Total CVEs
17716
last 90 days
Avg Priority
34.3
of max 220
KEV
31
actively exploited
POC
2291
public exploits
Unpatched
3560
CRIT/HIGH without patch
How is Priority Score calculated?
Priority Score is a composite risk metric (0-220) combining multiple real-world threat signals:
KEV +50
CISA Known Exploited Vulnerability — confirmed active exploitation in the wild
EPSS x100
Exploit Prediction Scoring System — probability of exploitation in next 30 days (0-100)
CVSS x5
Common Vulnerability Scoring System — technical severity (0-50)
POC +20
Public exploit code exists — lowers barrier for attackers
0-40 Low
40-80 Medium
80-120 High
120+ Critical
Patch Now — Known Exploited Vulnerabilities
141
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FM
136
CVE-2026-0300
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service o
133
CVE-2026-41940
cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, an
131
CVE-2026-6973
An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows
131
CVE-2026-42897
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Ex
129
CVE-2026-33825
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to el
127
CVE-2026-20182
May 2026: This security advisory provides the details and fix information for a vulnerability that w
126
CVE-2026-41091
Improper link resolution before file access ('link following') in Microsoft Defender allows an autho
124
CVE-2026-35616
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an
120
CVE-2026-48172
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp
Priority Distribution
| Priority | CVE |
|---|---|
| 131 |
CVE-2026-6973
An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1,
|
| 118 |
CVE-2026-34621
Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by a
|
| 109 |
CVE-2026-3502
TrueConf Client downloads application update code and applies it without perform
|
| 96 |
CVE-2025-14558
The rtsol(8) and rtsold(8) programs do not validate the domain search list optio
|
| 65 |
CVE-2026-5996
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
|
| 65 |
CVE-2026-7155
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b202005
|
| 65 |
CVE-2026-6028
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
|
| 65 |
CVE-2026-5994
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Th
|
| 65 |
CVE-2026-5997
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The impac
|
| 65 |
CVE-2026-6115
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the
|
| 65 |
CVE-2026-6114
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected
|
| 65 |
CVE-2026-6116
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vu
|
| 65 |
CVE-2026-6156
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
|
| 65 |
CVE-2026-6112
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affecte
|
| 65 |
CVE-2026-6140
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts
|
| 65 |
CVE-2026-6026
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Th
|
| 65 |
CVE-2026-5851
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Th
|
| 65 |
CVE-2026-6139
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This af
|
| 65 |
CVE-2026-6131
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by
|
| 65 |
CVE-2026-6025
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This af
|
| 65 |
CVE-2026-6132
A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affecte
|
| 65 |
CVE-2026-5853
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
|
| 65 |
CVE-2026-5977
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This im
|
| 65 |
CVE-2026-5975
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. The imp
|
| 65 |
CVE-2026-6029
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affec
|
| 65 |
CVE-2026-6113
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
|
| 65 |
CVE-2026-6138
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted ele
|
| 65 |
CVE-2026-5852
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affecte
|
| 65 |
CVE-2026-5993
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vu
|
| 65 |
CVE-2026-7538
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This iss
|
| 65 |
CVE-2026-6154
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Th
|
| 65 |
CVE-2026-5978
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
|
| 65 |
CVE-2026-7037
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Thi
|
| 65 |
CVE-2026-7240
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vul
|
| 65 |
CVE-2026-7154
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This aff
|
| 65 |
CVE-2026-6027
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This is
|
| 65 |
CVE-2026-5976
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Th
|
| 65 |
CVE-2026-6155
A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted elem
|
| 65 |
CVE-2026-5850
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This af
|
| 65 |
CVE-2026-5995
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Impacte
|
| 65 |
CVE-2026-6195
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191
|
| 65 |
CVE-2026-7823
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Aff
|
| 65 |
CVE-2026-5854
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected
|
| 65 |
CVE-2026-4170
A weakness has been identified in Topsec TopACM 3.0. Affected by this vulnerabil
|
| 65 |
CVE-2026-4585
A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up
|
| 65 |
CVE-2026-4252
A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue
|
| 65 |
CVE-2026-4567
A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is
|
| 65 |
CVE-2026-7747
A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected
|
| 65 |
CVE-2026-7719
A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The
|
| 65 |
CVE-2026-28773
The web-based Ping diagnostic utility (/IDC_Ping/main.cgi) in International Data
|
| 65 |
CVE-2026-7854
A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affecte
|
| 65 |
CVE-2026-4181
A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an
|
| 65 |
CVE-2026-7853
A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the fun
|
| 65 |
CVE-2026-5787
An Improper Certificate Validation in Ivanti EPMM before versions 12.6.1.1, 12.7
|
| 64 |
CVE-2026-7153
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The
|
| 64 |
CVE-2026-7138
A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. This vulne
|
| 64 |
CVE-2026-7136
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected
|
| 64 |
CVE-2026-7123
A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Affected is t
|
| 64 |
CVE-2026-7124
A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Affected
|
| 64 |
CVE-2026-7140
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. Impacted
|
| 64 |
CVE-2026-7137
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b202005
|
| 64 |
CVE-2026-7152
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affe
|
| 64 |
CVE-2026-7834
A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This i
|
| 64 |
CVE-2026-7125
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Affected
|
| 64 |
CVE-2026-7139
A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affect
|
| 64 |
CVE-2026-5786
An Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1
|
| 64 |
CVE-2026-25888
Chartbrew is an open-source web application that can connect directly to databas
|
| 64 |
CVE-2018-25181
Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticate
|
| 64 |
CVE-2019-25486
Varient 1.6.1 contains an SQL injection vulnerability that allows unauthenticate
|
| 64 |
CVE-2018-25196
ServerZilla 1.0 contains an SQL injection vulnerability that allows unauthentica
|
| 64 |
CVE-2018-25192
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows una
|
| 64 |
CVE-2019-25533
Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability t
|
| 64 |
CVE-2019-25532
Netartmedia Jobs Portal 6.1 contains an SQL injection vulnerability that allows
|
| 64 |
CVE-2019-25531
Netartmedia Deals Portal contains an SQL injection vulnerability in the Email pa
|
| 64 |
CVE-2026-28774
An OS Command Injection vulnerability exists in the web-based Traceroute diagnos
|
| 64 |
CVE-2024-51348
A stack-based buffer overflow vulnerability in the P2P API service in BS Product
|
| 64 |
CVE-2018-25194
Nominas 0.27 contains an SQL injection vulnerability that allows unauthenticated
|
| 64 |
CVE-2026-3400
A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by
|
| 64 |
CVE-2026-3726
A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function
|
| 64 |
CVE-2026-3808
A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element
|
| 64 |
CVE-2026-3801
A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerabil
|
| 64 |
CVE-2018-25175
Alienor Web Libre 2.0 contains an SQL injection vulnerability that allows unauth
|
| 64 |
CVE-2018-25188
Webiness Inventory 2.3 contains an SQL injection vulnerability that allows unaut
|
| 64 |
CVE-2026-4213
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS
|
| 64 |
CVE-2018-25179
Gumbo CMS 0.99 contains an SQL injection vulnerability that allows unauthenticat
|
| 64 |
CVE-2018-25173
Rmedia SMS 1.0 contains an SQL injection vulnerability that allows unauthenticat
|
| 64 |
CVE-2018-25172
Pedidos 1.0 contains an SQL injection vulnerability that allows unauthenticated
|
| 64 |
CVE-2018-25167
Net-Billetterie 2.9 contains an SQL injection vulnerability in the login paramet
|
| 64 |
CVE-2018-25166
Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows un
|
| 64 |
CVE-2018-25182
Silurus Classifieds Script 2.0 contains an SQL injection vulnerability that allo
|
Oldest Unpatched Critical/High CVEs
| CVE | Severity | CVSS | Priority | Days Open |
|---|---|---|---|---|
| CVE-2024-3400 | CRITICAL | 10.0 | 224 | 776d |
| CVE-2019-19781 | CRITICAL | 9.8 | 223 | 2344d |
| CVE-2020-5902 | CRITICAL | 9.8 | 223 | 2157d |
| CVE-2021-35464 | CRITICAL | 9.8 | 223 | 1771d |
| CVE-2020-10189 | CRITICAL | 9.8 | 223 | 2274d |
| CVE-2012-4681 | CRITICAL | 9.8 | 223 | 5021d |
| CVE-2022-42475 | CRITICAL | 9.8 | 223 | 1242d |
| CVE-2023-3519 | CRITICAL | 9.8 | 223 | 1044d |
| CVE-2015-7450 | CRITICAL | 9.8 | 222 | 3798d |
| CVE-2023-34048 | CRITICAL | 9.8 | 222 | 946d |
1 / 31
Next