Total CVEs
16465
last 90 days
Avg Priority
36.9
of max 220
KEV
38
actively exploited
POC
3223
public exploits
Unpatched
4319
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
180
CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
160
CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
129
CVE-2026-33825
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to el
124
CVE-2026-21643
An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit
Priority Distribution
| Priority | CVE |
|---|---|
| 30 |
CVE-2026-6414
@fastify/static versions 8.0.0 through 9.1.0 decode percent-encoded path separat
|
| 30 |
CVE-2026-5462
A vulnerability was identified in Wahoo Fitness SYSTM App up to 7.2.1 on Android
|
| 30 |
CVE-2026-5452
A flaw has been found in UCC CampusConnect App up to 14.3.5 on Android. This vul
|
| 30 |
CVE-2026-27752
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authenticati
|
| 30 |
CVE-2026-5453
A vulnerability has been found in Rico só vantagem pra investir App up to 4.58.3
|
| 30 |
CVE-2026-5457
A security flaw has been discovered in PropertyGuru AgentNet Singapore App up to
|
| 30 |
CVE-2026-5458
A weakness has been identified in Noelse Individuals & Pro App up to 2.1.7 on An
|
| 30 |
CVE-2026-21713
A flaw in Node.js HMAC verification uses a non-constant-time comparison when val
|
| 30 |
CVE-2026-5471
A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on
|
| 30 |
CVE-2026-5456
A vulnerability was identified in Align Technology My Invisalign App 3.12.4 on A
|
| 30 |
CVE-2025-33242
NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malic
|
| 30 |
CVE-2026-24933
The API communication component fails to validate the SSL/TLS certificate when s
|
| 30 |
CVE-2025-36253
IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorith
|
| 30 |
CVE-2026-24916
Identity authentication bypass vulnerability in the window module.
Impact: Succe
|
| 30 |
CVE-2026-21002
Improper verification of cryptographic signature in Galaxy Store prior to versio
|
| 30 |
CVE-2026-1778
Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate v
|
| 30 |
CVE-2026-22618
A security misconfiguration was identified in Eaton Intelligent Power Protector
|
| 30 |
CVE-2026-40045
OpenClaw before 2026.4.2 accepts non-loopback cleartext ws:// gateway endpoints
|
| 30 |
CVE-2026-4219
A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF A
|
| 30 |
CVE-2026-5455
A vulnerability was determined in Dialogue App up to 4.3.2 on Android. The affec
|
| 30 |
CVE-2026-25151
Qwik is a performance focused javascript framework. Prior to version 1.19.0, Qwi
|
| 30 |
CVE-2026-24929
Out-of-bounds read vulnerability in the graphics module.
Impact: Successful expl
|
| 30 |
CVE-2026-34859
UAF vulnerability in the kernel module.
Impact: Successful exploitation of this
|
| 30 |
CVE-2026-28546
Buffer overflow vulnerability in the scanning module. Impact: Successful exploit
|
| 30 |
CVE-2026-24931
Vulnerability of improper criterion security check in the card module.
Impact: S
|
| 30 |
CVE-2026-25155
Qwik is a performance focused javascript framework. Prior to version 1.12.0, a t
|
| 30 |
CVE-2026-5300
Unauthenticated functionality in CoolerControl/coolercontrold <4.0.0 allows una
|
| 30 |
CVE-2026-28545
Race condition vulnerability in the printing module. Impact: Successful exploita
|
| 30 |
CVE-2026-28538
Path traversal vulnerability in the certificate management module. Impact: Succe
|
| 30 |
CVE-2025-55266
HCL Aftermarket DPC is affected by Session Fixation which allows attacker to tak
|
| 29 |
CVE-2026-7102
A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromW
|
| 29 |
CVE-2024-43035
Fonoster 0.5.5 before 0.6.1 allows ../ directory traversal to read arbitrary fil
|
| 29 |
CVE-2026-20066
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection
|
| 29 |
CVE-2026-32000
OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability i
|
| 29 |
CVE-2026-20067
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection
|
| 29 |
CVE-2026-20057
Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Ba
|
| 29 |
CVE-2026-20013
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and C
|
| 29 |
CVE-2026-20052
A vulnerability in the memory management handling for the Snort 3 Detection Engi
|
| 29 |
CVE-2026-20053
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA featu
|
| 29 |
CVE-2026-20006
A vulnerability in the TLS cryptography functionality of the Snort 3 Detection E
|
| 29 |
CVE-2026-20058
Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA featu
|
| 29 |
CVE-2026-20054
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA featu
|
| 29 |
CVE-2026-20065
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection
|
| 29 |
CVE-2026-3099
A flaw was found in Libsoup. The server-side digest authentication implementatio
|
| 29 |
CVE-2026-20068
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection
|
| 29 |
CVE-2026-20015
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and C
|
| 29 |
CVE-2026-20005
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection
|
| 29 |
CVE-2025-13391
The Product Options and Price Calculation Formulas for WooCommerce - Uni CPO (Pr
|
| 29 |
CVE-2026-20073
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Softw
|
| 29 |
CVE-2026-2454
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail
|
| 29 |
CVE-2025-54659
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'
|
| 29 |
CVE-2026-1539
A flaw was found in the libsoup HTTP library that can cause proxy authentication
|
| 29 |
CVE-2026-34761
## Summary
Ella Core panics when processing a NGAP handover failure message.
#
|
| 29 |
CVE-2026-1712
Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Esc
|
| 29 |
CVE-2025-68515
Insertion of Sensitive Information Into Sent Data vulnerability in Roland Murg W
|
| 29 |
CVE-2026-40567
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1
|
| 29 |
CVE-2026-20007
A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secur
|
| 29 |
CVE-2026-32035
OpenClaw versions prior to 2026.3.2 fail to pass the senderIsOwner flag when pro
|
| 29 |
CVE-2026-34318
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core
|
| 29 |
CVE-2026-4366
A flaw was identified in Keycloak, an identity and access management solution, w
|
| 29 |
CVE-2026-33081
### **The /download endpoint validates only the initial URL provided by the user
|
| 29 |
CVE-2026-34981
The whisperX API is a tool for enhancing and analyzing audio content. From 0.3.1
|
| 29 |
CVE-2026-25883
Vexa is an open-source, self-hostable meeting bot API and meeting transcription
|
| 29 |
CVE-2026-5384
An issue that could allow a credential to be updated and used for a task from ou
|
| 29 |
CVE-2026-27687
Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM P
|
| 29 |
CVE-2026-5374
An issue that allowed MCP agents to access remediation and asset information fro
|
| 29 |
CVE-2026-5378
An issue that allowed administrators to create and update users outside of their
|
| 29 |
CVE-2026-33996
LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to ver
|
| 29 |
CVE-2026-34360
## Summary
The `/loadIG` HTTP endpoint in the FHIR Validator HTTP service accep
|
| 29 |
CVE-2025-1241
Encrypted values in Fortra's GoAnywhere MFT prior to version 7.10.0 and GoAnywhe
|
| 29 |
CVE-2026-33061
exactyl is a customisable game management panel and billing system. Commits afte
|
| 29 |
CVE-2025-52644
HCL AION is affected by a vulnerability where certain user actions are not adequ
|
| 29 |
CVE-2026-34452
The Claude SDK for Python provides access to the Claude API from Python applicat
|
| 29 |
CVE-2026-34772
### Impact
Apps that allow downloads and programmatically destroy sessions may b
|
| 29 |
CVE-2025-1790
Local privilege escalation in Genetec Sipelia Plugin. An authenticated low-privi
|
| 29 |
CVE-2026-41332
OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerab
|
| 29 |
CVE-2026-25765
Faraday is an HTTP client library abstraction layer that provides a common inter
|
| 29 |
CVE-2026-25704
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use (TOCTOU) Race C
|
| 29 |
CVE-2025-1789
Local privilege escalation in Genetec Update Service. An authenticated, low-priv
|
| 29 |
CVE-2026-32977
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in th
|
| 29 |
CVE-2026-32988
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in fs
|
| 29 |
CVE-2026-33729
### Description
In OpenFGA, under specific conditions, models using conditions w
|
| 29 |
CVE-2026-25528
LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform.
|
| 29 |
CVE-2026-33144
GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-bas
|
| 29 |
CVE-2026-22217
OpenClaw version 2026.2.22 prior to 2026.2.23 contain an arbitrary code executio
|
| 29 |
CVE-2026-25870
DoraCMS version 3.1 and prior contains a server-side request forgery (SSRF) vuln
|
| 29 |
CVE-2026-25905
The Python code being run by 'runPython' or 'runPythonAsync' is not isolated fro
|
| 29 |
CVE-2026-25904
The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly p
|
| 29 |
CVE-2026-27646
OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in th
|
| 29 |
CVE-2026-33574
OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills d
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 745d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2313d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2126d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1740d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2243d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4990d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1211d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1013d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3768d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 915d |