Security Dashboard

Priority	CVE	Severity	CVSS	EPSS	Indicators	Published
194	CVE-2026-24061 telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "	CRITICAL	9.8	75.3%	KEV POC FIX	2026-01-21
185	CVE-2026-1731 BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote	CRITICAL	9.8	66.1%	KEV POC	2026-02-06
184	CVE-2026-23760 SmarterTools SmarterMail versions prior to build 9511 contain an authentication	CRITICAL	9.8	65.4%	KEV POC	2026-01-22
180	CVE-2025-40551 SolarWinds Web Help Desk was found to be susceptible to an untrusted data deseri	CRITICAL	9.8	80.6%	KEV	2026-01-28
170	CVE-2026-1340 A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve	CRITICAL	9.8	50.9%	KEV POC	2026-01-29
164	CVE-2026-1281 A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve	CRITICAL	9.8	64.8%	KEV FIX	2026-01-29
160	CVE-2025-40536 SolarWinds Web Help Desk was found to be susceptible to a security control bypas	HIGH	8.1	69.1%	KEV	2026-01-28
141	CVE-2026-20131 A vulnerability in the web-based management interface of Cisco Secure Firewall M	CRITICAL	10.0	0.6%	KEV POC	2026-03-04
137	CVE-2026-1603 An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allo	HIGH	8.6	43.9%	KEV	2026-02-10
134	CVE-2026-22769 Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a	CRITICAL	10.0	34.2%	KEV FIX	2026-02-17
128	CVE-2026-24423 SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated	CRITICAL	9.8	29.3%	KEV	2026-01-23
126	CVE-2026-20963 Deserialization of untrusted data in Microsoft Office SharePoint allows an autho	CRITICAL	9.8	1.6%	KEV POC	2026-01-13
124	CVE-2026-35616 A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through	CRITICAL	9.8	0.0%	KEV POC	2026-04-04
119	CVE-2026-3910 Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allow	HIGH	8.8	0.1%	KEV POC FIX	2026-03-13
119	CVE-2026-3909 Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a re	HIGH	8.8	0.1%	KEV POC FIX	2026-03-13
119	CVE-2026-5281 Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote	HIGH	8.8	0.0%	KEV POC FIX	2026-04-01
117	CVE-2026-33634 Trivy is a security scanner. On March 19, 2026, a threat actor used compromised	CRITICAL	9.4	0.0%	KEV POC FIX	2026-03-23
117	CVE-2026-33017 ## Summary The `POST /api/v1/build_public_tmp/{flow_id}/flow` endpoint allows b	CRITICAL	9.3	0.5%	KEV POC	2026-03-17
117	CVE-2026-3055 Insufficient input validation in NetScaler ADC and NetScaler Gateway when config	CRITICAL	9.3	0.0%	KEV POC	2026-03-23
114	CVE-2026-2441 Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote a	HIGH	8.8	0.1%	KEV POC FIX	2026-02-13
113	CVE-2026-20127 A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controlle	CRITICAL	10.0	2.6%	KEV POC	2026-02-25
113	CVE-2026-25108 FileZen contains an OS command injection vulnerability. When FileZen Antivirus C	HIGH	8.8	18.6%	KEV	2026-02-13
112	CVE-2026-24858 An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-2	CRITICAL	9.8	2.8%	KEV	2026-01-27
109	CVE-2026-20700 A memory corruption issue was addressed with improved state management. This iss	HIGH	7.8	0.4%	KEV POC	2026-02-11
109	CVE-2026-3502 TrueConf Client downloads application update code and applies it without perform	HIGH	7.8	0.0%	KEV POC	2026-03-30
99	CVE-2026-21513 Protection mechanism failure in MSHTML Framework allows an unauthorized attacker	HIGH	8.8	4.8%	KEV	2026-02-10
98	CVE-2026-21509 Reliance on untrusted inputs in a security decision in Microsoft Office allows a	HIGH	7.8	9.3%	KEV	2026-01-26
98	CVE-2026-22719 VMware Aria Operations contains a command injection vulnerability. A malicious u	HIGH	8.1	7.4%	KEV FIX	2026-02-25
98	CVE-2026-21510 Protection mechanism failure in Windows Shell allows an unauthorized attacker to	HIGH	8.8	3.8%	KEV POC	2026-02-10
93	CVE-2026-21514 Reliance on untrusted inputs in a security decision in Microsoft Office Word all	HIGH	7.8	4.5%	KEV	2026-02-10
92	CVE-2026-21519 Access of resource using incompatible type ('type confusion') in Desktop Window	HIGH	7.8	3.1%	KEV	2026-02-10
92	CVE-2026-20045 A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unif	HIGH	8.2	1.0%	KEV	2026-01-21
92	CVE-2025-15556 Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an upd	HIGH	7.5	4.3%	KEV FIX	2026-02-03
92	CVE-2026-21533 Improper privilege management in Windows Remote Desktop allows an authorized att	HIGH	7.8	2.7%	KEV POC	2026-02-10
89	CVE-2026-21385 Memory corruption while using alignments for memory allocation.	HIGH	7.8	0.4%	KEV POC FIX	2026-03-02
84	CVE-2026-21525 Null pointer dereference in Windows Remote Access Connection Manager allows an u	MEDIUM	6.2	3.4%	KEV	2026-02-10
82	CVE-2026-20805 Exposure of sensitive information to an unauthorized actor in Desktop Windows Ma	MEDIUM	5.5	4.8%	KEV	2026-01-13

Oldest Unpatched Critical/High CVEs

CVE	Severity	CVSS	Priority	Days Open
CVE-2024-3400	CRITICAL	10.0	224	730d
CVE-2019-19781	CRITICAL	9.8	223	2298d
CVE-2020-5902	CRITICAL	9.8	223	2111d
CVE-2021-35464	CRITICAL	9.8	223	1724d
CVE-2020-10189	CRITICAL	9.8	223	2227d
CVE-2012-4681	CRITICAL	9.8	223	4975d
CVE-2022-42475	CRITICAL	9.8	223	1196d
CVE-2023-3519	CRITICAL	9.8	223	997d
CVE-2015-7450	CRITICAL	9.8	222	3752d
CVE-2023-34048	CRITICAL	9.8	222	899d