Total CVEs
16259
last 90 days
Avg Priority
36.8
of max 220
KEV
42
actively exploited
POC
3307
public exploits
Unpatched
4704
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
194
CVE-2026-24061
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for t
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
184
CVE-2026-23760
SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability
180
CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
160
CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
Priority Distribution
| Priority | CVE |
|---|---|
| 30 |
CVE-2026-24932
The DDNS update function in ADM fails to properly validate the hostname of the D
|
| 30 |
CVE-2026-24584
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti
|
| 30 |
CVE-2026-23892
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPri
|
| 30 |
CVE-2025-59873
An information exposure vulnerability exists in
Vulnerability in HCL Software Z
|
| 30 |
CVE-2025-62077
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti
|
| 30 |
CVE-2025-64648
IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an
|
| 30 |
CVE-2026-39865
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.13.
|
| 30 |
CVE-2026-27752
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authenticati
|
| 30 |
CVE-2026-6414
@fastify/static versions 8.0.0 through 9.1.0 decode percent-encoded path separat
|
| 30 |
CVE-2026-21713
A flaw in Node.js HMAC verification uses a non-constant-time comparison when val
|
| 30 |
CVE-2026-21002
Improper verification of cryptographic signature in Galaxy Store prior to versio
|
| 30 |
CVE-2026-24916
Identity authentication bypass vulnerability in the window module.
Impact: Succe
|
| 30 |
CVE-2025-36253
IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorith
|
| 30 |
CVE-2025-33242
NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malic
|
| 30 |
CVE-2026-24933
The API communication component fails to validate the SSL/TLS certificate when s
|
| 30 |
CVE-2026-23992
go-tuf is a Go implementation of The Update Framework (TUF). Starting in version
|
| 30 |
CVE-2026-1778
Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate v
|
| 30 |
CVE-2026-22618
A security misconfiguration was identified in Eaton Intelligent Power Protector
|
| 30 |
CVE-2026-24909
vlt before 1.0.0-rc.10 mishandles path sanitization for tar, leading to path tra
|
| 30 |
CVE-2026-25151
Qwik is a performance focused javascript framework. Prior to version 1.19.0, Qwi
|
| 30 |
CVE-2026-24929
Out-of-bounds read vulnerability in the graphics module.
Impact: Successful expl
|
| 30 |
CVE-2026-25155
Qwik is a performance focused javascript framework. Prior to version 1.12.0, a t
|
| 30 |
CVE-2026-28546
Buffer overflow vulnerability in the scanning module. Impact: Successful exploit
|
| 30 |
CVE-2026-34859
UAF vulnerability in the kernel module.
Impact: Successful exploitation of this
|
| 30 |
CVE-2026-5300
Unauthenticated functionality in CoolerControl/coolercontrold <4.0.0 allows una
|
| 30 |
CVE-2026-24931
Vulnerability of improper criterion security check in the card module.
Impact: S
|
| 30 |
CVE-2026-28545
Race condition vulnerability in the printing module. Impact: Successful exploita
|
| 30 |
CVE-2026-28538
Path traversal vulnerability in the certificate management module. Impact: Succe
|
| 30 |
CVE-2026-24910
In Bun before 1.3.5, the default trusted dependencies list (aka trust allow list
|
| 30 |
CVE-2026-41078
### Summary
> [!IMPORTANT]
> There is no plan to fix this issue as `OpenTelem
|
| 30 |
CVE-2026-41245
Junrar is an open source java RAR archive library. Prior to version 7.5.10, a pa
|
| 30 |
CVE-2025-55266
HCL Aftermarket DPC is affected by Session Fixation which allows attacker to tak
|
| 30 |
CVE-2026-6370
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti
|
| 29 |
CVE-2024-43035
Fonoster 0.5.5 before 0.6.1 allows ../ directory traversal to read arbitrary fil
|
| 29 |
CVE-2026-20066
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection
|
| 29 |
CVE-2026-32000
OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability i
|
| 29 |
CVE-2026-20067
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection
|
| 29 |
CVE-2026-20054
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA featu
|
| 29 |
CVE-2026-20052
A vulnerability in the memory management handling for the Snort 3 Detection Engi
|
| 29 |
CVE-2026-20013
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and C
|
| 29 |
CVE-2026-20058
Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA featu
|
| 29 |
CVE-2026-20006
A vulnerability in the TLS cryptography functionality of the Snort 3 Detection E
|
| 29 |
CVE-2026-20057
Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Ba
|
| 29 |
CVE-2026-20053
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA featu
|
| 29 |
CVE-2026-20065
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection
|
| 29 |
CVE-2026-3099
A flaw was found in Libsoup. The server-side digest authentication implementatio
|
| 29 |
CVE-2026-20068
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection
|
| 29 |
CVE-2026-20015
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and C
|
| 29 |
CVE-2026-20005
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection
|
| 29 |
CVE-2025-13391
The Product Options and Price Calculation Formulas for WooCommerce - Uni CPO (Pr
|
| 29 |
CVE-2026-20073
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Softw
|
| 29 |
CVE-2026-2454
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail
|
| 29 |
CVE-2025-54659
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'
|
| 29 |
CVE-2026-1539
A flaw was found in the libsoup HTTP library that can cause proxy authentication
|
| 29 |
CVE-2026-34761
## Summary
Ella Core panics when processing a NGAP handover failure message.
#
|
| 29 |
CVE-2025-68898
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti
|
| 29 |
CVE-2026-1712
Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Esc
|
| 29 |
CVE-2025-68515
Insertion of Sensitive Information Into Sent Data vulnerability in Roland Murg W
|
| 29 |
CVE-2026-20007
A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secur
|
| 29 |
CVE-2026-32035
OpenClaw versions prior to 2026.3.2 fail to pass the senderIsOwner flag when pro
|
| 29 |
CVE-2026-33081
### **The /download endpoint validates only the initial URL provided by the user
|
| 29 |
CVE-2026-4366
A flaw was identified in Keycloak, an identity and access management solution, w
|
| 29 |
CVE-2026-5374
An issue that allowed MCP agents to access remediation and asset information fro
|
| 29 |
CVE-2026-27687
Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM P
|
| 29 |
CVE-2026-5384
An issue that could allow a credential to be updated and used for a task from ou
|
| 29 |
CVE-2026-5378
An issue that allowed administrators to create and update users outside of their
|
| 29 |
CVE-2026-33996
LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to ver
|
| 29 |
CVE-2026-34360
## Summary
The `/loadIG` HTTP endpoint in the FHIR Validator HTTP service accep
|
| 29 |
CVE-2026-33061
exactyl is a customisable game management panel and billing system. Commits afte
|
| 29 |
CVE-2025-52644
HCL AION is affected by a vulnerability where certain user actions are not adequ
|
| 29 |
CVE-2026-34452
The Claude SDK for Python provides access to the Claude API from Python applicat
|
| 29 |
CVE-2026-34772
### Impact
Apps that allow downloads and programmatically destroy sessions may b
|
| 29 |
CVE-2026-24137
sigstore framework is a common go library shared across sigstore services and cl
|
| 29 |
CVE-2026-25765
Faraday is an HTTP client library abstraction layer that provides a common inter
|
| 29 |
CVE-2026-32977
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in th
|
| 29 |
CVE-2026-22217
OpenClaw version 2026.2.22 prior to 2026.2.23 contain an arbitrary code executio
|
| 29 |
CVE-2026-33144
GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-bas
|
| 29 |
CVE-2026-25528
LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform.
|
| 29 |
CVE-2026-32988
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in fs
|
| 29 |
CVE-2026-33729
### Description
In OpenFGA, under specific conditions, models using conditions w
|
| 29 |
CVE-2026-25704
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use (TOCTOU) Race C
|
| 29 |
CVE-2026-25905
The Python code being run by 'runPython' or 'runPythonAsync' is not isolated fro
|
| 29 |
CVE-2026-25870
DoraCMS version 3.1 and prior contains a server-side request forgery (SSRF) vuln
|
| 29 |
CVE-2026-27646
OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in th
|
| 29 |
CVE-2026-25904
The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly p
|
| 29 |
CVE-2026-33574
OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills d
|
| 29 |
CVE-2026-24319
In SAP Business One, sensitive information is written to the application�s memor
|
| 29 |
CVE-2026-24928
Out-of-bounds write vulnerability in the file system module.
Impact: Successful
|
| 29 |
CVE-2026-41153
In JetBrains Junie before 252.549.29 command execution was possible via maliciou
|
| 29 |
CVE-2026-28455
OpenClaw before 2026.2.22 contains an allowlist bypass vulnerability in system.r
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 738d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2306d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2119d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1733d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2236d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4983d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1204d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1006d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3761d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 908d |