Total CVEs
16352
last 90 days
Avg Priority
36.7
of max 220
KEV
39
actively exploited
POC
3348
public exploits
Unpatched
4802
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
194
CVE-2026-24061
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for t
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
184
CVE-2026-23760
SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability
180
CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
160
CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
Priority Distribution
| Priority | CVE |
|---|---|
| 44 |
CVE-2026-32646
A specific administrative endpoint is accessible without proper authentication,
|
| 44 |
CVE-2026-31814
### Sumary
The Rust implementation of Yamux accepts `WindowUpdate` credit values
|
| 44 |
CVE-2026-4640
Vitals ESP developed by Galaxy Software Services has a Missing Authentication vu
|
| 44 |
CVE-2026-3321
A vulnerability of authorization bypass through user-controlled key in the 'cons
|
| 44 |
CVE-2025-11500
Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 have
|
| 44 |
CVE-2026-32980
OpenClaw before 2026.3.13 reads and buffers Telegram webhook request bodies befo
|
| 44 |
CVE-2026-34735
The Hytale Modding Wiki is a free service for Hytale mods to host their document
|
| 44 |
CVE-2026-27489
### Summary
A path traversal vulnerability via symlink allows to read arbitrary
|
| 44 |
CVE-2026-40246
### Summary
An improper path validation vulnerability in the UDR service allows
|
| 44 |
CVE-2026-40248
### Summary
An improper path validation vulnerability in the UDR service allows
|
| 44 |
CVE-2026-40247
### Summary
An improper path validation vulnerability in the UDR service allows
|
| 44 |
CVE-2026-35185
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to 25
|
| 44 |
CVE-2026-33778
An Improper Validation of Syntactic Correctness of Input vulnerability in the I
|
| 44 |
CVE-2026-32145
Allocation of Resources Without Limits or Throttling vulnerability in gleam-wisp
|
| 44 |
CVE-2026-26061
### Summary
Fleet contained multiple unauthenticated HTTP endpoints that read r
|
| 44 |
CVE-2026-28253
A Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC,
|
| 44 |
CVE-2026-32314
Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP.
|
| 44 |
CVE-2026-32268
Unauthenticated users can view a list of buckets the plugin has access to.
The
|
| 44 |
CVE-2026-3110
Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specif
|
| 44 |
CVE-2026-40107
SiYuan is a personal knowledge management system. Prior to 3.6.4, SiYuan configu
|
| 44 |
CVE-2026-31958
Tornado is a Python web framework and asynchronous networking library. In versio
|
| 44 |
CVE-2026-3945
An integer overflow vulnerability in the HTTP chunked transfer encoding parser i
|
| 44 |
CVE-2025-71281
XenForo before 2.3.7 does not properly restrict methods callable from within tem
|
| 44 |
CVE-2026-34940
## CHAMP: Description
### Summary
The `ollamaStartupProbeScript()` function in
|
| 44 |
CVE-2026-3692
In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an
|
| 44 |
CVE-2026-32944
### Impact
An unauthenticated attacker can crash the Parse Server process by se
|
| 44 |
CVE-2026-31842
Tinyproxy through 1.11.3 is vulnerable to HTTP request parsing desynchronization
|
| 44 |
CVE-2026-5548
A vulnerability was found in Tenda AC10 16.03.10.10_multi_TDE01. Affected by thi
|
| 44 |
CVE-2026-5550
A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affec
|
| 44 |
CVE-2026-32669
Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vu
|
| 44 |
CVE-2026-33498
### Impact
An attacker can send an unauthenticated HTTP request with a deeply n
|
| 44 |
CVE-2026-25654
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3). Affe
|
| 44 |
CVE-2026-34724
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0
|
| 44 |
CVE-2026-27634
Piwigo is an open source photo gallery application for the web. Prior to version
|
| 44 |
CVE-2026-23625
OpenProject is an open-source, web-based project management software. Versions 1
|
| 44 |
CVE-2026-27934
Discourse is an open-source discussion platform. Versions prior to 2026.3.0-late
|
| 44 |
CVE-2026-40192
### Impact
Pillow did not limit the amount of GZIP-compressed data read when dec
|
| 44 |
CVE-2026-34752
### Summary
Sending an email with `__proto__:` as a header name crashes the Har
|
| 44 |
CVE-2026-35458
Gotenberg is an API for converting document formats. In 8.29.1 and earlier, Gote
|
| 44 |
CVE-2026-2336
A privilege escalation vulnerability in Microchip IStaX allows an authenticated
|
| 44 |
CVE-2026-4148
A use-after-free vulnerability can be triggered in sharded clusters by an authen
|
| 44 |
CVE-2026-3505
Allocation of resources without limits or throttling vulnerability in Legion of
|
| 44 |
CVE-2026-21290
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,
|
| 44 |
CVE-2026-33573
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the
|
| 44 |
CVE-2026-33155
### Summary
The pickle unpickler `_RestrictedUnpickler` validates which classes
|
| 44 |
CVE-2026-1958
Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an u
|
| 44 |
CVE-2026-4682
Certain HP DeskJet All in One devices
may be vulnerable to remote code execution
|
| 44 |
CVE-2026-34617
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Cross-Site Sc
|
| 44 |
CVE-2026-4735
Deserialization of Untrusted Data vulnerability in DTStack chunjun (chunjun-cor
|
| 44 |
CVE-2026-35638
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the C
|
| 44 |
CVE-2026-33790
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flo
|
| 44 |
CVE-2026-34543
OpenEXR provides the specification and reference implementation of the EXR file
|
| 44 |
CVE-2025-32957
baserCMS is a website development framework. Prior to version 5.2.3, the applica
|
| 44 |
CVE-2026-27668
A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager
|
| 44 |
CVE-2025-71278
XenForo before 2.3.5 allows OAuth2 client applications to request unauthorized s
|
| 44 |
CVE-2026-32914
OpenClaw before 2026.3.12 contains an insufficient access control vulnerability
|
| 44 |
CVE-2026-35063
OpenPLC_V3 REST API endpoint checks for JWT presence but never verifies the call
|
| 44 |
CVE-2026-35663
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing
|
| 44 |
CVE-2026-35669
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gatew
|
| 44 |
CVE-2026-28367
A flaw was found in Undertow. A remote attacker can exploit this vulnerability b
|
| 44 |
CVE-2026-33782
A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP d
|
| 44 |
CVE-2026-24913
SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this
|
| 44 |
CVE-2026-2101
A Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Acc
|
| 44 |
CVE-2025-10551
A Stored Cross-site Scripting (XSS) vulnerability affecting Document Management
|
| 44 |
CVE-2026-35576
ChurchCRM is an open-source church management system. Prior to 7.0.0, a stored c
|
| 44 |
CVE-2025-10553
A Stored Cross-site Scripting (XSS) vulnerability affecting Factory Resource Man
|
| 44 |
CVE-2026-35218
Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase'
|
| 44 |
CVE-2026-33346
OpenEMR is a free and open source electronic health records and medical practice
|
| 44 |
CVE-2026-34748
Payload is a free and open source headless content management system. Prior to v
|
| 44 |
CVE-2026-39332
ChurchCRM is an open-source church management system. Prior to 7.1.0, a reflecte
|
| 44 |
CVE-2026-35569
ApostropheCMS is an open-source Node.js content management system. Versions 4.28
|
| 44 |
CVE-2026-39333
ChurchCRM is an open-source church management system. Prior to 7.1.0, he FindFun
|
| 44 |
CVE-2026-32277
# Security Advisory - Cabinet Plugin (DOM-based XSS)
## Summary
A DOM-based Cr
|
| 44 |
CVE-2025-71282
XenForo before 2.3.7 discloses filesystem paths through exception messages trigg
|
| 44 |
CVE-2026-33348
OpenEMR is a free and open source electronic health records and medical practice
|
| 44 |
CVE-2026-40262
### Summary
A stored same-origin XSS vulnerability allows any authenticated user
|
| 44 |
CVE-2026-34228
Emlog is an open source website building system. Prior to version 2.6.8, the bac
|
| 44 |
CVE-2026-27651
When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open
|
| 44 |
CVE-2026-34185
Hydrosystem Control System is vulnerable to SQL Injection across most scripts an
|
| 44 |
CVE-2026-22663
prompts.chat prior to commit 7b81836 contains multiple authorization bypass vuln
|
| 44 |
CVE-2026-33083
DataEase is an open-source data visualization and analytics platform. Versions 2
|
| 44 |
CVE-2026-34186
Improper Neutralization of Special Elements used in an SQL Command vulnerability
|
| 44 |
CVE-2026-34455
Hi.Events is an open-source event management and ticket selling platform. From v
|
| 44 |
CVE-2026-32272
Craft Commerce is an ecommerce platform for Craft CMS. In versions 5.0.0 through
|
| 44 |
CVE-2026-40900
DataEase is an open-source data visualization and analytics platform. Versions 2
|
| 44 |
CVE-2026-33084
DataEase is an open-source data visualization and analytics platform. Versions 2
|
| 44 |
CVE-2026-33121
DataEase is an open-source data visualization and analytics platform. Versions 2
|
| 44 |
CVE-2026-4815
A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulne
|
| 44 |
CVE-2026-35184
EcclesiaCRM is CRM Software for church management. Prior to 8.0.0, there is a SQ
|
| 44 |
CVE-2026-23921
A low privilege Zabbix user with API access can exploit a blind SQL injection vu
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 735d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2303d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2116d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1730d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2233d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4980d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1201d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1003d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3757d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 905d |