Total CVEs
16312
last 90 days
Avg Priority
36.5
of max 220
KEV
37
actively exploited
POC
3551
public exploits
Unpatched
5448
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
194
CVE-2026-24061
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for t
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
184
CVE-2026-23760
SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability
180
CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
160
CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
Priority Distribution
| Priority | CVE |
|---|---|
| 39 |
CVE-2025-15589
A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_d
|
| 39 |
CVE-2026-4222
A vulnerability was determined in SSCMS up to 7.4.0. This vulnerability affects
|
| 39 |
CVE-2026-2967
A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This
|
| 39 |
CVE-2026-2966
A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted elem
|
| 39 |
CVE-2026-2110
A security flaw has been discovered in Tasin1025 SwiftBuy up to 0f5011372e8d1d7e
|
| 39 |
CVE-2026-2895
A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by thi
|
| 39 |
CVE-2026-22820
Outray openSource ngrok alternative. Prior to 0.1.5, a TOCTOU race condition vul
|
| 39 |
CVE-2026-32897
OpenClaw versions prior to 2026.2.22 reuse gateway.auth.token as a fallback hash
|
| 39 |
CVE-2026-2391
### Summary
The `arrayLimit` option in qs does not enforce limits for comma-sepa
|
| 39 |
CVE-2026-24764
OpenClaw (formerly Clawdbot) is a personal AI assistant users run on their own d
|
| 39 |
CVE-2026-4588
A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the functio
|
| 39 |
CVE-2026-32050
OpenClaw versions prior to 2026.2.25 contain an access control vulnerability in
|
| 39 |
CVE-2026-32067
OpenClaw versions prior to 2026.2.26 contains an authorization bypass vulnerabil
|
| 39 |
CVE-2026-24122
Cosign provides code signing and transparency for containers and binaries. In ve
|
| 39 |
CVE-2025-15598
A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the funct
|
| 39 |
CVE-2026-2618
A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an
|
| 39 |
CVE-2026-4115
A vulnerability was detected in PuTTY 0.83. Affected is the function eddsa_verif
|
| 39 |
CVE-2025-68157
Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experim
|
| 39 |
CVE-2025-68458
Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experim
|
| 39 |
CVE-2026-2968
A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the fu
|
| 38 |
CVE-2020-37148
P5 FNIP-8x16A/FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from a stored cross-si
|
| 38 |
CVE-2026-1049
A security vulnerability has been detected in LigeroSmart up to 6.1.26. The affe
|
| 38 |
CVE-2025-15583
A weakness has been identified in detronetdip E-commerce 1.0.0. This affects the
|
| 38 |
CVE-2026-4239
A vulnerability was found in Lagom WHMCS Template up to 2.3.7. Impacted is an un
|
| 38 |
CVE-2026-3050
A flaw has been found in horilla-opensource horilla up to 1.0.2. Impacted is an
|
| 38 |
CVE-2026-2546
A security vulnerability has been detected in LigeroSmart up to 6.1.26. The affe
|
| 38 |
CVE-2026-2545
A weakness has been identified in LigeroSmart up to 6.1.26. Impacted is an unkno
|
| 38 |
CVE-2026-1970
A flaw has been found in Edimax BR-6258n up to 1.18. This issue affects the func
|
| 38 |
CVE-2026-4166
A vulnerability was found in Wavlink WL-NU516U1 240425. The impacted element is
|
| 38 |
CVE-2026-3766
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product
|
| 38 |
CVE-2026-2947
A vulnerability was detected in rymcu forest up to 0.0.5. This affects the funct
|
| 38 |
CVE-2026-1598
A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management Syst
|
| 38 |
CVE-2026-2064
A vulnerability was identified in Portabilis i-Educar up to 2.10. Affected by th
|
| 38 |
CVE-2026-3819
A vulnerability has been found in SourceCodester Resort Reservation System 1.0.
|
| 38 |
CVE-2026-4495
A security flaw has been discovered in atjiu pybbs 6.0.0. This impacts the funct
|
| 38 |
CVE-2026-4186
A vulnerability was determined in UEditor up to 1.4.3.2. This issue affects some
|
| 38 |
CVE-2026-4494
A vulnerability was identified in atjiu pybbs 6.0.0. This affects the function c
|
| 38 |
CVE-2026-3741
A security vulnerability has been detected in YiFang CMS 2.0.5. The affected ele
|
| 38 |
CVE-2026-3743
A flaw has been found in YiFang CMS 2.0.5. This affects the function update of t
|
| 38 |
CVE-2026-3171
A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queu
|
| 38 |
CVE-2026-3742
A vulnerability was detected in YiFang CMS 2.0.5. The impacted element is the fu
|
| 38 |
CVE-2026-2557
A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upl
|
| 38 |
CVE-2026-2622
A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects
|
| 38 |
CVE-2026-2946
A security vulnerability has been detected in rymcu forest up to 0.0.5. Affected
|
| 38 |
CVE-2026-2224
A vulnerability was detected in code-projects Online Reviewer System 1.0. This a
|
| 38 |
CVE-2020-37118
P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerabili
|
| 38 |
CVE-2024-55271
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in phpguru
|
| 38 |
CVE-2026-2145
A vulnerability was identified in cym1102 nginxWebUI up to 4.3.7. The impacted e
|
| 38 |
CVE-2026-2547
A vulnerability was detected in LigeroSmart up to 6.1.26. The impacted element i
|
| 38 |
CVE-2026-1700
A weakness has been identified in projectworlds House Rental and Property Listin
|
| 38 |
CVE-2026-1048
A weakness has been identified in LigeroSmart up to 6.1.26. Impacted is an unkno
|
| 38 |
CVE-2026-1421
A vulnerability has been found in code-projects Online Examination System 1.0. A
|
| 37 |
CVE-2026-1998
A flaw has been found in micropython up to 1.27.0. This vulnerability affects th
|
| 37 |
CVE-2026-1991
A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvc
|
| 37 |
CVE-2026-1415
A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gf_
|
| 37 |
CVE-2026-3394
A vulnerability was detected in jarikomppa soloud up to 20200207. This affects t
|
| 37 |
CVE-2026-2659
A vulnerability was determined in Squirrel up to 3.2. Affected by this vulnerabi
|
| 37 |
CVE-2026-2661
A security flaw has been discovered in Squirrel up to 3.2. This affects the func
|
| 37 |
CVE-2026-2662
A weakness has been identified in FascinatedBox lily up to 2.3. This vulnerabili
|
| 37 |
CVE-2026-3389
A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects
|
| 37 |
CVE-2026-3388
A vulnerability was found in Squirrel up to 3.2. This affects the function SQCom
|
| 37 |
CVE-2026-2660
A vulnerability was identified in FascinatedBox lily up to 2.3. Affected by this
|
| 37 |
CVE-2026-3663
A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects
|
| 37 |
CVE-2026-2657
A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the f
|
| 37 |
CVE-2026-3665
A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected
|
| 37 |
CVE-2026-3386
A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerabil
|
| 37 |
CVE-2026-2869
A vulnerability was identified in janet-lang janet up to 1.40.1. Affected by thi
|
| 37 |
CVE-2026-2644
A weakness has been identified in niklasso minisat up to 2.2.0. This issue affec
|
| 37 |
CVE-2026-3463
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is t
|
| 37 |
CVE-2025-15572
A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the
|
| 37 |
CVE-2026-3284
A vulnerability was found in libvips 8.19.0. Impacted is the function vips_extra
|
| 37 |
CVE-2026-3293
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impact
|
| 37 |
CVE-2026-3390
A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affec
|
| 37 |
CVE-2026-3385
A vulnerability was detected in wren-lang wren up to 0.4.0. Affected is the func
|
| 37 |
CVE-2026-3391
A security flaw has been discovered in FascinatedBox lily up to 2.3. Impacted is
|
| 37 |
CVE-2026-2703
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is t
|
| 37 |
CVE-2026-2240
A vulnerability has been found in janet-lang janet up to 1.40.1. The impacted el
|
| 37 |
CVE-2026-2242
A vulnerability was determined in janet-lang janet up to 1.40.1. This impacts th
|
| 37 |
CVE-2026-2241
A vulnerability was found in janet-lang janet up to 1.40.1. This affects the fun
|
| 37 |
CVE-2026-3387
A vulnerability has been found in wren-lang wren up to 0.4.0. Affected by this i
|
| 37 |
CVE-2025-15571
A security vulnerability has been detected in ckolivas lrzip up to 0.651. This v
|
| 37 |
CVE-2026-3664
A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is t
|
| 37 |
CVE-2026-2887
A security vulnerability has been detected in aardappel lobster up to 2025.4. Th
|
| 37 |
CVE-2026-3392
A weakness has been identified in FascinatedBox lily up to 2.3. The affected ele
|
| 37 |
CVE-2026-2069
A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the funct
|
| 37 |
CVE-2026-2258
A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulner
|
| 37 |
CVE-2026-3282
A flaw has been found in libvips 8.19.0. This vulnerability affects the function
|
| 37 |
CVE-2026-3285
A vulnerability was determined in berry-lang berry up to 1.1.0. The affected ele
|
| 37 |
CVE-2026-2641
A weakness has been identified in universal-ctags ctags up to 6.2.1. The affecte
|
| 37 |
CVE-2026-3283
A vulnerability has been found in libvips 8.19.0. This issue affects the functio
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 730d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2298d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2111d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1725d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2228d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4975d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1196d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 998d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3753d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 900d |
1 / 8
Next