Total CVEs
16482
last 90 days
Avg Priority
36.8
of max 220
KEV
38
actively exploited
POC
3221
public exploits
Unpatched
4327
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
180
CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
160
CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
129
CVE-2026-33825
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to el
124
CVE-2026-21643
An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit
Priority Distribution
| Priority | CVE |
|---|---|
| 29 |
CVE-2026-25905
The Python code being run by 'runPython' or 'runPythonAsync' is not isolated fro
|
| 29 |
CVE-2026-33574
OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills d
|
| 29 |
CVE-2026-25904
The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly p
|
| 29 |
CVE-2026-27646
OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in th
|
| 29 |
CVE-2025-1787
Local admin could to leak information from the Genetec Update Service configurat
|
| 29 |
CVE-2026-24319
In SAP Business One, sensitive information is written to the application�s memor
|
| 29 |
CVE-2026-24928
Out-of-bounds write vulnerability in the file system module.
Impact: Successful
|
| 29 |
CVE-2026-41153
In JetBrains Junie before 252.549.29 command execution was possible via maliciou
|
| 29 |
CVE-2026-32047
OpenClaw before 2026.2.22 contains an allowlist bypass vulnerability in system.r
|
| 29 |
CVE-2026-28455
OpenClaw before 2026.2.22 contains an allowlist bypass vulnerability in system.r
|
| 29 |
CVE-2026-28483
OpenClaw before 2026.3.2 contains a race condition vulnerability in ZIP extracti
|
| 29 |
CVE-2026-32912
OpenClaw versions 2026.2.26 before 2026.3.1 contain a current working directory
|
| 29 |
CVE-2026-20709
Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Pr
|
| 29 |
CVE-2026-34387
Fleet is open source device management software. Prior to 4.81.1, a command inje
|
| 29 |
CVE-2026-25828
grub-btrfs through 2026-01-31 (on Arch Linux and derivative distributions) allow
|
| 29 |
CVE-2026-4913
Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4
|
| 29 |
CVE-2026-22902
A command injection vulnerability has been reported to affect QuNetSwitch. If a
|
| 29 |
CVE-2026-23670
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enc
|
| 29 |
CVE-2026-30867
CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior
|
| 29 |
CVE-2026-33431
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived se
|
| 29 |
CVE-2026-1502
CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host.
|
| 29 |
CVE-2026-33542
Incus is a system container and virtual machine manager. Prior to version 6.23.0
|
| 29 |
CVE-2025-7015
Session Fixation vulnerability in Akın Software Computer Import Export Industry
|
| 29 |
CVE-2026-33739
FOG is a free open-source cloning/imaging/rescue suite/inventory management syst
|
| 29 |
CVE-2026-35451
Twenty is an open source CRM. Prior to 1.20.6, a Stored Cross-Site Scripting (XS
|
| 29 |
CVE-2026-40570
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1
|
| 29 |
CVE-2025-13821
Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail
|
| 29 |
CVE-2026-23563
Improper Link Resolution Before File Access (invoked by 1E‑Explorer‑TachyonCore‑
|
| 29 |
CVE-2026-35241
Vulnerability in the PeopleSoft Enterprise CS Student Records product of Oracle
|
| 29 |
CVE-2026-22613
The server identity check mechanism for firmware upgrade performed via command s
|
| 29 |
CVE-2026-21529
Improper neutralization of input during web page generation ('cross-site scripti
|
| 29 |
CVE-2026-26049
The web management interface of the device renders the passwords in a
plaintext
|
| 29 |
CVE-2025-14806
IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to tri
|
| 29 |
CVE-2026-33473
### Summary
Any user that has enabled 2FA can have their TOTP reused during the
|
| 29 |
CVE-2026-27656
Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.
|
| 29 |
CVE-2026-39901
### Summary
A transaction integrity flaw allows an authenticated tenant user to
|
| 29 |
CVE-2026-21742
A cleartext transmission of sensitive information vulnerability in Fortinet Fort
|
| 29 |
CVE-2025-24819
Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due t
|
| 29 |
CVE-2026-25797
ImageMagick is free and open-source software used for editing and manipulating d
|
| 29 |
CVE-2026-1516
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 b
|
| 29 |
CVE-2025-13763
Multiple uses of uninitialized variables were found in libopensc that may lead t
|
| 29 |
CVE-2026-32755
## Summary
The `save_membership` action in `modules/profile/profile_function.ph
|
| 29 |
CVE-2025-15621
Insufficiently Protected Credentials in Sparx Systems Pty Ltd. Sparx Enterprise
|
| 29 |
CVE-2026-26931
Memory Allocation with Excessive Size Value (CWE-789) in the Prometheus remote_w
|
| 29 |
CVE-2025-14974
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to
|
| 29 |
CVE-2026-32816
Admidio is an open-source user management solution. In versions 5.0.0 through 5.
|
| 29 |
CVE-2025-7105
A vulnerability in danny-avila/librechat allows attackers to exploit the unrestr
|
| 29 |
CVE-2025-7013
Authorization Bypass Through User-Controlled Key vulnerability in QR Menu Pro Sm
|
| 29 |
CVE-2025-7014
Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allo
|
| 29 |
CVE-2026-31853
ImageMagick is free and open-source software used for editing and manipulating d
|
| 29 |
CVE-2026-30883
ImageMagick is free and open-source software used for editing and manipulating d
|
| 29 |
CVE-2026-21712
A flaw in Node.js URL processing causes an assertion failure in native code when
|
| 29 |
CVE-2026-26932
Improper Validation of Array Index (CWE-129) in the PostgreSQL protocol parser i
|
| 29 |
CVE-2026-32009
OpenClaw versions prior to 2026.2.24 contain a policy bypass vulnerability in th
|
| 29 |
CVE-2026-6550
Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption
|
| 29 |
CVE-2026-22617
Eaton Intelligent Power Protector (IPP) uses an insecure cookie configuration, w
|
| 29 |
CVE-2026-34855
Out-of-bounds write vulnerability in the kernel module.
Impact: Successful explo
|
| 29 |
CVE-2025-47147
Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobil
|
| 29 |
CVE-2026-26933
Improper Validation of Array Index (CWE-129) in multiple protocol parser compone
|
| 29 |
CVE-2025-46304
The issue was addressed with improved bounds checks. This issue is fixed in macO
|
| 29 |
CVE-2025-46303
The issue was addressed with improved bounds checks. This issue is fixed in macO
|
| 29 |
CVE-2025-46302
The issue was addressed with improved bounds checks. This issue is fixed in macO
|
| 29 |
CVE-2025-46305
The issue was addressed with improved bounds checks. This issue is fixed in macO
|
| 29 |
CVE-2025-46301
The issue was addressed with improved bounds checks. This issue is fixed in macO
|
| 29 |
CVE-2025-46300
The issue was addressed with improved bounds checks. This issue is fixed in macO
|
| 29 |
CVE-2026-34854
UAF vulnerability in the kernel module.
Impact: Successful exploitation of this
|
| 29 |
CVE-2025-12063
An insecure direct object reference allowed a non-admin user to modify or remove
|
| 29 |
CVE-2025-47904
Download of Code Without Integrity Check vulnerability in Microchip Time Provide
|
| 28 |
CVE-2025-55267
HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allow
|
| 28 |
CVE-2026-6369
An improper access control vulnerability in the canonical-livepatch snap client
|
| 28 |
CVE-2024-13785
The The Contact Form, Survey, Quiz & Popup Form Builder - ARForms plugin for Wor
|
| 28 |
CVE-2026-2711
A vulnerability has been found in zhutoutoutousan worldquant-miner up to 1.0.9.
|
| 28 |
CVE-2026-20945
Improper neutralization of input during web page generation ('cross-site scripti
|
| 28 |
CVE-2026-33412
Vim is an open source, command line text editor. Prior to version 9.2.0202, a co
|
| 28 |
CVE-2026-40190
LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform.
|
| 28 |
CVE-2026-20801
Cleartext Transmission of Sensitive Information (CWE-319) in a component used in
|
| 28 |
CVE-2026-40602
### Impact
Up to 1.0.0 of `home-assitant-cli` (or `hass-cli` for short) an unre
|
| 28 |
CVE-2026-2414
Authorization bypass through User-Controlled key vulnerability in HYPR Server al
|
| 28 |
CVE-2026-5271
pymanager included the current working directory in sys.path meaning modules cou
|
| 28 |
CVE-2026-22077
OPPO Wallet APP contains a trusted domain validation flaw that allows attackers
|
| 28 |
CVE-2025-62845
An improper neutralization of escape, meta, or control sequences vulnerability h
|
| 28 |
CVE-2026-34943
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0
|
| 28 |
CVE-2026-24311
The SAP Customer Checkout application exhibits certain design characteristics th
|
| 28 |
CVE-2026-5673
A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability
|
| 28 |
CVE-2026-24935
A third-party NAT traversal module fails to validate SSL/TLS certificates when c
|
| 28 |
CVE-2025-7024
Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA Connectivity Ser
|
| 28 |
CVE-2026-35363
A vulnerability in the rm utility of uutils coreutils allows the bypass of safeg
|
| 28 |
CVE-2025-52638
HCL AION is affected by a vulnerability where container base images are not prop
|
| 28 |
CVE-2026-34867
Double free vulnerability in the multi-mode input system.
Impact: Successful exp
|
| 28 |
CVE-2026-28452
OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability i
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 745d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2313d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2126d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1740d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2243d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4990d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1211d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1013d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3768d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 915d |