Total CVEs
16492
last 90 days
Avg Priority
36.6
of max 220
KEV
40
actively exploited
POC
3231
public exploits
Unpatched
4743
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
185
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain
184
CVE-2026-23760
SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability
180
CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerabil
170
CVE-2026-1340
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
164
CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated rem
160
CVE-2025-40536
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
137
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthen
134
CVE-2026-22769
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
128
CVE-2026-24423
SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code executi
Priority Distribution
| Priority | CVE |
|---|---|
| 42 |
CVE-2026-30287
An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner
|
| 42 |
CVE-2026-28520
arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vul
|
| 42 |
CVE-2026-35204
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a spec
|
| 42 |
CVE-2026-30291
An arbitrary file overwrite vulnerability in Ora Tools PDF Reader ' Reader & Edi
|
| 42 |
CVE-2026-32929
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!ge
|
| 42 |
CVE-2026-40027
ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path t
|
| 42 |
CVE-2026-35553
Bluetooth ACPI Drivers provided by Dynabook Inc. contain a stack-based buffer ov
|
| 42 |
CVE-2026-32845
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cg
|
| 42 |
CVE-2025-36920
In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of boun
|
| 42 |
CVE-2026-26281
InvoicePlane is a self-hosted open source application for managing invoices, cli
|
| 42 |
CVE-2025-48602
In exitKeyguardAndFinishSurfaceBehindRemoteAnimation of KeyguardViewMediator.jav
|
| 42 |
CVE-2026-0034
In setPackageOrComponentEnabled of ManagedServices.java, there is a possible not
|
| 42 |
CVE-2026-0011
In enableSystemPackageLPw of Settings.java, there is a possible way to prevent l
|
| 42 |
CVE-2025-48605
In multiple functions of KeyguardViewMediator.java, there is a possible lockscre
|
| 42 |
CVE-2026-40024
The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_rec
|
| 42 |
CVE-2025-48650
In multiple locations, there is a possible information disclosure due to SQL inj
|
| 42 |
CVE-2026-22682
OpenHarness prior to commit 166fcfe contains an improper access control vulnerab
|
| 42 |
CVE-2026-23853
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Featu
|
| 42 |
CVE-2026-3223
Arbitrary file write & potential privilege escalation exploiting zip slip vulner
|
| 42 |
CVE-2026-22593
EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-
|
| 42 |
CVE-2025-48636
In openFile of BugreportContentProvider.java, there is a possible way to read an
|
| 42 |
CVE-2026-0025
In hasImage of Notification.java, there is a possible way to reveal information
|
| 42 |
CVE-2026-0020
In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way t
|
| 42 |
CVE-2025-67125
A signed integer overflow in docopt.cpp v0.6.2 (LeafPattern::match in docopt_pri
|
| 42 |
CVE-2026-0021
In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible
|
| 42 |
CVE-2026-0008
In multiple locations, there is a possible privilege escalation due to a confus
|
| 42 |
CVE-2026-0010
In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write
|
| 42 |
CVE-2026-35641
OpenClaw before 2026.3.24 contains an arbitrary code execution vulnerability in
|
| 42 |
CVE-2026-0037
In multiple functions of ffa.c, there is a possible memory corruption due to a l
|
| 42 |
CVE-2026-0118
In oobconfig, there is a possible bypass of carrier restrictions due to a logic
|
| 42 |
CVE-2025-32313
In UsageEvents of UsageEvents.java, there is a possible out of bounds write due
|
| 42 |
CVE-2026-0013
In setupLayout of PickActivity.java, there is a possible way to start any activi
|
| 42 |
CVE-2026-0035
In createRequest of MediaProvider.java, there is a possible way for an app to ga
|
| 42 |
CVE-2025-48619
In multiple functions of ContentProvider.java, there is a possible way for an ap
|
| 42 |
CVE-2026-0047
In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for
|
| 42 |
CVE-2025-69627
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability
|
| 42 |
CVE-2026-28518
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path tra
|
| 42 |
CVE-2026-0117
In mfc_dec_dqbuf of mfc_dec_v4l2.c, there is a possible out of bounds write due
|
| 42 |
CVE-2025-36384
IBM Db2 for Windows 12.1.0 - 12.1.3 could allow a local user with filesystem ac
|
| 42 |
CVE-2026-0123
In EfwApTransport::ProcessRxRing of efw_ap_transport.cc, there is a possible out
|
| 42 |
CVE-2026-24930
UAF concurrency vulnerability in the graphics module.
Impact: Successful exploit
|
| 42 |
CVE-2026-33747
### Impact
When using a custom BuildKit frontend, the frontend can craft an API
|
| 42 |
CVE-2026-0107
In gmc_ddr_handle_mba_mr_req of gmc_mba_ddr.c, there is a possible escalation of
|
| 42 |
CVE-2025-48582
In multiple locations, there is a possible way to delete media without the MANAG
|
| 42 |
CVE-2025-48579
In multiple functions of MediaProvider.java, there is a possible external storag
|
| 42 |
CVE-2026-24926
Out-of-bounds write vulnerability in the camera module.
Impact: Successful explo
|
| 42 |
CVE-2025-48574
In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an
|
| 42 |
CVE-2026-4266
An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an at
|
| 42 |
CVE-2026-3519
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC
|
| 42 |
CVE-2026-4048
OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC P
|
| 42 |
CVE-2026-3518
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC
|
| 42 |
CVE-2026-40706
In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfs_bui
|
| 42 |
CVE-2026-3517
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC
|
| 42 |
CVE-2026-40931
**1. Executive Summary**
This report documents a critical security research find
|
| 42 |
CVE-2026-40599
ClearanceKit intercepts file-system access events on macOS and enforces per-proc
|
| 42 |
CVE-2025-32355
Rocket TRUfusion Enterprise through 7.10.4.0 uses a reverse proxy to handle inco
|
| 42 |
CVE-2025-14213
Cato Networks’ Socket versions prior to 25 contain a command injection vulnerabi
|
| 42 |
CVE-2026-32725
SciTokens C++ is a minimal library for creating and using SciTokens from C or C+
|
| 42 |
CVE-2026-0980
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller
|
| 42 |
CVE-2026-1367
Zohocorp ManageEngine ADSelfService Plus versions 6522 and below are vulnerable
|
| 42 |
CVE-2026-5264
Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can s
|
| 42 |
CVE-2026-0708
A flaw was found in libucl. A remote attacker could exploit this by providing a
|
| 42 |
CVE-2026-29075
Mesa is an open-source Python library for agent-based modeling, simulating compl
|
| 42 |
CVE-2026-25941
FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the
|
| 42 |
CVE-2026-22897
A command injection vulnerability has been reported to affect QuNetSwitch. The r
|
| 42 |
CVE-2026-2111
A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this issue
|
| 42 |
CVE-2026-2692
A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an
|
| 42 |
CVE-2026-2672
A security flaw has been discovered in Tsinghua Unigroup Electronic Archives Sys
|
| 42 |
CVE-2026-6442
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior
|
| 42 |
CVE-2026-3408
A vulnerability was identified in Open Babel up to 3.1.1. This impacts the funct
|
| 42 |
CVE-2026-2704
A security vulnerability has been detected in Open Babel up to 3.1.1. The affect
|
| 42 |
CVE-2026-35478
InvenTree is an Open Source Inventory Management System. From 0.16.0 to before 1
|
| 42 |
CVE-2026-6328
Improper input validation, Improper verification of cryptographic signature vuln
|
| 42 |
CVE-2026-2705
A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is
|
| 42 |
CVE-2026-30461
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote
|
| 42 |
CVE-2026-0562
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows
|
| 42 |
CVE-2026-3269
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element i
|
| 42 |
CVE-2026-3549
Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extens
|
| 42 |
CVE-2025-10913
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
|
| 42 |
CVE-2026-1600
A vulnerability was identified in Bdtask Bhojon All-In-One Restaurant Management
|
| 42 |
CVE-2026-27203
eBay API MCP Server is an open source local MCP server providing AI assistants w
|
| 42 |
CVE-2026-39884
## Summary
The `port_forward` tool in `mcp-server-kubernetes` constructs a kube
|
| 42 |
CVE-2026-33980
### Summary
adx-mcp-server (<= latest, commit 48b2933) contains KQL (Kusto Quer
|
| 42 |
CVE-2026-34524
## Summary
A Path Traversal vulnerability in chat endpoints allows an authentica
|
| 42 |
CVE-2026-34221
A prototype pollution vulnerability exists in the `Utils.merge` helper used inte
|
| 42 |
CVE-2026-27803
Vaultwarden is an unofficial Bitwarden compatible server written in Rust, former
|
| 42 |
CVE-2026-27802
Vaultwarden is an unofficial Bitwarden compatible server written in Rust, former
|
| 42 |
CVE-2026-1619
Authorization Bypass Through User-Controlled Key vulnerability in Universal Soft
|
| 42 |
CVE-2026-34072
Cr*nMaster (cronmaster) is a Cronjob management UI with human readable syntax, l
|
| 42 |
CVE-2026-31939
Chamilo LMS is a learning management system. Prior to 1.11.38, there is a path t
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 739d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2307d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2120d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1734d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2237d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 4985d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1205d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1007d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3762d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 909d |