Total CVEs
16545
last 90 days
Avg Priority
35.9
of max 220
KEV
35
actively exploited
POC
3153
public exploits
Unpatched
4129
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
129
CVE-2026-33825
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to el
124
CVE-2026-21643
An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
119
CVE-2026-39987
## Summary
Marimo (19.6k stars) has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint `
119
CVE-2026-3910
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker
119
CVE-2026-3909
Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to per
Priority Distribution
| Priority | CVE |
|---|---|
| 13 |
CVE-2025-55274
HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability.
|
| 13 |
CVE-2026-20757
Improper Locking vulnerability (CWE-667) in Gallagher Morpho integration allows
|
| 13 |
CVE-2026-35388
OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode mu
|
| 13 |
CVE-2026-6842
A flaw was found in nano. In environments with permissive umask settings, a loca
|
| 13 |
CVE-2026-23901
Observable Timing Discrepancy vulnerability in Apache Shiro.
This issue affects
|
| 13 |
CVE-2026-24508
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Im
|
| 13 |
CVE-2026-34849
UAF vulnerability in the screen management module.
Impact: Successful exploitati
|
| 13 |
CVE-2026-27139
On Unix platforms, when listing the contents of a directory using File.ReadDir o
|
| 12 |
CVE-2026-4313
AdaptiveGRC is vulnerable to Stored XSS via text type fields across the forms. A
|
| 12 |
CVE-2026-21741
An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] v
|
| 12 |
CVE-2025-31703
A vulnerability found in Dahua NVR/XVR device. A third-party malicious attacker
|
| 12 |
CVE-2026-34312
Vulnerability in the RDBMS component of Oracle Database Server. Supported versi
|
| 12 |
CVE-2026-20642
An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPa
|
| 12 |
CVE-2026-32266
Unauthenticated users can view a list of buckets the plugin has access to.
The
|
| 12 |
CVE-2026-27307
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled
|
| 12 |
CVE-2026-27308
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled
|
| 12 |
CVE-2026-20989
Improper verification of cryptographic signature in Font Settings prior to SMR M
|
| 12 |
CVE-2026-2401
CWE-532 Insertion of Sensitive Information into Log File vulnerability exists th
|
| 12 |
CVE-2026-40336
libgphoto2 is a camera access and control library. Versions up to and including
|
| 12 |
CVE-2026-2548
A flaw has been found in WAYOS FBM-220G 24.10.19. This affects the function sub_
|
| 12 |
CVE-2026-32735
openapi-to-java-records-mustache-templates allows users to generate Java Records
|
| 12 |
CVE-2026-25724
Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code faile
|
| 12 |
CVE-2026-35624
OpenClaw before 2026.3.22 contains a policy confusion vulnerability in room auth
|
| 12 |
CVE-2026-35617
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Goog
|
| 12 |
CVE-2026-33658
### Impact
Active Storage's proxy controller does not limit the number of byte r
|
| 12 |
CVE-2026-5107
A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the f
|
| 12 |
CVE-2026-32019
OpenClaw versions prior to 2026.2.22 contain incomplete IPv4 special-use range v
|
| 12 |
CVE-2026-34969
# Refresh Token Leaked via URL Query Parameter in OAuth Provider Callback
## Su
|
| 12 |
CVE-2026-22051
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0
|
| 12 |
CVE-2026-0930
Potential read out of bounds case with wolfSSHd on Windows while handling a term
|
| 12 |
CVE-2026-5187
Two potential heap out-of-bounds write locations existed in DecodeObjectId() in
|
| 12 |
CVE-2026-3237
In affected versions of Octopus Server it was possible for a low privileged user
|
| 12 |
CVE-2026-41362
OpenClaw versions 2026.2.19 before 2026.3.31 contain an improper cache isolation
|
| 12 |
CVE-2026-35402
mcp-neo4j-cypher is an MCP server for executing Cypher queries against Neo4j dat
|
| 12 |
CVE-2026-33644
Lychee is a free, open-source photo-management tool. Prior to version 7.5.2, the
|
| 12 |
CVE-2026-5199
A writer role user in an attacker-controlled namespace could signal, delete, and
|
| 12 |
CVE-2026-32642
Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache Active
|
| 12 |
CVE-2026-32943
### Impact
The password reset mechanism does not enforce single-use guarantees
|
| 12 |
CVE-2026-27524
OpenClaw versions prior to 2026.2.21 accept prototype-reserved keys in runtime /
|
| 12 |
CVE-2026-4202
The extension fails to verify, if an authenticated user has permissions to acces
|
| 12 |
CVE-2026-39957
Lychee is a free, open-source photo-management tool. Prior to 7.5.4, a SQL opera
|
| 12 |
CVE-2026-34506
OpenClaw before 2026.3.8 contains a sender allowlist bypass vulnerability in its
|
| 12 |
CVE-2026-34509
OpenClaw before 2026.3.8 contains a sender allowlist bypass vulnerability in its
|
| 12 |
CVE-2026-2756
A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308.
|
| 12 |
CVE-2026-5188
An integer underflow issue exists in wolfSSL when parsing the Subject Alternativ
|
| 12 |
CVE-2026-35648
OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued no
|
| 12 |
CVE-2026-41348
OpenClaw before 2026.3.31 contains an authorization bypass vulnerability in Disc
|
| 12 |
CVE-2026-41908
OpenClaw before 2026.4.20 contains a scope enforcement bypass vulnerability in t
|
| 12 |
CVE-2026-41356
OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rota
|
| 12 |
CVE-2026-21620
Relative Path Traversal, Improper Isolation or Compartmentalization vulnerabilit
|
| 12 |
CVE-2026-34720
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0
|
| 12 |
CVE-2026-33168
### Impact
When a blank string is used as an HTML attribute name in Action View
|
| 12 |
CVE-2026-5448
X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A
|
| 12 |
CVE-2026-41347
OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpo
|
| 12 |
CVE-2026-41358
OpenClaw before 2026.4.2 fails to filter Slack thread context by sender allowlis
|
| 12 |
CVE-2026-34945
Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and
|
| 12 |
CVE-2026-41341
OpenClaw before 2026.3.31 contains a logic error in Discord component interactio
|
| 12 |
CVE-2026-5392
Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an
|
| 12 |
CVE-2025-12474
A specially-crafted file can cause libjxl's decoder to read pixel data from unin
|
| 12 |
CVE-2026-35250
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (comp
|
| 12 |
CVE-2026-34988
Wasmtime is a runtime for WebAssembly. From 28.0.0 to before 36.0.7, 42.0.2, and
|
| 12 |
CVE-2026-4549
A flaw has been found in mickasmt next-saas-stripe-starter 1.0.0. Affected by th
|
| 12 |
CVE-2025-58380
A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated a
|
| 12 |
CVE-2025-58381
A
vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an
authenticat
|
| 12 |
CVE-2026-2671
A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this
|
| 12 |
CVE-2026-28196
In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a crede
|
| 12 |
CVE-2026-34764
### Impact
Apps that use offscreen rendering with GPU shared textures may be vul
|
| 12 |
CVE-2026-41916
OpenClaw before 2026.4.8 contains an authentication state management vulnerabili
|
| 12 |
CVE-2026-41376
OpenClaw before 2026.3.31 contains an allowlist bypass vulnerability in Matrix t
|
| 12 |
CVE-2026-41381
OpenClaw before 2026.3.31 contains an access control bypass vulnerability in the
|
| 12 |
CVE-2026-41382
OpenClaw before 2026.3.31 contains an authorization bypass vulnerability in Disc
|
| 12 |
CVE-2026-41402
OpenClaw before 2026.3.31 contains a scope bypass vulnerability in webhook repla
|
| 12 |
CVE-2026-41406
OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability that
|
| 12 |
CVE-2026-41408
OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media
|
| 12 |
CVE-2026-41910
OpenClaw before 2026.4.8 omits owner-only enforcement for cross-channel allowlis
|
| 12 |
CVE-2026-42421
OpenClaw before 2026.4.8 contains a session management vulnerability where exist
|
| 11 |
CVE-2026-3680
A security flaw has been discovered in RyuzakiShinji biome-mcp-server up to 1.0.
|
| 11 |
CVE-2026-5355
A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this i
|
| 11 |
CVE-2026-6141
A vulnerability was determined in danielmiessler Personal_AI_Infrastructure up t
|
| 11 |
CVE-2026-22895
A cross-site scripting (XSS) vulnerability has been reported to affect QuFTP Ser
|
| 11 |
CVE-2026-3109
Mattermost Plugins versions <=11.4 10.11.11.0 fail to validate webhook request t
|
| 11 |
CVE-2026-41321
## Summary
The `fetch()` call for remote images in `packages/integrations/cloud
|
| 11 |
CVE-2026-33408
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-late
|
| 11 |
CVE-2026-5381
An issue that could expose task information outside of the authorized organizati
|
| 11 |
CVE-2026-30888
Discourse is an open-source discussion platform. Versions prior to 2026.3.0-late
|
| 11 |
CVE-2025-52646
HCL AION is affected by a vulnerability where certain offering configurations ma
|
| 11 |
CVE-2026-0819
A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encod
|
| 11 |
CVE-2026-29110
Cryptomator encrypts data being stored on cloud infrastructure. Prior to version
|
| 11 |
CVE-2025-12697
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5
|
| 11 |
CVE-2026-34851
Race condition vulnerability in the event notification module.
Impact: Successfu
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 747d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2315d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2128d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1742d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2245d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4993d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1213d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1015d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3770d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 917d |