsubishi El
53 CVE-2026-4436
A low-privileged remote attacker can send Modbus packets to manipulate register
51 CVE-2026-4149
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerabil
50 CVE-2026-39337
ChurchCRM is an open-source church management system. Prior to 7.1.0, critical p
50 CVE-2025-54328
An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor,
50 CVE-2026-5059
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. Th
50 CVE-2026-5058
aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulne
50 CVE-2026-39355
Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken ac
50 CVE-2026-40089
Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The S
49 CVE-2026-4003
The Users manager - PN plugin for WordPress is vulnerable to Privilege Escalatio
49 CVE-2026-3535
The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary
49 CVE-2026-1830
The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution
49 CVE-2026-4631
Cockpit's remote login feature passes user-supplied hostnames and usernames from
49 CVE-2026-6057
FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability
49 CVE-2026-0740
The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary f
49 CVE-2026-1114
In parisneo/lollms version 2.1.0, the application's session management is vulner
49 CVE-2026-31059
A remote command execution (RCE) vulnerability in the /goform/formDia component
49 CVE-2026-31271
megagao production_ssm v1.0 contains an authorization bypass vulnerability in th
49 CVE-2026-33816
Memory-safety vulnerability in github.com/jackc/pgx/v5.
49 CVE-2026-30079
In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state
49 CVE-2026-31272
MRCMS 3.1.2 contains an access control vulnerability. The save() method in src/m
49 CVE-2026-3296
The Everest Forms plugin for WordPress is vulnerable to PHP Object Injection in
49 CVE-2025-62818
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod
49 CVE-2026-31151
An issue in the login mechanism of Kaleris YMS v7.2.2.1 allows attackers to bypa
49 CVE-2025-52909
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wear
49 CVE-2026-33815
Memory-safety vulnerability in github.com/jackc/pgx/v5.
49 CVE-2025-52908
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wear

Oldest Unpatched Critical/High CVEs

CVE Severity CVSS Priority Days Open
CVE-2024-3400 CRITICAL 10.0 224 730d
CVE-2019-19781 CRITICAL 9.8 223 2298d
CVE-2020-5902 CRITICAL 9.8 223 2110d
CVE-2021-35464 CRITICAL 9.8 223 1724d
CVE-2020-10189 CRITICAL 9.8 223 2227d
CVE-2012-4681 CRITICAL 9.8 223 4975d
CVE-2022-42475 CRITICAL 9.8 223 1196d
CVE-2023-3519 CRITICAL 9.8 223 997d
CVE-2015-7450 CRITICAL 9.8 222 3752d
CVE-2023-34048 CRITICAL 9.8 222 899d
1 / 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy