Total CVEs
16507
last 90 days
Avg Priority
35.8
of max 220
KEV
37
actively exploited
POC
3185
public exploits
Unpatched
4166
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
129
CVE-2026-33825
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to el
124
CVE-2026-21643
An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-39987
## Summary
Marimo (19.6k stars) has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint `
Priority Distribution
| Priority | CVE |
|---|---|
| 26 |
CVE-2025-69236
Raytha CMS is vulnerable to Stored XSS via FieldValues[1].Value parameter in pos
|
| 26 |
CVE-2025-69237
Raytha CMS is vulnerable to Stored XSS via FieldValues[0].Value parameter in pag
|
| 26 |
CVE-2026-35496
A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allo
|
| 26 |
CVE-2026-33273
Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2
|
| 26 |
CVE-2026-39347
OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to
|
| 26 |
CVE-2026-32844
XinLiangCoder php_api_doc through commit 1ce5bbf contains a reflected cross-site
|
| 26 |
CVE-2026-5160
Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are
|
| 26 |
CVE-2025-69239
Raytha CMS is vulnerable to Server-Side Request Forgery in the “Themes - Import
|
| 26 |
CVE-2026-33415
Discourse is an open-source discussion platform. From versions 2026.1.0-latest t
|
| 26 |
CVE-2026-21904
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scri
|
| 26 |
CVE-2026-4175
A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2. The affected ele
|
| 26 |
CVE-2026-6107
A flaw has been found in 1Panel-dev MaxKB up to 2.6.1. This issue affects some u
|
| 26 |
CVE-2026-40118
UDP Console provided by Arcserve contains an incorrectly specified destination i
|
| 26 |
CVE-2026-32866
OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the conten
|
| 26 |
CVE-2026-32868
OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the conten
|
| 26 |
CVE-2026-32869
OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the conten
|
| 26 |
CVE-2026-33566
There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially c
|
| 26 |
CVE-2026-5469
A weakness has been identified in Casdoor 2.356.0. This vulnerability affects un
|
| 26 |
CVE-2026-27787
Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If th
|
| 26 |
CVE-2026-40451
DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross
|
| 26 |
CVE-2026-6835
The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allow
|
| 26 |
CVE-2026-32859
ByteDance Deer-Flow versions prior to commit 5dbb362 contain a stored cross-site
|
| 26 |
CVE-2026-40028
Hayabusa versions prior to 3.8.0 contain a cross-site scripting (XSS) vulnerabil
|
| 26 |
CVE-2026-34803
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-35057
XenForo before 2.3.10 and before 2.2.19 is vulnerable to stored cross-site scrip
|
| 26 |
CVE-2026-35055
XenForo before 2.3.9 and before 2.2.18 is vulnerable to cross-site scripting (XS
|
| 26 |
CVE-2026-35054
XenForo before 2.3.9 is vulnerable to stored cross-site scripting (XSS) related
|
| 26 |
CVE-2026-34798
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34799
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34800
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-32828
Kargo manages and automates the promotion of software artifacts. In versions 1.4
|
| 26 |
CVE-2026-34801
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34802
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-40038
Pachno 1.0.6 contains a stored cross-site scripting vulnerability that allows at
|
| 26 |
CVE-2026-34804
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-27508
Smoothwall Express versions prior to 3.1 Update 13 contain a reflected cross-sit
|
| 26 |
CVE-2026-34805
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-26352
Smoothwall Express versions prior to 3.1 Update 13 contain a stored cross-site s
|
| 26 |
CVE-2026-34806
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34807
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34808
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34809
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34810
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34811
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34812
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34813
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34814
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34815
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-23757
GFI HelpDesk before 4.99.10 contains a stored cross-site scripting vulnerability
|
| 26 |
CVE-2026-23756
GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability
|
| 26 |
CVE-2026-34816
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34817
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34818
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34820
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-34823
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-26927
Szafir SDK Web is a browser plug-in that can run SzafirHost application which do
|
| 26 |
CVE-2026-34018
An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allo
|
| 26 |
CVE-2026-4991
A vulnerability was detected in QDOCS Smart School Management System up to 7.2.
|
| 26 |
CVE-2026-3194
A flaw has been found in Chia Blockchain 2.1.0. The affected element is the func
|
| 26 |
CVE-2026-22209
wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability in the cust
|
| 26 |
CVE-2026-40529
CMS ALAYA provided by KANATA Limited contains an SQL injection vulnerability. In
|
| 26 |
CVE-2026-1468
QuickCMS is vulnerable to Cross-Site Request Forgery across multiple endpoints.
|
| 26 |
CVE-2026-35634
OpenClaw before 2026.3.23 contains an authentication bypass vulnerability in the
|
| 26 |
CVE-2026-2655
A vulnerability was detected in ChaiScript up to 6.1.0. The impacted element is
|
| 26 |
CVE-2026-2656
A flaw has been found in ChaiScript up to 6.1.0. This affects the function chais
|
| 26 |
CVE-2026-29521
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site reques
|
| 26 |
CVE-2026-4346
The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrat
|
| 26 |
CVE-2026-2913
A vulnerability was determined in libvips up to 8.19.0. The affected element is
|
| 26 |
CVE-2026-33559
WordPress Plugin "OpenStreetMap" provided by MiKa contains a cross-site scriptin
|
| 26 |
CVE-2025-40841
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a
Cross-Site Req
|
| 26 |
CVE-2026-5475
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the functio
|
| 26 |
CVE-2025-13480
Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users
|
| 26 |
CVE-2026-6654
Double-Free / Use-After-Free (UAF) in the `IntoIter::drop` and `ThinVec::clear`
|
| 26 |
CVE-2026-28888
A race condition was addressed with improved state handling. This issue is fixed
|
| 26 |
CVE-2026-28834
A race condition was addressed with improved state handling. This issue is fixed
|
| 26 |
CVE-2026-34822
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS)
|
| 26 |
CVE-2026-2243
A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of
|
| 26 |
CVE-2026-21008
Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 all
|
| 26 |
CVE-2026-32837
miniaudio version 0.11.25 and earlier contain a heap out-of-bounds read vulnerab
|
| 26 |
CVE-2026-35613
coursevault-preview is a utility for previewing course material files from a con
|
| 26 |
CVE-2026-33536
Due to an incorrect return value on certain platforms a pointer is incremented p
|
| 26 |
CVE-2026-1940
An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavpars
|
| 26 |
CVE-2026-42371
uriparser before 1.0.1 has numeric truncation in text range comparison, if an ap
|
| 26 |
CVE-2026-21014
Improper access control in Samsung Camera prior to version 16.5.00.28 allows loc
|
| 26 |
CVE-2026-40447
Integer overflow or wraparound vulnerability in Samsung Open Source Escargot all
|
| 26 |
CVE-2026-25576
ImageMagick is free and open-source software used for editing and manipulating d
|
| 26 |
CVE-2025-14858
The Semtech LR11xx LoRa transceivers running early versions of firmware contains
|
| 26 |
CVE-2026-23868
Giflib contains a double-free vulnerability that is the result of a shallow copy
|
| 26 |
CVE-2025-66442
In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in R
|
| 26 |
CVE-2026-34757
LIBPNG is a reference library for use in applications that read, create, and man
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 746d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2314d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2127d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1741d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2244d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4992d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1212d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1014d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3769d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 916d |