Total CVEs
16495
last 90 days
Avg Priority
36.9
of max 220
KEV
38
actively exploited
POC
3227
public exploits
Unpatched
4333
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
180
CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
160
CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
129
CVE-2026-33825
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to el
124
CVE-2026-21643
An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit
Priority Distribution
| Priority | CVE |
|---|---|
| 28 |
CVE-2026-23360
In the Linux kernel, the following vulnerability has been resolved:
nvme: fix a
|
| 28 |
CVE-2026-23386
In the Linux kernel, the following vulnerability has been resolved:
gve: fix in
|
| 28 |
CVE-2026-23389
In the Linux kernel, the following vulnerability has been resolved:
ice: Fix me
|
| 28 |
CVE-2026-23355
In the Linux kernel, the following vulnerability has been resolved:
ata: libata
|
| 28 |
CVE-2026-23353
In the Linux kernel, the following vulnerability has been resolved:
ice: fix cr
|
| 28 |
CVE-2026-27281
DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or W
|
| 28 |
CVE-2026-31547
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Fix
|
| 28 |
CVE-2026-28877
An authorization issue was addressed with improved state management. This issue
|
| 28 |
CVE-2026-27218
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer
|
| 28 |
CVE-2026-39856
osslsigncode is a tool that implements Authenticode signing and timestamping. Pr
|
| 28 |
CVE-2026-27217
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer
|
| 28 |
CVE-2026-31646
In the Linux kernel, the following vulnerability has been resolved:
net: lan966
|
| 28 |
CVE-2026-39855
osslsigncode is a tool that implements Authenticode signing and timestamping. Pr
|
| 28 |
CVE-2026-23401
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86/mm
|
| 28 |
CVE-2026-31655
In the Linux kernel, the following vulnerability has been resolved:
pmdomain: i
|
| 28 |
CVE-2026-27215
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer
|
| 28 |
CVE-2026-31577
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix
|
| 28 |
CVE-2026-31654
In the Linux kernel, the following vulnerability has been resolved:
mm/vma: fix
|
| 28 |
CVE-2026-27214
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer
|
| 28 |
CVE-2026-27285
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based
|
| 28 |
CVE-2026-23402
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86/mm
|
| 28 |
CVE-2026-21364
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer
|
| 28 |
CVE-2026-21363
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer
|
| 28 |
CVE-2026-20670
An authorization issue was addressed with improved state management. This issue
|
| 28 |
CVE-2026-23442
In the Linux kernel, the following vulnerability has been resolved:
ipv6: add N
|
| 28 |
CVE-2026-23403
In the Linux kernel, the following vulnerability has been resolved:
apparmor: f
|
| 28 |
CVE-2026-31574
In the Linux kernel, the following vulnerability has been resolved:
clockevents
|
| 28 |
CVE-2026-23404
In the Linux kernel, the following vulnerability has been resolved:
apparmor: r
|
| 28 |
CVE-2026-23405
In the Linux kernel, the following vulnerability has been resolved:
apparmor: f
|
| 28 |
CVE-2026-23409
In the Linux kernel, the following vulnerability has been resolved:
apparmor: f
|
| 28 |
CVE-2026-31573
In the Linux kernel, the following vulnerability has been resolved:
media: veri
|
| 28 |
CVE-2026-28845
An authorization issue was addressed with improved state management. This issue
|
| 28 |
CVE-2026-28890
An out-of-bounds read was addressed with improved bounds checking. This issue is
|
| 28 |
CVE-2026-31625
In the Linux kernel, the following vulnerability has been resolved:
HID: alps:
|
| 28 |
CVE-2026-23417
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix co
|
| 28 |
CVE-2026-31564
In the Linux kernel, the following vulnerability has been resolved:
LoongArch:
|
| 28 |
CVE-2026-28881
A privacy issue was addressed by moving sensitive data. This issue is fixed in m
|
| 28 |
CVE-2026-31556
In the Linux kernel, the following vulnerability has been resolved:
xfs: scrub:
|
| 28 |
CVE-2026-31560
In the Linux kernel, the following vulnerability has been resolved:
spi: spi-dw
|
| 28 |
CVE-2026-31561
In the Linux kernel, the following vulnerability has been resolved:
x86/cpu: Re
|
| 28 |
CVE-2026-31639
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix
|
| 28 |
CVE-2026-31642
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix
|
| 28 |
CVE-2026-31647
In the Linux kernel, the following vulnerability has been resolved:
idpf: fix P
|
| 28 |
CVE-2026-28870
An information leakage was addressed with additional validation. This issue is f
|
| 28 |
CVE-2026-31645
In the Linux kernel, the following vulnerability has been resolved:
net: lan966
|
| 28 |
CVE-2026-23374
In the Linux kernel, the following vulnerability has been resolved:
blktrace: f
|
| 28 |
CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved:
mm: thp: de
|
| 28 |
CVE-2026-23373
In the Linux kernel, the following vulnerability has been resolved:
wifi: rsi:
|
| 28 |
CVE-2026-23371
In the Linux kernel, the following vulnerability has been resolved:
sched/deadl
|
| 28 |
CVE-2026-23369
In the Linux kernel, the following vulnerability has been resolved:
i2c: i801:
|
| 28 |
CVE-2026-23347
In the Linux kernel, the following vulnerability has been resolved:
can: usb: f
|
| 28 |
CVE-2026-23341
In the Linux kernel, the following vulnerability has been resolved:
accel/amdxd
|
| 28 |
CVE-2026-23337
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: pi
|
| 28 |
CVE-2026-23433
In the Linux kernel, the following vulnerability has been resolved:
arm_mpam: F
|
| 28 |
CVE-2026-23377
In the Linux kernel, the following vulnerability has been resolved:
ice: change
|
| 28 |
CVE-2026-27222
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Divide By Zero vuln
|
| 28 |
CVE-2026-23399
In the Linux kernel, the following vulnerability has been resolved:
nf_tables:
|
| 28 |
CVE-2026-23328
In the Linux kernel, the following vulnerability has been resolved:
accel/amdxd
|
| 28 |
CVE-2026-23316
In the Linux kernel, the following vulnerability has been resolved:
net: ipv4:
|
| 28 |
CVE-2026-23421
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/conf
|
| 28 |
CVE-2026-31571
In the Linux kernel, the following vulnerability has been resolved:
drm/i915: U
|
| 28 |
CVE-2026-23346
In the Linux kernel, the following vulnerability has been resolved:
arm64: io:
|
| 28 |
CVE-2026-23345
In the Linux kernel, the following vulnerability has been resolved:
arm64: gcs:
|
| 28 |
CVE-2026-23999
Fleet is open source device management software. In versions prior to 4.80.1, Fl
|
| 28 |
CVE-2026-23423
In the Linux kernel, the following vulnerability has been resolved:
btrfs: free
|
| 28 |
CVE-2025-62816
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 148
|
| 28 |
CVE-2026-23349
In the Linux kernel, the following vulnerability has been resolved:
HID: pidff:
|
| 28 |
CVE-2026-23435
In the Linux kernel, the following vulnerability has been resolved:
perf/x86: M
|
| 28 |
CVE-2026-23358
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu:
|
| 28 |
CVE-2026-31653
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/sy
|
| 28 |
CVE-2026-31567
In the Linux kernel, the following vulnerability has been resolved:
PM: sleep:
|
| 28 |
CVE-2026-31579
In the Linux kernel, the following vulnerability has been resolved:
wireguard:
|
| 28 |
CVE-2026-23436
In the Linux kernel, the following vulnerability has been resolved:
net: shaper
|
| 28 |
CVE-2025-58346
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wear
|
| 28 |
CVE-2026-23332
In the Linux kernel, the following vulnerability has been resolved:
cpufreq: in
|
| 28 |
CVE-2026-23431
In the Linux kernel, the following vulnerability has been resolved:
spi: amlogi
|
| 28 |
CVE-2026-23331
In the Linux kernel, the following vulnerability has been resolved:
udp: Unhash
|
| 28 |
CVE-2026-23376
In the Linux kernel, the following vulnerability has been resolved:
nvmet-fcloo
|
| 28 |
CVE-2026-23385
In the Linux kernel, the following vulnerability has been resolved:
netfilter:
|
| 28 |
CVE-2026-23330
In the Linux kernel, the following vulnerability has been resolved:
nfc: nci: c
|
| 28 |
CVE-2026-23329
In the Linux kernel, the following vulnerability has been resolved:
libie: don'
|
| 28 |
CVE-2026-31632
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix
|
| 28 |
CVE-2026-23366
In the Linux kernel, the following vulnerability has been resolved:
drm/client:
|
| 28 |
CVE-2026-23384
In the Linux kernel, the following vulnerability has been resolved:
RDMA/ionic:
|
| 28 |
CVE-2026-23430
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx:
|
| 28 |
CVE-2026-23416
In the Linux kernel, the following vulnerability has been resolved:
mm/mseal: u
|
| 28 |
CVE-2025-15491
The Post Slides WordPress plugin through 1.0.1 does not validate some shortcode
|
| 28 |
CVE-2026-23314
In the Linux kernel, the following vulnerability has been resolved:
regulator:
|
| 28 |
CVE-2026-28831
An authorization issue was addressed with improved state management. This issue
|
| 28 |
CVE-2026-2490
RustDesk Client for Windows Transfer File Link Following Information Disclosure
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 745d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2313d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2126d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1740d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2243d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4991d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1211d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1013d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3768d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 915d |