CVE Records by CVSS Severity — CRITICAL
49 records
Records grouped by their official CVSS v3 severity band as assigned by NVD. Severity is the published CVSS value, not a Quanteta assessment.
Source data as of:
| # | CVE ID | CVSS | Severity | EPSS | KEV | Signals | Affected vendors | Published |
|---|---|---|---|---|---|---|---|---|
| 1 | CVE-2025-62718 | 9.9 v3.1 | CRITICAL | 0.0003 | — | NetworkNo privilegesNo user interactionSSRFVendor advisory ref | axios | 2026-04-09 |
| 2 | CVE-2005-2773 | 9.8 v3.1 | CRITICAL | 0.9030 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionCommand InjectionVendor advisory ref | hp | 2005-09-02 |
| 3 | CVE-2019-5481 | 9.8 v3.1 | CRITICAL | 0.0302 | — | NetworkNo privilegesNo user interactionDouble Free | fedoraproject, opensuse, oracle, haxx, netapp, debian | 2019-09-16 |
| 4 | CVE-2022-0239 | 9.8 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interactionXXEVendor advisory ref | stanford | 2022-01-17 |
| 5 | CVE-2025-11252 | 9.8 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interactionSQL Injection | signumtte | 2026-02-27 |
| 6 | CVE-2025-61260 | 9.8 v3.1 | CRITICAL | 0.0002 | — | NetworkNo privilegesNo user interactionCode Injection | — | 2026-04-14 |
| 7 | CVE-2025-65133 | 9.8 v3.1 | CRITICAL | 0.0003 | — | NetworkNo privilegesNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-14 |
| 8 | CVE-2025-70023 | 9.8 v3.1 | CRITICAL | 0.0002 | — | NetworkNo privilegesNo user interaction | — | 2026-04-14 |
| 9 | CVE-2026-21643 | 9.8 v3.1 | CRITICAL | 0.3391 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionSQL Injection | fortinet | 2026-02-06 |
| 10 | CVE-2026-22738 | 9.8 v3.1 | CRITICAL | 0.0009 | — | NetworkNo privilegesNo user interaction | vmware | 2026-03-27 |
| 11 | CVE-2026-27143 | 9.8 v3.1 | CRITICAL | 0.0002 | — | NetworkNo privilegesNo user interactionVendor advisory ref | golang | 2026-04-08 |
| 12 | CVE-2026-29139 | 9.8 v3.1 | CRITICAL | 0.0005 | — | NetworkNo privilegesNo user interaction | seppmail | 2026-04-02 |
| 13 | CVE-2026-30625 | 9.8 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interactionCommand InjectionVendor advisory ref | — | 2026-04-15 |
| 14 | CVE-2026-30993 | 9.8 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionCode Injection | — | 2026-04-15 |
| 15 | CVE-2026-31049 | 9.8 v3.1 | CRITICAL | 0.0010 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-14 |
| 16 | CVE-2026-31843 | 9.8 v3.1 | CRITICAL | — | — | NetworkNo privilegesNo user interaction | — | 2026-04-16 |
| 17 | CVE-2026-32769 | 9.8 v3.1 | CRITICAL | 0.0005 | — | NetworkNo privilegesNo user interactionVendor advisory ref | ctfer | 2026-03-20 |
| 18 | CVE-2026-32771 | 9.8 v3.1 | CRITICAL | 0.0002 | — | NetworkNo privilegesNo user interactionPath TraversalVendor advisory ref | ctfer | 2026-03-20 |
| 19 | CVE-2026-32985 | 9.8 v3.1 | CRITICAL | 0.0076 | — | NetworkNo privilegesNo user interactionMissing AuthenticationUnrestricted Upload | apereo | 2026-03-20 |
| 20 | CVE-2026-33032 | 9.8 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionMissing AuthenticationVendor advisory ref | nginxui | 2026-03-30 |
| 21 | CVE-2026-33698 | 9.8 v3.1 | CRITICAL | 0.0007 | — | NetworkNo privilegesNo user interactionVendor advisory ref | chamilo | 2026-04-10 |
| 22 | CVE-2026-33746 | 9.8 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interactionImproper AuthenticationVendor advisory ref | convoypanel | 2026-04-02 |
| 23 | CVE-2026-35002 | 9.8 v3.1 | CRITICAL | 0.0059 | — | NetworkNo privilegesNo user interactionVendor advisory ref | agno | 2026-04-02 |
| 24 | CVE-2026-3596 | 9.8 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interactionMissing Authorization | — | 2026-04-16 |
| 25 | CVE-2026-37345 | 9.8 v3.1 | CRITICAL | — | — | NetworkNo privilegesNo user interactionSQL Injection | — | 2026-04-16 |
| 26 | CVE-2026-5187 | 9.8 v3.1 | CRITICAL | 0.0005 | — | NetworkNo privilegesNo user interactionHeap OverflowOut-of-bounds Write | wolfssl | 2026-04-09 |
| 27 | CVE-2026-5731 | 9.8 v3.1 | CRITICAL | 0.0007 | — | NetworkNo privilegesNo user interactionMemory CorruptionVendor advisory ref | mozilla | 2026-04-07 |
| 28 | CVE-2026-1115 | 9.6 v3.1 | CRITICAL | 0.0005 | — | NetworkNo privilegesXSSVendor advisory ref | lollms | 2026-04-10 |
| 29 | CVE-2026-30884 | 9.6 v3.1 | CRITICAL | 0.0002 | — | NetworkNo user interactionAuthorization Bypass (IDOR)Vendor advisory ref | — | 2026-03-18 |
| 30 | CVE-2026-40088 | 9.6 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesOS Command InjectionVendor advisory ref | praison | 2026-04-09 |
| 31 | CVE-2026-33707 | 9.4 v3.1 | CRITICAL | 0.0008 | — | NetworkNo privilegesNo user interactionVendor advisory ref | chamilo | 2026-04-10 |
| 32 | CVE-2026-37338 | 9.4 v3.1 | CRITICAL | — | — | NetworkNo privilegesNo user interactionSQL Injection | — | 2026-04-16 |
| 33 | CVE-2026-40173 | 9.4 v3.1 | CRITICAL | 0.0010 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | — | 2026-04-15 |
| 34 | CVE-2026-27304 | 9.3 v3.1 | CRITICAL | 0.0004 | — | No privilegesNo user interactionImproper Input ValidationVendor advisory ref | adobe | 2026-04-14 |
| 35 | CVE-2026-39382 | 9.3 v4.0 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionOS Command InjectionVendor advisory ref | — | 2026-04-07 |
| 36 | CVE-2025-54236 | 9.1 v3.1 | CRITICAL | 0.7010 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionImproper Input ValidationVendor advisory ref | adobe | 2025-09-09 |
| 37 | CVE-2026-25534 | 9.1 v3.1 | CRITICAL | 0.0005 | — | NetworkNo user interactionSSRFVendor advisory ref | — | 2026-03-17 |
| 38 | CVE-2026-29000 | 9.1 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-03-04 |
| 39 | CVE-2026-29133 | 9.1 v3.1 | CRITICAL | 0.0009 | — | NetworkNo privilegesNo user interactionImproper Input Validation | seppmail | 2026-04-02 |
| 40 | CVE-2026-29143 | 9.1 v3.1 | CRITICAL | 0.0010 | — | NetworkNo privilegesNo user interactionImproper Input Validation | seppmail | 2026-04-02 |
| 41 | CVE-2026-31908 | 9.1 v3.1 | CRITICAL | 0.0003 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-14 |
| 42 | CVE-2026-33615 | 9.1 v3.1 | CRITICAL | 0.0010 | — | NetworkNo privilegesNo user interactionSQL InjectionVendor advisory ref | mbconnectline | 2026-04-02 |
| 43 | CVE-2026-34520 | 9.1 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionVendor advisory ref | aiohttp | 2026-04-01 |
| 44 | CVE-2026-35580 | 9.1 v3.1 | CRITICAL | 0.0002 | — | NetworkNo user interactionCommand InjectionVendor advisory ref | nsa | 2026-04-07 |
| 45 | CVE-2026-37347 | 9.1 v3.1 | CRITICAL | — | — | NetworkNo privilegesNo user interactionSQL Injection | — | 2026-04-16 |
| 46 | CVE-2026-39958 | 9.1 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-09 |
| 47 | CVE-2026-5194 | 9.1 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interaction | wolfssl | 2026-04-09 |
| 48 | CVE-2026-6270 | 9.1 v3.1 | CRITICAL | — | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-16 |
| 49 | CVE-2026-40322 | 9.0 v3.1 | CRITICAL | — | — | NetworkXSSCode InjectionVendor advisory ref | — | 2026-04-16 |