Total CVEs
16315
last 90 days
Avg Priority
36.5
of max 220
KEV
37
actively exploited
POC
3552
public exploits
Unpatched
5449
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
194
CVE-2026-24061
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for t
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
184
CVE-2026-23760
SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability
180
CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
160
CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
Priority Distribution
| Priority | CVE |
|---|---|
| 37 |
CVE-2026-3950
A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts
|
| 37 |
CVE-2026-3949
A vulnerability was determined in strukturag libheif up to 1.21.2. This affects
|
| 37 |
CVE-2026-4539
A security flaw has been discovered in pygments up to 2.19.2. The impacted eleme
|
| 37 |
CVE-2026-4174
A vulnerability has been found in Radare2 5.9.9. This issue affects the function
|
| 37 |
CVE-2026-3146
A vulnerability has been found in libvips up to 8.18.0. The impacted element is
|
| 37 |
CVE-2026-2259
A vulnerability has been found in aardappel lobster up to 2025.4. Affected by th
|
| 37 |
CVE-2026-1417
A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is th
|
| 37 |
CVE-2026-1416
A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulner
|
| 37 |
CVE-2026-4219
A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF A
|
| 37 |
CVE-2025-15564
A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects
|
| 37 |
CVE-2026-21716
An incomplete fix for CVE-2024-36137 leaves `FileHandle.chmod()` and `FileHandle
|
| 36 |
CVE-2026-3401
A weakness has been identified in SourceCodester Web-based Pharmacy Product Mana
|
| 36 |
CVE-2026-1196
A security vulnerability has been detected in MineAdmin 1.x/2.x. Affected is an
|
| 36 |
CVE-2026-27838
wger is a free, open-source workout and fitness manager. Five routine detail act
|
| 36 |
CVE-2026-3193
A vulnerability was detected in Chia Blockchain 2.1.0. Impacted is an unknown fu
|
| 36 |
CVE-2026-1743
A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 0
|
| 36 |
CVE-2026-4590
A security flaw has been discovered in kalcaddle kodbox 1.64. The impacted eleme
|
| 36 |
CVE-2026-1751
A vulnerability has been discovered in GitLab CE/EE affecting all versions start
|
| 36 |
CVE-2026-1197
A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerabilit
|
| 36 |
CVE-2026-4584
A flaw has been found in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. This affe
|
| 35 |
CVE-2026-27171
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_g
|
| 34 |
CVE-2026-1588
A vulnerability was found in jishenghua jshERP up to 3.6. The impacted element i
|
| 34 |
CVE-2026-24140
MyTube is a self-hosted downloader and player for several video websites. Versio
|
| 34 |
CVE-2026-25120
Gogs is an open source self-hosted Git service. In versions 0.13.4 and below, th
|
| 34 |
CVE-2026-26889
Sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection
|
| 34 |
CVE-2026-26888
Sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection
|
| 34 |
CVE-2026-26885
Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL In
|
| 34 |
CVE-2026-26886
Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL In
|
| 34 |
CVE-2026-26884
Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL In
|
| 34 |
CVE-2026-26883
Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL In
|
| 34 |
CVE-2026-26890
Sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection
|
| 34 |
CVE-2026-26887
Sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection
|
| 34 |
CVE-2026-26891
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL
|
| 33 |
CVE-2026-32058
OpenClaw versions prior to 2026.2.26 contain an approval context-binding weaknes
|
| 33 |
CVE-2026-27632
Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1
|
| 33 |
CVE-2026-2655
A vulnerability was detected in ChaiScript up to 6.1.0. The impacted element is
|
| 33 |
CVE-2026-2656
A flaw has been found in ChaiScript up to 6.1.0. This affects the function chais
|
| 33 |
CVE-2026-2913
A vulnerability was determined in libvips up to 8.19.0. The affected element is
|
| 33 |
CVE-2026-4242
A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up t
|
| 33 |
CVE-2026-4250
A vulnerability was found in Albert Sağlık Hizmetleri ve Ticaret Albert Health u
|
| 33 |
CVE-2026-4218
A vulnerability was detected in myAEDES App up to 1.18.4 on Android. Affected is
|
| 33 |
CVE-2026-4217
A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on An
|
| 33 |
CVE-2026-4251
A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Aff
|
| 33 |
CVE-2026-4541
A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknow
|
| 32 |
CVE-2026-1532
A vulnerability was identified in D-Link DCS-700L 1.03.09. The affected element
|
| 32 |
CVE-2026-1520
A vulnerability was identified in rethinkdb up to 2.4.3. Affected by this issue
|
| 32 |
CVE-2026-2939
A vulnerability was found in itsourcecode Student Management System 1.0. The imp
|
| 32 |
CVE-2026-4544
A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unk
|
| 32 |
CVE-2026-2932
A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted elem
|
| 32 |
CVE-2026-1971
A vulnerability has been found in Edimax BR-6288ACL up to 1.12. Impacted is the
|
| 32 |
CVE-2026-1744
A vulnerability was found in D-Link DSL-6641K N8.TR069.20131126. Affected by thi
|
| 32 |
CVE-2026-4575
A flaw has been found in code-projects Exam Form Submission 1.0. This issue affe
|
| 32 |
CVE-2026-4576
A vulnerability has been found in code-projects Exam Form Submission 1.0. Impact
|
| 32 |
CVE-2026-1151
A weakness has been identified in technical-laohu mpay up to 1.2.4. The affected
|
| 32 |
CVE-2026-4578
A vulnerability was determined in code-projects Exam Form Submission 1.0. The im
|
| 32 |
CVE-2026-4595
A vulnerability was determined in code-projects Exam Form Submission 1.0. This v
|
| 32 |
CVE-2026-4356
A flaw has been found in itsourcecode University Management System 1.0. Affected
|
| 32 |
CVE-2026-4168
A vulnerability was identified in Tecnick TCExam 16.5.0. This impacts an unknown
|
| 32 |
CVE-2026-4577
A vulnerability was found in code-projects Exam Form Submission 1.0. The affecte
|
| 32 |
CVE-2026-2156
A weakness has been identified in code-projects Online Student Management System
|
| 32 |
CVE-2026-4225
A security flaw has been discovered in CMS Made Simple up to 2.2.21. Impacted is
|
| 32 |
CVE-2026-2972
A vulnerability was determined in a466350665 Smart-SSO up to 2.1.1. This affects
|
| 32 |
CVE-2026-2201
A security vulnerability has been detected in ZeroWdd studentmanager up to 21515
|
| 32 |
CVE-2026-3403
A vulnerability was detected in PHPGurukul Student Record Management System 1.0.
|
| 32 |
CVE-2026-3402
A security vulnerability has been detected in PHPGurukul Student Record Manageme
|
| 32 |
CVE-2026-3170
A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Ar
|
| 32 |
CVE-2026-2934
A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impac
|
| 32 |
CVE-2026-2933
A weakness has been identified in YiFang CMS up to 2.0.5. This affects the funct
|
| 32 |
CVE-2026-2200
A weakness has been identified in heyewei JFinalCMS 5.0.0. This affects an unkno
|
| 32 |
CVE-2026-2214
A weakness has been identified in code-projects for Plugin 1.0. This affects an
|
| 32 |
CVE-2026-2897
A security vulnerability has been detected in funadmin up to 7.1.0-rc4. This vul
|
| 32 |
CVE-2026-3716
A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This vulnerabilit
|
| 32 |
CVE-2026-2222
A weakness has been identified in code-projects Online Reviewer System 1.0. Affe
|
| 32 |
CVE-2026-4958
A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the functio
|
| 31 |
CVE-2026-5847
A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impa
|
| 31 |
CVE-2026-6000
A vulnerability was found in code-projects Online Library Management System 1.0.
|
| 30 |
CVE-2026-5960
A weakness has been identified in code-projects Patient Record Management System
|
| 30 |
CVE-2026-1409
A security vulnerability has been detected in Beetel 777VR1 up to 01.00.09/01.00
|
| 30 |
CVE-2026-5420
A security flaw has been discovered in Shinrays Games Goods Triple App up to 1.2
|
| 30 |
CVE-2026-5310
A vulnerability was identified in Enter Software Iperius Backup up to 8.7.2. Thi
|
| 30 |
CVE-2026-4823
A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by
|
| 30 |
CVE-2026-1408
A weakness has been identified in Beetel 777VR1 up to 01.00.09/01.00.09_55. This
|
| 30 |
CVE-2026-1407
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09/01.00.09_55.
|
| 30 |
CVE-2026-4993
A vulnerability has been found in wandb OpenUI up to 0.0.0.0/1.0. This impacts a
|
| 30 |
CVE-2026-5453
A vulnerability has been found in Rico só vantagem pra investir App up to 4.58.3
|
| 30 |
CVE-2026-5458
A weakness has been identified in Noelse Individuals & Pro App up to 2.1.7 on An
|
| 30 |
CVE-2026-5456
A vulnerability was identified in Align Technology My Invisalign App 3.12.4 on A
|
| 30 |
CVE-2026-5452
A flaw has been found in UCC CampusConnect App up to 14.3.5 on Android. This vul
|
| 30 |
CVE-2026-5462
A vulnerability was identified in Wahoo Fitness SYSTM App up to 7.2.1 on Android
|
| 30 |
CVE-2026-5471
A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 730d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2298d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2111d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1725d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2228d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4975d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1196d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 998d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3752d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 900d |