Total CVEs
16295
last 90 days
Avg Priority
36.8
of max 220
KEV
42
actively exploited
POC
3306
public exploits
Unpatched
4707
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
194
CVE-2026-24061
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for t
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
184
CVE-2026-23760
SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability
180
CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
160
CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
Priority Distribution
| Priority | CVE |
|---|---|
| 39 |
CVE-2026-25153
Backstage is an open framework for building developer portals, and @backstage/pl
|
| 39 |
CVE-2026-32252
Chartbrew is an open-source web application that can connect directly to databas
|
| 39 |
CVE-2026-34214
### Summary
Iceberg connector REST catalog static credentials (access key) or v
|
| 39 |
CVE-2026-24970
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
|
| 39 |
CVE-2026-24969
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
|
| 39 |
CVE-2026-34769
### Impact
An undocumented `commandLineSwitches` webPreference allowed arbitrary
|
| 39 |
CVE-2026-31851
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implem
|
| 39 |
CVE-2026-4368
Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configur
|
| 39 |
CVE-2026-25506
MUNGE is an authentication service for creating and validating user credentials.
|
| 39 |
CVE-2026-25958
Cube is a semantic layer for building data applications. From 0.27.19 to before
|
| 39 |
CVE-2026-32441
Missing Authorization vulnerability in WebToffee Comments Import & Export commen
|
| 39 |
CVE-2025-61917
n8n is an open source workflow automation platform. From version 1.65.0 to befor
|
| 39 |
CVE-2026-40683
In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert
|
| 39 |
CVE-2026-5190
Out-of-bounds write in the streaming decoder component in aws-c-event-stream bef
|
| 39 |
CVE-2026-34242
Weblate is a web based localization tool. In versions prior to 5.17, the ZIP dow
|
| 39 |
CVE-2025-13523
Mattermost Confluence plugin version <1.7.0 fails to properly escape user-contro
|
| 39 |
CVE-2026-25835
Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Ra
|
| 39 |
CVE-2026-35533
### Summary
`mise` loads trust-control settings from a local project `.mise.tom
|
| 39 |
CVE-2026-30929
ImageMagick is free and open-source software used for editing and manipulating d
|
| 39 |
CVE-2026-30463
Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnera
|
| 39 |
CVE-2026-28521
arduino-TuyaOpen before version 1.2.1 contains an out-of-bounds memory read vuln
|
| 39 |
CVE-2024-51346
An issue in Eufy Homebase 2 version 3.3.4.1h allows a local attacker to obtain s
|
| 39 |
CVE-2026-34222
Open WebUI is a self-hosted artificial intelligence platform designed to operate
|
| 39 |
CVE-2026-40348
Movary is a self hosted web app to track and rate a user's watched movies. Prior
|
| 39 |
CVE-2025-48635
In multiple functions of TaskFragmentOrganizerController.java, there is a possib
|
| 39 |
CVE-2025-1272
The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above fo
|
| 39 |
CVE-2026-0017
In onChange of BiometricService.java, there is a possible way to enable fingerpr
|
| 39 |
CVE-2022-50976
A local attacker could cause a full device reset by resetting the device passwor
|
| 39 |
CVE-2019-25652
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contai
|
| 39 |
CVE-2026-25157
OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS
|
| 39 |
CVE-2026-34853
Permission bypass vulnerability in the LBS module.
Impact: Successful exploitati
|
| 39 |
CVE-2026-20620
An out-of-bounds read issue was addressed with improved input validation. This i
|
| 38 |
CVE-2026-33461
Incorrect Authorization (CWE-863) in Kibana can lead to information disclosure v
|
| 38 |
CVE-2026-4760
From
Panorama Web HMI, an attacker can gain read access to certain Web HMI serve
|
| 38 |
CVE-2026-34839
Glances is an open-source system cross-platform monitoring tool. Prior to versio
|
| 38 |
CVE-2026-39861
Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sa
|
| 38 |
CVE-2026-35446
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web app
|
| 38 |
CVE-2026-32135
NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Versions p
|
| 38 |
CVE-2026-33432
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived se
|
| 38 |
CVE-2026-33476
## Summary
The Siyuan kernel exposes an unauthenticated file-serving endpoint
|
| 38 |
CVE-2026-0772
Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vuln
|
| 38 |
CVE-2026-35585
File Browser is a file managing interface for uploading, deleting, previewing, r
|
| 38 |
CVE-2026-33718
## Summary
A Command Injection vulnerability exists in the `get_git_diff()` met
|
| 38 |
CVE-2026-24538
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
|
| 38 |
CVE-2025-13855
IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable t
|
| 38 |
CVE-2026-22567
Improper validation of user-supplied input in the ZIA Admin UI could allow an au
|
| 38 |
CVE-2026-29870
A directory traversal vulnerability in the agentic-context-engine project versio
|
| 38 |
CVE-2026-34742
The Model Context Protocol (MCP) Go SDK does not enable DNS rebinding protection
|
| 38 |
CVE-2026-27487
OpenClaw is a personal AI assistant. In versions 2026.2.13 and below, when using
|
| 38 |
CVE-2026-29924
Grav CMS v1.7.x and before is vulnerable to XML External Entity (XXE) through th
|
| 38 |
CVE-2026-29053
Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, spec
|
| 38 |
CVE-2025-52744
Improper Control of Generation of Code ('Code Injection') vulnerability in inper
|
| 38 |
CVE-2025-68662
Discourse is an open source discussion platform. In versions prior to 3.5.4, 202
|
| 38 |
CVE-2026-39369
WWBN AVideo is an open source video platform. In versions 26.0 and prior, object
|
| 38 |
CVE-2025-69311
Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet a
|
| 38 |
CVE-2025-68058
Missing Authorization vulnerability in e-plugins Institutions Directory institut
|
| 38 |
CVE-2025-68059
Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing all
|
| 38 |
CVE-2025-68057
Missing Authorization vulnerability in e-plugins Hospital Doctor Directory hospi
|
| 38 |
CVE-2025-53217
Missing Authorization vulnerability in staviravn AIO WP Builder all-in-one-wp-bu
|
| 38 |
CVE-2025-67967
Missing Authorization vulnerability in e-plugins Lawyer Directory lawyer-directo
|
| 38 |
CVE-2026-32749
### Summary
`POST /api/import/importSY` and `POST /api/import/importZipMd` write
|
| 38 |
CVE-2026-24750
Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior
|
| 38 |
CVE-2025-8461
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
|
| 38 |
CVE-2025-8456
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
|
| 38 |
CVE-2026-30918
facileManager is a modular suite of web apps built with the sysadmin in mind. Pr
|
| 38 |
CVE-2026-30919
facileManager is a modular suite of web apps built with the sysadmin in mind. Pr
|
| 38 |
CVE-2026-22470
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
|
| 38 |
CVE-2025-27380
HTML injection in Project Release in Altium Enterprise Server (AES) 7.0.3 on all
|
| 38 |
CVE-2026-33321
OpenEMR is a free and open source electronic health records and medical practice
|
| 38 |
CVE-2024-42210
A Stored cross-site scripting (XSS) vulnerability affects HCL Unica Marketing Op
|
| 38 |
CVE-2025-14343
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
|
| 38 |
CVE-2026-3105
SummaryThis advisory addresses a SQL injection vulnerability in the API endpoint
|
| 38 |
CVE-2026-28136
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
|
| 38 |
CVE-2026-25378
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
|
| 38 |
CVE-2026-33673
### Impact
Multiple stored Cross-Site Scripting (stored XSS) vulnerabilities in
|
| 38 |
CVE-2026-25418
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
|
| 38 |
CVE-2026-21367
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-rang
|
| 38 |
CVE-2026-21381
Transient DOS when receiving a service data frame with excessive length during d
|
| 38 |
CVE-2026-23805
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
|
| 38 |
CVE-2026-24833
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS
|
| 38 |
CVE-2026-1046
Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate help links
|
| 38 |
CVE-2026-40474
## Summary
wger exposes a global configuration edit endpoint at `/config/gym-co
|
| 38 |
CVE-2026-32692
An authorization bypass vulnerability in the Vault secrets back-end implementati
|
| 38 |
CVE-2026-32101
StudioCMS is a server-side-rendered, Astro native, headless content management s
|
| 38 |
CVE-2026-39384
FreeScout is a free help desk and shared inbox built with PHP's Laravel framewor
|
| 38 |
CVE-2025-67102
A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4,
|
| 38 |
CVE-2026-33636
LIBPNG is a reference library for use in applications that read, create, and man
|
| 38 |
CVE-2026-32308
OneUptime is a solution for monitoring and managing online services. Prior to 10
|
| 38 |
CVE-2026-35534
ChurchCRM is an open-source church management system. Prior to 7.1.0, a stored c
|
| 38 |
CVE-2026-32117
The grafanacubism-panel plugin allows use of cubism.js in Grafana. In 0.1.2 and
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 738d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2306d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2119d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1733d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2236d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4984d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1204d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1006d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3761d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 908d |