Total CVEs
16507
last 90 days
Avg Priority
35.8
of max 220
KEV
37
actively exploited
POC
3185
public exploits
Unpatched
4132
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
129
CVE-2026-33825
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to el
124
CVE-2026-21643
An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-39987
## Summary
Marimo (19.6k stars) has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint `
Priority Distribution
| Priority | CVE |
|---|---|
| 25 |
CVE-2026-28717
Local privilege escalation due to improper directory permissions. The following
|
| 25 |
CVE-2026-3113
Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.
|
| 25 |
CVE-2026-41034
ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in X
|
| 25 |
CVE-2025-11537
A flaw was found in Keycloak. When the logging format is configured to a verbose
|
| 25 |
CVE-2026-40002
Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged ap
|
| 25 |
CVE-2026-40916
A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image
|
| 25 |
CVE-2026-6845
A flaw was found in binutils, specifically within the `readelf` utility. This vu
|
| 25 |
CVE-2026-33259
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ da
|
| 25 |
CVE-2026-35372
A logic error in the ln utility of uutils coreutils allows the utility to derefe
|
| 25 |
CVE-2026-40970
When configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configura
|
| 25 |
CVE-2026-0401
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a
|
| 25 |
CVE-2026-0402
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remot
|
| 25 |
CVE-2026-0400
A post-authentication Format String vulnerability in SonicOS allows a remote att
|
| 25 |
CVE-2026-1246
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary F
|
| 25 |
CVE-2025-54161
An allocation of resources without limits or throttling vulnerability has been r
|
| 25 |
CVE-2025-58466
A use of uninitialized variable vulnerability has been reported to affect severa
|
| 25 |
CVE-2025-66274
A NULL pointer dereference vulnerability has been reported to affect several QNA
|
| 25 |
CVE-2025-59386
A NULL pointer dereference vulnerability has been reported to affect several QNA
|
| 25 |
CVE-2025-54163
A NULL pointer dereference vulnerability has been reported to affect File Statio
|
| 25 |
CVE-2025-47205
A NULL pointer dereference vulnerability has been reported to affect several QNA
|
| 25 |
CVE-2026-3439
A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certi
|
| 25 |
CVE-2025-11845
A null pointer dereference vulnerability in the certificate downloader CGI progr
|
| 25 |
CVE-2025-11846
A null pointer dereference vulnerability in the account settings CGI program of
|
| 25 |
CVE-2025-11847
A null pointer dereference vulnerability in the IP settings CGI program of the Z
|
| 25 |
CVE-2025-11848
A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Z
|
| 25 |
CVE-2026-23795
Improper Restriction of XML External Entity Reference vulnerability in Apache Sy
|
| 25 |
CVE-2026-39811
A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 throug
|
| 25 |
CVE-2026-25790
Wazuh is a free and open source platform used for threat prevention, detection,
|
| 25 |
CVE-2026-22228
An authenticated user with high privileges may trigger a denial‑of‑service condi
|
| 25 |
CVE-2026-32947
## Summary
A vulnerability exists in the Community Tier of Harden-Runner that a
|
| 25 |
CVE-2026-0399
Multiple post-authentication stack-based buffer overflow vulnerabilities in the
|
| 25 |
CVE-2025-54162
A path traversal vulnerability has been reported to affect File Station 5. If a
|
| 25 |
CVE-2026-22549
A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow ex
|
| 25 |
CVE-2025-13681
The BFG Tools - Extension Zipper plugin for WordPress is vulnerable to Path Trav
|
| 25 |
CVE-2026-3523
The Apocalypse Meow plugin for WordPress is vulnerable to SQL Injection via the
|
| 25 |
CVE-2025-15487
The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all ve
|
| 25 |
CVE-2026-28078
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
|
| 25 |
CVE-2026-3474
The EmailKit - Email Customizer for WooCommerce & WP plugin for WordPress is vul
|
| 25 |
CVE-2026-26936
Inefficient Regular Expression Complexity (CWE-1333) in the AI Inference Anonymi
|
| 25 |
CVE-2026-22728
Bitnami Sealed Secrets is vulnerable to a scope-widening attack during
the secre
|
| 25 |
CVE-2026-20148
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, rem
|
| 25 |
CVE-2026-27807
MarkUs is a web application for the submission and grading of student assignment
|
| 25 |
CVE-2026-29131
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a spec
|
| 25 |
CVE-2026-33531
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6,
|
| 25 |
CVE-2026-26228
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulner
|
| 25 |
CVE-2026-29791
Agentgateway is an open source data plane for agentic AI connectivity within or
|
| 25 |
CVE-2026-29101
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (C
|
| 25 |
CVE-2025-15332
Tanium addressed an information disclosure vulnerability in Threat Response.
|
| 25 |
CVE-2026-20003
A vulnerability in the REST API of Cisco Secure FMC Software could allow an auth
|
| 25 |
CVE-2025-15329
Tanium addressed an information disclosure vulnerability in Threat Response.
|
| 25 |
CVE-2025-36348
IBM Sterling B2B Integrator versions 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through
|
| 25 |
CVE-2025-57711
An allocation of resources without limits or throttling vulnerability has been r
|
| 25 |
CVE-2025-54155
An allocation of resources without limits or throttling vulnerability has been r
|
| 25 |
CVE-2025-58471
An allocation of resources without limits or throttling vulnerability has been r
|
| 25 |
CVE-2025-58472
A NULL pointer dereference vulnerability has been reported to affect Qsync Centr
|
| 25 |
CVE-2026-28270
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerabili
|
| 25 |
CVE-2026-29098
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (C
|
| 25 |
CVE-2025-57710
An allocation of resources without limits or throttling vulnerability has been r
|
| 25 |
CVE-2026-26948
Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.1
|
| 25 |
CVE-2026-20174
A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights
|
| 25 |
CVE-2026-25525
Magento Long Term Support (LTS) is an unofficial, community-driven project provi
|
| 25 |
CVE-2026-34389
Fleet is open source device management software. Prior to 4.81.0, Fleet containe
|
| 25 |
CVE-2026-30889
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-late
|
| 25 |
CVE-2026-29180
Fleet is open source device management software. Prior to 4.81.1, a broken acces
|
| 25 |
CVE-2026-23797
In Quick.Cart user passwords are stored in plaintext form. An attacker with high
|
| 25 |
CVE-2026-22005
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Op
|
| 25 |
CVE-2026-22319
A stack-based buffer overflow in the device's file installation workflow allows
|
| 25 |
CVE-2026-3116
Mattermost Plugins versions <=11.4 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to valid
|
| 25 |
CVE-2026-26067
October is a Content Management System (CMS) and web platform. Prior to 3.7.14 a
|
| 25 |
CVE-2026-22004
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
|
| 25 |
CVE-2026-34304
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
|
| 25 |
CVE-2026-22002
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Op
|
| 25 |
CVE-2026-35239
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DM
|
| 25 |
CVE-2026-35237
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
|
| 25 |
CVE-2026-35235
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GI
|
| 25 |
CVE-2026-34293
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DM
|
| 25 |
CVE-2026-34278
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Op
|
| 25 |
CVE-2026-21998
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Op
|
| 25 |
CVE-2026-35240
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Op
|
| 25 |
CVE-2026-22318
A stack-based buffer overflow vulnerability in the device's file transfer parame
|
| 25 |
CVE-2026-35236
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
|
| 25 |
CVE-2026-34267
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Op
|
| 25 |
CVE-2026-35234
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pa
|
| 25 |
CVE-2026-35238
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
|
| 25 |
CVE-2026-33162
### Summary
An authenticated control panel user with only accessCp can move ent
|
| 25 |
CVE-2026-3344
A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fi
|
| 25 |
CVE-2026-25772
Wazuh is a free and open source platform used for threat prevention, detection,
|
| 25 |
CVE-2026-22821
mreporting is the more reporting GLPI plugin. Prior to 1.9.4, there is a possibl
|
| 25 |
CVE-2026-1370
The SIBS woocommerce payment gateway plugin for WordPress is vulnerable to time-
|
| 25 |
CVE-2026-1258
The Mail Mint plugin for WordPress is vulnerable to blind SQL Injection via the
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 746d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2314d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2127d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1741d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2244d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4992d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1212d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1014d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3769d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 916d |