Security Dashboard

7d 14d 30d 90d
Total CVEs
16315
last 90 days
Avg Priority
36.5
of max 220
KEV
37
actively exploited
POC
3552
public exploits
Unpatched
5449
CRIT/HIGH without patch
How is Priority Score calculated?

Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:

KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low 40-80 Medium 80-120 High 120+ Critical

Patch Now — Known Exploited Vulnerabilities

194
CVE-2026-24061
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for t
CRITICAL
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
CRITICAL
184
CVE-2026-23760
SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability
CRITICAL
180
CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
CRITICAL
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
CRITICAL
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
CRITICAL
160
CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
HIGH
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
CRITICAL
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
HIGH
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
CRITICAL

Priority Distribution

CRITICAL HIGH MEDIUM LOW KEV Only POC Only Unpatched CRIT/HIGH
Priority CVE
160 CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypas
137 CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allo
119 CVE-2026-3910
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allow
119 CVE-2026-3909
Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a re
119 CVE-2026-5281
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote
114 CVE-2026-2441
Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote a
113 CVE-2026-25108
FileZen contains an OS command injection vulnerability. When FileZen Antivirus C
109 CVE-2026-20700
A memory corruption issue was addressed with improved state management. This iss
109 CVE-2026-3502
TrueConf Client downloads application update code and applies it without perform
99 CVE-2026-21513
Protection mechanism failure in MSHTML Framework allows an unauthorized attacker
98 CVE-2026-21509
Reliance on untrusted inputs in a security decision in Microsoft Office allows a
98 CVE-2026-22719
VMware Aria Operations contains a command injection vulnerability. A malicious u
98 CVE-2026-21510
Protection mechanism failure in Windows Shell allows an unauthorized attacker to
93 CVE-2026-21514
Reliance on untrusted inputs in a security decision in Microsoft Office Word all
92 CVE-2026-21519
Access of resource using incompatible type ('type confusion') in Desktop Window
92 CVE-2026-20045
A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unif
92 CVE-2025-15556
Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an upd
92 CVE-2026-21533
Improper privilege management in Windows Remote Desktop allows an authorized att
89 CVE-2026-21385
Memory corruption while using alignments for memory allocation.

Oldest Unpatched Critical/High CVEs

CVE Severity CVSS Priority Days Open
CVE-2024-3400 CRITICAL 10.0 224 730d
CVE-2019-19781 CRITICAL 9.8 223 2298d
CVE-2020-5902 CRITICAL 9.8 223 2111d
CVE-2021-35464 CRITICAL 9.8 223 1725d
CVE-2020-10189 CRITICAL 9.8 223 2228d
CVE-2012-4681 CRITICAL 9.8 223 4975d
CVE-2022-42475 CRITICAL 9.8 223 1196d
CVE-2023-3519 CRITICAL 9.8 223 998d
CVE-2015-7450 CRITICAL 9.8 222 3752d
CVE-2023-34048 CRITICAL 9.8 222 900d

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy