Vulnerability Intelligence

HIGH & CRITICAL severity — CVSS score ≥ 7.0

Total
2054
NVD
1889
CISA KEV
60
Exploit-DB
84
ANSSI
1
CVE ID Title Severity CVSS Source Published
CVE-2026-56783 Parseable before 2 MEDIUM 6.5 NVD Jun 29, 2026
CVE-2026-56782 Gorse before 0 CRITICAL 9.8 NVD Jun 29, 2026
CVE-2026-56780 Modoboa before 2 HIGH 7.5 NVD Jun 29, 2026
CVE-2026-56285 Nitter's /video media proxy endpoint fails to validate target URLs against Twitt HIGH 8.6 NVD Jun 29, 2026
CVE-2026-36848 Gigavue-Os — Gigamon GVOS v5 HIGH 7.5 NVD Jun 29, 2026
CVE-2026-13592 A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56962807d350 HIGH 7.3 NVD Jun 29, 2026
CVE-2026-13752 Snowflake Cli — Improper neutralization of parameters in Snowflake CLI versi MEDIUM 6.0 NVD Jun 29, 2026
CVE-2026-12912 A flaw was found in libtiff HIGH 7.3 NVD Jun 29, 2026
CVE-2026-13676 fast-uri versions 2 HIGH 7.5 NVD Jun 29, 2026
CVE-2026-13568 A weakness has been identified in SourceCodester Inventory Management System 1 HIGH 7.3 NVD Jun 29, 2026
CVE-2026-13566 A vulnerability was identified in SourceCodester Class and Exam Timetabling Syst HIGH 7.3 NVD Jun 29, 2026
CVE-2026-13565 A vulnerability was determined in SourceCodester Class and Exam Timetabling Syst HIGH 7.3 NVD Jun 29, 2026
CVE-2026-12856 A flaw was found in the vscode-java extension, which provides Java language supp HIGH 8.8 NVD Jun 29, 2026
CVE-2026-11979 Libxml2 — libxml2 is vulnerable to multiple stack-based buffer overflo HIGH 7.8 NVD Jun 29, 2026
CVE-2026-13564 A vulnerability was found in Edimax EW-7478APC 1 HIGH 8.8 NVD Jun 29, 2026
CVE-2026-13563 A vulnerability has been found in Edimax EW-7478APC 1 HIGH 8.8 NVD Jun 29, 2026
CVE-2026-13562 A flaw has been found in Edimax EW-7478APC 1 HIGH 8.8 NVD Jun 29, 2026
CVE-2026-13561 A vulnerability was detected in Edimax EW-7478APC 1 MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13560 A security vulnerability has been detected in Edimax EW-7478APC 1 MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13559 A weakness has been identified in code-projects Real State Services 1 HIGH 7.3 NVD Jun 29, 2026
CVE-2026-13545 Dcs-935L Firmware — A vulnerability has been found in D-Link DCS-935L 1 HIGH 8.8 NVD Jun 29, 2026
CVE-2026-13544 A flaw has been found in Feehi CMS up to 2 MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13542 A security vulnerability has been detected in itsourcecode Hospital Management S MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13541 A weakness has been identified in itsourcecode Hospital Management System 1 MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13540 A security flaw has been discovered in GitBucket up to 4 MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13539 A vulnerability was identified in Wavlink WL-NU516U1-A M16U1_V240425 HIGH 8.8 NVD Jun 29, 2026
CVE-2026-10083 The APCu Manager WordPress plugin before 4 HIGH 7.5 NVD Jun 29, 2026
CVE-2025-7386 Information exposure vulnerability in Hitachi Storage Navigator MEDIUM 6.8 NVD Jun 29, 2026
CVE-2025-2902 Improper Authorization Vulnerability of Maintenance Utility in Hitachi Virtual S HIGH 8.3 NVD Jun 29, 2026
CVE-2026-13538 A vulnerability was determined in Wavlink WL-NU516U1-A M16U1_V240425 MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13535 A flaw has been found in CodeAstro Human Resource Management System 1 MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13532 A weakness has been identified in itsourcecode Hospital Management System 1 MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13528 A vulnerability was found in YunaiV/zhijiantianya ruoyi-vue-pro up to 2026 HIGH 7.3 NVD Jun 29, 2026
CVE-2026-13527 A vulnerability has been found in SourceCodester Class and Exam Timetabling Syst HIGH 7.3 NVD Jun 29, 2026
CVE-2026-13526 A flaw has been found in SourceCodester Class and Exam Timetabling System 1 HIGH 7.3 NVD Jun 29, 2026
CVE-2026-13525 A vulnerability was detected in CodeAstro Human Resource Management System 1 MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13521 A vulnerability was identified in SourceCodester Class and Exam Timetabling Syst HIGH 7.3 NVD Jun 29, 2026
CVE-2026-13520 A vulnerability was determined in itsourcecode Hospital Management System 1 MEDIUM 6.3 NVD Jun 29, 2026
CVE-2026-13519 A vulnerability was found in Tenda JD12L 16 HIGH 8.8 NVD Jun 29, 2026
CVE-2026-13518 A vulnerability has been found in Tenda JD12L 16 HIGH 8.8 NVD Jun 29, 2026
CVE-2026-13517 A flaw has been found in Tenda JD12L 16 HIGH 8.8 NVD Jun 29, 2026
CVE-2026-13516 A vulnerability was detected in Tenda JD12L 16 HIGH 8.8 NVD Jun 29, 2026
CVE-2026-13515 A security vulnerability has been detected in Tenda JD12L 16 HIGH 8.8 NVD Jun 29, 2026
CVE-2026-48558 SimpleHelp - SimpleHelp CRITICAL N/A CISA Jun 29, 2026
CVE-2026-13512 A vulnerability was identified in Databend up to 1 MEDIUM 6.3 NVD Jun 28, 2026
CVE-2026-13509 A vulnerability has been found in RAGapp up to 0 MEDIUM 6.3 NVD Jun 28, 2026
CVE-2026-49048 The Joomla extension JoomCCK exposes a front-end controller task, that builds tw CRITICAL 9.8 NVD Jun 28, 2026
CVE-2026-13500 A weakness has been identified in antlr ANTLR4 up to 4 HIGH 7.3 NVD Jun 28, 2026
CVE-2026-13498 A vulnerability was identified in yashpokharna2555 restaurent-management-system HIGH 7.3 NVD Jun 28, 2026
CVE-2026-13497 A vulnerability was determined in itsourcecode Hospital Management System 1 MEDIUM 6.3 NVD Jun 28, 2026
CVE-2026-13496 A vulnerability was found in itsourcecode Hospital Management System 1 MEDIUM 6.3 NVD Jun 28, 2026
CVE-2026-13488 A security flaw has been discovered in SourceCodester Class and Exam Timetabling HIGH 7.3 NVD Jun 28, 2026
CVE-2026-13487 A vulnerability was identified in SourceCodester Class and Exam Timetabling Syst HIGH 7.3 NVD Jun 28, 2026
CVE-2026-13486 A vulnerability was determined in SourceCodester Class and Exam Timetabling Syst HIGH 7.3 NVD Jun 28, 2026
CVE-2026-13485 A vulnerability was found in SourceCodester Class and Exam Timetabling System 1 HIGH 7.3 NVD Jun 28, 2026
CVE-2026-10646 Zephyr's BSD-sockets getaddrinfo() implementation (subsys/net/lib/sockets/getadd HIGH 7.4 NVD Jun 28, 2026
CVE-2026-10593 The Zephyr Bluetooth LE Audio Basic Audio Profile (BAP) unicast client mishandle MEDIUM 6.5 NVD Jun 28, 2026
CVE-2026-58058 Nmap through 7 MEDIUM 6.5 NVD Jun 28, 2026
CVE-2026-58056 RustDesk gates incoming control messages on per-capability flags rather than on HIGH 7.6 NVD Jun 28, 2026
CVE-2026-58054 MyBB 1 HIGH 7.2 NVD Jun 28, 2026
CVE-2026-58053 Gitea act_runner with the Docker backend (through act 0 CRITICAL 9.9 NVD Jun 28, 2026
CVE-2026-58051 libssh2 through 1 MEDIUM 6.5 NVD Jun 28, 2026
CVE-2026-58050 libssh2 through 1 HIGH 7.0 NVD Jun 28, 2026
CVE-2026-58049 FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc HIGH 8.6 NVD Jun 28, 2026
CVE-2026-8095 The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authentic HIGH 8.1 NVD Jun 28, 2026
CVE-2026-10643 Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet HIGH 8.7 NVD Jun 28, 2026
CVE-2026-3462 The Frisbii Pay plugin for WordPress is vulnerable to unauthorized modification MEDIUM 6.5 NVD Jun 27, 2026
CVE-2026-13295 The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cros MEDIUM 6.4 NVD Jun 27, 2026
CVE-2026-11783 The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your MEDIUM 6.4 NVD Jun 27, 2026
CVE-2026-11597 The Surbma | Infusionsoft Shortcode plugin for WordPress is vulnerable to Stored MEDIUM 6.4 NVD Jun 27, 2026
CVE-2026-13245 The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected MEDIUM 6.1 NVD Jun 27, 2026
CVE-2026-12415 The Invoice Generator plugin for WordPress is vulnerable to privilege escalation CRITICAL 9.8 NVD Jun 27, 2026
CVE-2026-47204 Envoy — Envoy is an open source edge and service proxy designed for MEDIUM 6.5 NVD Jun 26, 2026
CVE-2026-33646 mise manages dev tools like node, python, cmake, and terraform CRITICAL 9.6 NVD Jun 26, 2026
CVE-2026-57518 Pagekit CMS 1 HIGH 8.8 NVD Jun 26, 2026
CVE-2026-57231 Podman is a tool for managing OCI containers and pods HIGH 7.5 NVD Jun 26, 2026
CVE-2026-56663 AutoGPT is a workflow automation platform for creating, deploying, and managing HIGH 8.5 NVD Jun 26, 2026
CVE-2026-55677 Echo is a Go web framework HIGH 7.5 NVD Jun 26, 2026
CVE-2026-54636 Dokku — Dokku is a docker-powered PaaS CRITICAL 9.0 NVD Jun 26, 2026
CVE-2026-48529 GitHub MCP Server is GitHub's official MCP Server MEDIUM 6.0 NVD Jun 26, 2026
CVE-2026-45408 Dokku — Dokku is a docker-powered PaaS CRITICAL 9.0 NVD Jun 26, 2026
CVE-2026-45406 Dokku — Dokku is a docker-powered PaaS CRITICAL 9.0 NVD Jun 26, 2026
CVE-2026-45405 Dokku — Dokku is a docker-powered PaaS CRITICAL 9.0 NVD Jun 26, 2026
CVE-2026-53914 Kotlin — In JetBrains Kotlin before 2 MEDIUM 6.7 NVD Jun 26, 2026
CVE-2026-57920 Peplink InControl 2 through 2 HIGH 7.7 NVD Jun 26, 2026
CVE-2026-57915 It is possible to bypass the Kerberos pre-authentication check in Apache Kerby b HIGH 7.3 NVD Jun 26, 2026
CVE-2026-40711 Dell Dell Container Storage Modules, version(s) csi-powerstore v2 HIGH 8.0 NVD Jun 26, 2026
CVE-2025-64152 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v CRITICAL 9.1 NVD Jun 26, 2026
CVE-2025-55017 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v CRITICAL 9.1 NVD Jun 26, 2026
CVE-2026-57914 By sending a deeply nested ASN1 structure to a Apache Kerby client or service, i MEDIUM 6.5 NVD Jun 26, 2026
CVE-2026-57620 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti MEDIUM 6.5 NVD Jun 26, 2026
CVE-2026-57918 libnfs through 6 HIGH 7.1 NVD Jun 26, 2026
CVE-2026-57913 Johnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allo HIGH 7.5 NVD Jun 26, 2026
CVE-2026-57912 Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data pro HIGH 7.5 NVD Jun 26, 2026
CVE-2026-13325 A flaw was found in KubeVirt's migration proxy HIGH 8.5 NVD Jun 26, 2026
CVE-2026-48619 Node.Js — A flaw in Node HIGH 7.5 NVD Jun 26, 2026
CVE-2026-48618 Node.Js — A flaw in Node MEDIUM 6.5 NVD Jun 26, 2026
CVE-2026-48615 Node.Js — A flaw in Node HIGH 7.5 NVD Jun 26, 2026
CVE-2026-13226 The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress MEDIUM 6.5 NVD Jun 26, 2026
CVE-2026-9222 Setracker2 Android Companion App com HIGH 8.1 NVD Jun 26, 2026
CVE-2026-9221 The Setracker2 Android Companion App (com HIGH 7.5 NVD Jun 26, 2026
CVE-2026-9220 Setracker2 Android Companion App com HIGH 7.5 NVD Jun 26, 2026
CVE-2026-9219 Setracker2 Android Companion App com MEDIUM 6.5 NVD Jun 26, 2026
CVE-2026-13318 A server-side request forgery (SSRF) flaw was found in KubeVirt's virt-api port- MEDIUM 6.4 NVD Jun 26, 2026
CVE-2026-13083 A flaw was found in the Pen Drive report generator MEDIUM 6.9 NVD Jun 26, 2026
CVE-2026-12993 A flaw was found in Apicurio Registry MEDIUM 6.5 NVD Jun 26, 2026
CVE-2026-40084 Cacti is an open source performance and fault management framework MEDIUM 6.5 NVD Jun 25, 2026
CVE-2026-40083 Cacti is an open source performance and fault management framework HIGH 7.2 NVD Jun 25, 2026
CVE-2026-40080 Cacti is an open source performance and fault management framework MEDIUM 6.1 NVD Jun 25, 2026
CVE-2026-46734 Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2 HIGH 7.3 NVD Jun 25, 2026
CVE-2026-46733 Dell Display and Peripheral Manager (DDPM Windows), versions prior to 2 HIGH 7.8 NVD Jun 25, 2026
CVE-2026-46732 Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2 MEDIUM 6.7 NVD Jun 25, 2026
CVE-2026-41120 Wyse Management Suite — Dell Wyse Management Suite, versions prior to WMS 5 CRITICAL 9.8 NVD Jun 25, 2026
CVE-2026-27366 Unauthenticated Broken Access Control in MainWP Child <= 6 HIGH 7.5 NVD Jun 25, 2026
CVE-2026-33612 A malicious authoritative server can send a crafted zone via the ZoneToCache fun HIGH 7.5 NVD Jun 25, 2026
CVE-2026-5305 The Email Address Encoder WordPress plugin before 1 HIGH 8.8 NVD Jun 25, 2026
CVE-2026-12490 Nsd — When a provide-xfr is given with a tls-auth-name, a secondar HIGH 7.5 NVD Jun 25, 2026
CVE-2026-12246 Nsd — NSD version 4 HIGH 8.1 NVD Jun 25, 2026
CVE-2026-12245 Nsd — NSD from version 4 HIGH 7.5 NVD Jun 25, 2026
CVE-2026-12244 Nsd — If NSD is configured as secondary for a zone, the primary of HIGH 8.8 NVD Jun 25, 2026
CVE-2026-10824 The Masteriyo LMS WordPress plugin before 2 MEDIUM 6.5 NVD Jun 25, 2026
CVE-2026-13311 Shell-Quote — shell-quote prior to 1 HIGH 7.5 NVD Jun 25, 2026
CVE-2026-12053 Gitlab — GitLab has remediated an issue in GitLab EE affecting all ve HIGH 8.6 NVD Jun 25, 2026
CVE-2026-10712 Gitlab — GitLab has remediated an issue in GitLab CE/EE affecting all HIGH 8.0 NVD Jun 25, 2026
CVE-2026-10086 Gitlab — GitLab has remediated an issue in GitLab EE affecting all ve HIGH 8.7 NVD Jun 25, 2026
CVE-2026-8663 OS Command Injection vulnerability in Rapid7 InsightConnect RPM Plugin on Linux MEDIUM 6.0 NVD Jun 25, 2026
CVE-2026-8659 OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Lin MEDIUM 6.0 NVD Jun 25, 2026
CVE-2026-40079 Cacti — Cacti is an open source performance and fault management fra CRITICAL 9.8 NVD Jun 25, 2026
CVE-2026-39951 Cacti — Cacti is an open source performance and fault management fra HIGH 7.6 NVD Jun 25, 2026
CVE-2026-12569 PTC - Windchill and FlexPLM CRITICAL N/A CISA Jun 25, 2026
CVE-2026-39955 Cacti — Cacti is an open source performance and fault management fra CRITICAL 9.8 NVD Jun 24, 2026
CVE-2026-39948 Cacti — Cacti is an open source performance and fault management fra CRITICAL 9.8 NVD Jun 24, 2026
CVE-2026-39938 Cacti — Cacti is an open source performance and fault management fra CRITICAL 9.8 NVD Jun 24, 2026
CVE-2026-39900 Cacti — Cacti is an open source performance and fault management fra MEDIUM 6.1 NVD Jun 24, 2026
CVE-2025-60474 A buffer overflow in the gf_media_import function (/media_tools/av_parsers HIGH 7.5 NVD Jun 24, 2026
CVE-2025-60467 A use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_co HIGH 7.5 NVD Jun 24, 2026
CVE-2026-56302 Capgo before 12 MEDIUM 6.5 NVD Jun 24, 2026
CVE-2026-56270 Flowise — Flowise before 3 HIGH 7.5 NVD Jun 24, 2026
CVE-2026-56262 Crawl4Ai — Crawl4AI before 0 MEDIUM 6.5 NVD Jun 24, 2026
CVE-2026-56257 Capgo before 12 HIGH 7.1 NVD Jun 24, 2026
CVE-2026-56256 Capgo before 12 HIGH 7.1 NVD Jun 24, 2026
CVE-2026-56245 Supabase Capgo before 12 HIGH 8.2 NVD Jun 24, 2026
CVE-2026-56244 Capgo before 12 HIGH 7.1 NVD Jun 24, 2026
CVE-2026-56237 Capgo before 12 CRITICAL 9.1 NVD Jun 24, 2026
CVE-2026-56232 Capgo before 12 HIGH 8.8 NVD Jun 24, 2026
CVE-2026-56231 Capgo before 12 HIGH 7.6 NVD Jun 24, 2026
CVE-2026-56223 Capgo before 12 HIGH 8.7 NVD Jun 24, 2026
CVE-2026-12242 The AdRotate Banner Manager plugin for WordPress is vulnerable to PHP Code Injec HIGH 8.8 NVD Jun 24, 2026
CVE-2025-71361 picklescan before 0 HIGH 8.1 NVD Jun 24, 2026
CVE-2025-71354 picklescan before 0 HIGH 8.1 NVD Jun 24, 2026
CVE-2025-71332 Flowise — Flowise through 2 MEDIUM 6.5 NVD Jun 24, 2026
CVE-2026-12848 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that c CRITICAL 10.0 NVD Jun 24, 2026
CVE-2026-12847 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that c CRITICAL 10.0 NVD Jun 24, 2026
CVE-2026-12846 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that c CRITICAL 10.0 NVD Jun 24, 2026
CVE-2026-12488 A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVis MEDIUM 6.2 NVD Jun 24, 2026
CVE-2026-12486 Multiple OS command injection vulnerabilities exist in the libNetSetObj CRITICAL 9.1 NVD Jun 24, 2026
CVE-2026-12485 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that c CRITICAL 10.0 NVD Jun 24, 2026
CVE-2026-3652 The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi HIGH 7.2 NVD Jun 24, 2026
CVE-2026-11614 The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable MEDIUM 6.4 NVD Jun 24, 2026
CVE-2026-54639 Style Dictionary, a build system for creating cross-platform styles, has a proto HIGH 8.8 NVD Jun 24, 2026
CVE-2026-7574 Anthropic Claude Desktop Cowork VM image handling (confirmed across v1 HIGH 8.7 NVD Jun 24, 2026
CVE-2026-56785 FlatPress contains a stored cross-site scripting vulnerability in comment and co HIGH 8.2 NVD Jun 23, 2026
CVE-2026-54588 Poweradmin is a web-based DNS administration tool for PowerDNS server CRITICAL 9.6 NVD Jun 23, 2026
CVE-2026-47693 Poweradmin is a web-based DNS administration tool for PowerDNS server MEDIUM 6.9 NVD Jun 23, 2026
CVE-2026-33760 Langflow is a tool for building and deploying AI-powered agents and workflows HIGH 8.8 NVD Jun 23, 2026
CVE-2026-13007 Tenable Identity Exposure contains multiple unauthenticated API endpoints under HIGH 7.5 NVD Jun 23, 2026
CVE-2026-12958 Missing symlink validation in Language Servers for AWS may allow an arbitrary fi HIGH 7.8 NVD Jun 23, 2026
CVE-2026-12957 Improper trust boundary enforcement in Language Servers for AWS before version 1 HIGH 7.8 NVD Jun 23, 2026
CVE-2025-61028 An issue in the time_t_to_dt component of openlink virtuoso-opensource v7 HIGH 7.5 NVD Jun 23, 2026
CVE-2025-61025 An issue in the sslr_qst_get component of openlink virtuoso-opensource v7 HIGH 7.5 NVD Jun 23, 2026
CVE-2025-61022 An issue in the sqlo_tb_col_preds component of openlink virtuoso-opensource v7 HIGH 7.5 NVD Jun 23, 2026
CVE-2025-61020 An issue in the sqlo_strip_in_join component of openlink virtuoso-opensource v7 HIGH 7.5 NVD Jun 23, 2026
CVE-2025-61018 An issue in the sqlo_place_dt_set component of openlink virtuoso-opensource v7 HIGH 7.5 NVD Jun 23, 2026
CVE-2026-56274 Flowise before 3 CRITICAL 9.9 NVD Jun 23, 2026
CVE-2026-56263 Crawl4AI before 0 MEDIUM 6.1 NVD Jun 23, 2026
CVE-2026-56258 Crawl4AI before 0 HIGH 8.1 NVD Jun 23, 2026
CVE-2026-56248 Cap-go capgo (capgo-backend) before 12 HIGH 7.5 NVD Jun 23, 2026
CVE-2026-56243 Capgo before 12 HIGH 8.1 NVD Jun 23, 2026
CVE-2026-56225 Capgo before 12 HIGH 8.3 NVD Jun 23, 2026
CVE-2026-56222 Capgo before 12 HIGH 7.2 NVD Jun 23, 2026
CVE-2026-4610 The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is MEDIUM 6.4 NVD Jun 23, 2026
CVE-2026-10857 Improper neutralization of input during web page generation ('cross-site scripti MEDIUM 6.1 NVD Jun 23, 2026
CVE-2026-10711 Missing authentication for critical function vulnerability in AKIN Software Comp HIGH 8.8 NVD Jun 23, 2026
CVE-2025-71376 picklescan before 0 HIGH 8.1 NVD Jun 23, 2026
CVE-2025-71370 picklescan before 0 HIGH 8.1 NVD Jun 23, 2026
CVE-2025-71365 picklescan before 0 HIGH 8.1 NVD Jun 23, 2026
CVE-2025-71341 picklescan before 0 HIGH 8.1 NVD Jun 23, 2026
CVE-2025-71337 Flowise before 3 HIGH 8.3 NVD Jun 23, 2026
CVE-2023-54365 Traefik before 2 HIGH 7.5 NVD Jun 23, 2026
CVE-2026-8172 The Simple Basic Contact Form WordPress plugin through 20250114 does not escape HIGH 7.1 NVD Jun 23, 2026
CVE-2026-8163 The Infility Global WordPress plugin before 2 HIGH 8.8 NVD Jun 23, 2026
CVE-2026-7842 The Infility Global Infility Global WordPress plugin before 2 MEDIUM 6.8 NVD Jun 23, 2026
CVE-2026-12866 All versions of the package expr-eval are vulnerable to Code Execution via the t CRITICAL 9.8 NVD Jun 23, 2026
CVE-2026-10658 A missing length validation in the Zephyr Bluetooth Host ISO receive path can be HIGH 7.1 NVD Jun 23, 2026
CVE-2026-10651 A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in HIGH 7.1 NVD Jun 23, 2026
CVE-2026-34909 Ubiquiti - UniFi OS CRITICAL N/A CISA Jun 23, 2026
CVE-2026-34908 Ubiquiti - UniFi OS CRITICAL N/A CISA Jun 23, 2026
CVE-2026-34910 Ubiquiti - UniFi OS CRITICAL N/A CISA Jun 23, 2026
CVE-2025-67038 Lantronix - EDS5000 CRITICAL N/A CISA Jun 23, 2026
CVE-2026-54235 Vllm — vLLM is an inference and serving engine for large language m MEDIUM 6.5 NVD Jun 22, 2026
CVE-2026-54233 Vllm — vLLM is an inference and serving engine for large language m MEDIUM 6.5 NVD Jun 22, 2026
CVE-2026-54232 Vllm — vLLM is an inference and serving engine for large language m HIGH 8.8 NVD Jun 22, 2026
CVE-2026-53923 Vllm — vLLM is an inference and serving engine for large language m HIGH 7.5 NVD Jun 22, 2026
CVE-2026-48746 Vllm — vLLM is an inference and serving engine for large language m CRITICAL 9.1 NVD Jun 22, 2026
CVE-2026-47155 Vllm — vLLM is an inference and serving engine for large language m MEDIUM 6.5 NVD Jun 22, 2026
CVE-2026-41523 Vllm — vLLM is an inference and serving engine for large language m HIGH 7.5 NVD Jun 22, 2026
CVE-2026-56447 Misp — MISP allowed an authenticated site administrator to set the HIGH 7.2 NVD Jun 22, 2026
CVE-2026-56446 Misp — MISP allowed a site administrator to configure an arbitrary HIGH 7.2 NVD Jun 22, 2026
CVE-2026-56424 Misp — MISP core contained multiple broken access-control flaws whe HIGH 8.8 NVD Jun 22, 2026
CVE-2026-56423 Misp — MISP Core contained broken access-control checks in the bulk HIGH 8.8 NVD Jun 22, 2026
CVE-2026-54100 A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenS HIGH 8.3 NVD Jun 22, 2026
CVE-2026-54099 A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenS HIGH 8.8 NVD Jun 22, 2026
CVE-2026-42129 The Loki datasource plugin's callResource handler contains a path traversal vuln HIGH 7.7 NVD Jun 22, 2026
CVE-2026-28381 The Snowflake datasource allows for GET/PUT commands, which can allow any user w CRITICAL 9.6 NVD Jun 22, 2026
CVE-2026-10561 IBM Langflow OSS 1 CRITICAL 10.0 NVD Jun 22, 2026
CVE-2025-66389 GitHub Copilot 1 HIGH 7.5 NVD Jun 22, 2026
CVE-2025-2669 IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4 MEDIUM 6.0 NVD Jun 22, 2026
CVE-2024-54178 IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4 MEDIUM 6.5 NVD Jun 22, 2026
CVE-2026-11373 Net::Statsite::Client versions through 1 CRITICAL 9.1 NVD Jun 22, 2026
CVE-2026-12581 EasyFlow HIGH 7.5 NVD Jun 22, 2026
CVE-2023-45796 A stored cross-site scripting vulnerability in the Runtime component of Pilz PAS HIGH 8.1 NVD Jun 22, 2026
CVE-2023-45795 A cross-site scripting vulnerability in the Builder Component of Pilz PASvisu be HIGH 7.8 NVD Jun 22, 2026
CVE-2026-44914 Nifi — Apache NiFi 1 HIGH 7.2 NVD Jun 22, 2026
CVE-2026-44913 Nifi — Improper escaping of database table names in the CaptureChan HIGH 7.2 NVD Jun 22, 2026
CVE-2026-44911 Nifi — Authorization handling for component configuration verificat MEDIUM 6.3 NVD Jun 22, 2026
CVE-2025-66336 Apache Doris MCP Server contains a SQL injection vulnerability in a metadata que HIGH 8.1 NVD Jun 22, 2026
CVE-2026-8157 The Vitepos WordPress plugin before 3 HIGH 8.8 NVD Jun 22, 2026
CVE-2026-6858 The Transbank Webpay WordPress plugin before 1 HIGH 7.1 NVD Jun 22, 2026
CVE-2026-4259 The ultimate-woocommerce-auction-pro WordPress plugin through 2 HIGH 7.1 NVD Jun 22, 2026
CVE-2026-4110 The ultimate-woocommerce-auction-pro WordPress plugin through 2 MEDIUM 6.1 NVD Jun 22, 2026
CVE-2026-12781 A vulnerability was identified in EaseUS Partition Master up to 14 HIGH 7.8 NVD Jun 21, 2026
CVE-2026-12780 A vulnerability was determined in AOMEI Backupper up to 8 HIGH 7.8 NVD Jun 21, 2026
CVE-2026-12779 A vulnerability was found in AOMEI Dynamic Disk Manager up to 10 HIGH 7.8 NVD Jun 21, 2026
CVE-2026-12778 A vulnerability has been found in AOMEI Partition Assistant up to 10 HIGH 7.8 NVD Jun 21, 2026
CVE-2026-12776 A flaw has been found in Montodel House-Rental-Management up to 90010017b81265eb MEDIUM 6.3 NVD Jun 21, 2026
CVE-2026-12775 A vulnerability was detected in Montodel House-Rental-Management up to 90010017b HIGH 7.3 NVD Jun 21, 2026
CVE-2026-12774 A security vulnerability has been detected in BerriAI litellm up to 1 MEDIUM 6.3 NVD Jun 21, 2026
CVE-2026-12773 A weakness has been identified in BerriAI litellm up to 1 HIGH 7.3 NVD Jun 21, 2026
CVE-2026-12772 A security flaw has been discovered in BerriAI litellm up to 1 MEDIUM 6.3 NVD Jun 21, 2026
CVE-2026-56347 AVideo TopMenu plugin through version 26 MEDIUM 6.1 NVD Jun 20, 2026
CVE-2026-56346 AVideo through version 25 MEDIUM 6.5 NVD Jun 20, 2026
CVE-2026-56345 AVideo through 29 HIGH 8.1 NVD Jun 20, 2026
CVE-2026-56342 AVideo through version 27 MEDIUM 6.8 NVD Jun 20, 2026
CVE-2026-56341 AVideo through version 26 HIGH 7.5 NVD Jun 20, 2026
CVE-2026-56340 vLLM versions >= 0 HIGH 8.8 NVD Jun 20, 2026
CVE-2025-71331 Flowise before 3 MEDIUM 6.1 NVD Jun 20, 2026
CVE-2024-58351 Flowise before 2 CRITICAL 9.8 NVD Jun 20, 2026
CVE-2022-50972 WooCommerce 7 CRITICAL 9.8 NVD Jun 20, 2026
CVE-2020-37255 WordPress Time Capsule Plugin 1 HIGH 7.5 NVD Jun 20, 2026
CVE-2019-25763 WordPress Ultimate Addons for Beaver Builder 1 CRITICAL 9.8 NVD Jun 20, 2026
CVE-2026-12119 The Simple File List plugin for WordPress is vulnerable to unauthorized file ope MEDIUM 6.5 NVD Jun 20, 2026
CVE-2026-11912 The Simple File List plugin for WordPress is vulnerable to arbitrary file modifi HIGH 7.5 NVD Jun 20, 2026
CVE-2026-11911 The Simple File List plugin for WordPress is vulnerable to arbitrary file deleti HIGH 7.5 NVD Jun 20, 2026
CVE-2026-49260 PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML pag HIGH 8.2 NVD Jun 19, 2026
CVE-2026-3195 A flaw was found in QEMU HIGH 7.4 NVD Jun 19, 2026
CVE-2019-25748 Joomla JHotelReservation 6 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20282 Joomla! Component jCart for OpenCart 2 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20281 Joomla! Component Extra Search 2 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20280 Joomla Component Myportfolio 3 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20279 Joomla Payage 2 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20278 Joomla Component JoomRecipe 1 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20277 Joomla JoomRecipe 1 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20276 Joomla! Component SIMGenealogy 2 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20275 Joomla! Component PHP-Bridge 1 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20274 Joomla LMS King Professional 3 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20273 Joomla Event Registration Pro Calendar 4 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20272 Joomla Ultimate Property Listing 1 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20271 Joomla StreetGuessr Game 1 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20270 Joomla! Component Twitch Tv 1 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20269 Joomla! Component KissGallery 1 HIGH 8.2 NVD Jun 19, 2026
CVE-2017-20268 Joomla! Component Zap Calendar Lite 4 HIGH 8.2 NVD Jun 19, 2026
CVE-2026-12136 The Customize My Account For Woocommerce plugin for WordPress is vulnerable to S MEDIUM 6.4 NVD Jun 18, 2026
CVE-2026-12098 The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable t MEDIUM 6.4 NVD Jun 18, 2026
CVE-2026-11395 The CF7 to Webhook plugin for WordPress is vulnerable to Server-Side Request For HIGH 7.2 NVD Jun 18, 2026
CVE-2026-9860 The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulner HIGH 8.8 NVD Jun 18, 2026
CVE-2026-55740 Nur-Alam39 bus-ticket (no released versions; latest commit 459cabdbeb99c00225b26 CRITICAL 9.8 NVD Jun 18, 2026
CVE-2026-11402 The Services Section Block – Showcase Service Details in Grid or Columns plugin MEDIUM 6.4 NVD Jun 18, 2026
CVE-2026-48907 Widget Factory - Joomla Content Editor CRITICAL N/A CISA Jun 16, 2026
CVE-2016-20072 BBS e-Franchise 1 HIGH 8.2 NVD Jun 15, 2026
CVE-2016-20071 The 404 Redirection Manager plugin version 1 HIGH 8.2 NVD Jun 15, 2026
CVE-2016-20070 WordPress Booking Calendar Contact Form 1 MEDIUM 6.4 NVD Jun 15, 2026
CVE-2016-20069 WordPress Booking Calendar Contact Form 1 HIGH 8.2 NVD Jun 15, 2026
CVE-2016-20068 WordPress Booking Calendar Contact Form version 1 HIGH 8.2 NVD Jun 15, 2026
CVE-2016-20066 WordPress CP Polls 1 HIGH 7.2 NVD Jun 15, 2026
CVE-2026-12057 Ai — When the application executes the JavaScript script embedded HIGH 8.6 NVD Jun 15, 2026
CVE-2026-8935 The WP MAPS PRO WordPress plugin before 6 CRITICAL 9.8 NVD Jun 15, 2026
CVE-2026-12222 A vulnerability was determined in Yealink SIP-T46U 108 HIGH 8.0 NVD Jun 15, 2026
CVE-2026-12221 A vulnerability was found in Yealink SIP-T46U 108 HIGH 8.0 NVD Jun 15, 2026
CVE-2026-12220 A vulnerability has been found in Yealink SIP-T46U 108 HIGH 8.0 NVD Jun 15, 2026
CVE-2026-12219 A flaw has been found in Yealink SIP-T46U 108 MEDIUM 6.3 NVD Jun 15, 2026
CVE-2026-12218 A vulnerability was detected in Yealink SIP-T46U 108 HIGH 8.0 NVD Jun 15, 2026
CVE-2026-12210 A vulnerability was detected in universal-tool-calling-protocol python-utcp 1 MEDIUM 6.3 NVD Jun 15, 2026
CVE-2026-12206 A vulnerability was identified in Grit42 Grit up to 0 MEDIUM 6.3 NVD Jun 15, 2026
CVE-2026-12204 A vulnerability was determined in ShopXO up to 6 HIGH 7.3 NVD Jun 15, 2026
CVE-2026-12200 A security vulnerability has been detected in Ritlabs TinyWeb Server up to 1 HIGH 7.3 NVD Jun 15, 2026
CVE-2026-12198 A weakness has been identified in Microweber up to 2 HIGH 7.3 NVD Jun 15, 2026
CVE-2026-12197 A security flaw has been discovered in Ruijie EG105G-P 2 HIGH 7.2 NVD Jun 15, 2026
CVE-2026-12193 A vulnerability was identified in VS Revo RevoUninstaller 2 HIGH 7.8 NVD Jun 15, 2026
CVE-2026-12192 A vulnerability was determined in GALAYOU Y4 1 HIGH 8.8 NVD Jun 15, 2026
CVE-2026-20262 Cisco - Catalyst SD-WAN Manager CRITICAL N/A CISA Jun 15, 2026
CVE-2026-12191 A vulnerability was found in Comma AI Openpilot 0 HIGH 7.8 NVD Jun 14, 2026
CVE-2026-12188 A vulnerability was detected in Grit42 Grit up to 0 MEDIUM 6.3 NVD Jun 14, 2026
CVE-2026-12187 A security vulnerability has been detected in GL HIGH 8.8 NVD Jun 14, 2026
CVE-2026-12186 A weakness has been identified in GL HIGH 8.8 NVD Jun 14, 2026
CVE-2026-54413 driftregion iso14229 through 0 HIGH 8.2 NVD Jun 14, 2026
CVE-2026-54412 LiamBindle MQTT-C through version 1 HIGH 8.2 NVD Jun 14, 2026
CVE-2026-54410 nanoMODBUS through v1 HIGH 8.6 NVD Jun 14, 2026
CVE-2026-11527 Config::IniFiles versions before 3 HIGH 8.6 NVD Jun 14, 2026
CVE-2026-11526 GD versions before 2 CRITICAL 9.8 NVD Jun 14, 2026
CVE-2026-54421 In OpenStack Ironic through 35 MEDIUM 6.8 NVD Jun 14, 2026
CVE-2026-54420 LiteSpeed cPanel plugin before 2 HIGH 8.5 NVD Jun 14, 2026
CVE-2026-12174 A security vulnerability has been detected in D-Link DCS-935L 1 HIGH 8.8 NVD Jun 13, 2026
CVE-2026-12183 Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2 CRITICAL 9.8 NVD Jun 13, 2026
CVE-2026-6428 SQL Injection in reports/catalogue_out HIGH 7.6 NVD Jun 13, 2026
CVE-2026-5513 The Online Scheduling and Appointment Booking System – Bookly plugin for WordPre HIGH 7.2 NVD Jun 13, 2026
CVE-2026-9629 The Canvas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via MEDIUM 6.4 NVD Jun 13, 2026
CVE-2026-3297 The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress MEDIUM 6.4 NVD Jun 13, 2026
CVE-2026-9134 The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting MEDIUM 6.4 NVD Jun 13, 2026
CVE-2026-9109 The GPTranslate – Multilingual AI Translation for WordPress: Automatically Trans HIGH 7.2 NVD Jun 13, 2026
CVE-2026-9848 The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPr HIGH 7.5 NVD Jun 13, 2026
CVE-2026-54230 A symlink following vulnerability was found in the ABRT post-create event handle HIGH 7.0 NVD Jun 13, 2026
CVE-2026-54229 A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir meth HIGH 7.0 NVD Jun 13, 2026
CVE-2026-54228 A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D HIGH 7.8 NVD Jun 13, 2026
CVE-2026-6676 Heap buffer out-of-bounds write vulnerability in Avira Antivirus engine when sca HIGH 7.8 NVD Jun 12, 2026
CVE-2026-12068 Information disclosure vulnerability in Avira Password Manager when used with Mo HIGH 7.4 NVD Jun 12, 2026
CVE-2025-9033 Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scan HIGH 7.8 NVD Jun 12, 2026
CVE-2025-9032 Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scan HIGH 7.8 NVD Jun 12, 2026
CVE-2025-14098 Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira A HIGH 7.8 NVD Jun 12, 2026
CVE-2026-44171 MariaDB server is a community developed fork of MySQL server MEDIUM 6.3 NVD Jun 12, 2026
CVE-2026-44168 MariaDB server is a community developed fork of MySQL server HIGH 8.0 NVD Jun 12, 2026
CVE-2026-7387 Mattermost versions 11 HIGH 8.8 NVD Jun 12, 2026
CVE-2026-7184 Mattermost versions 11 MEDIUM 6.5 NVD Jun 12, 2026
CVE-2026-6961 Mattermost versions 11 HIGH 7.6 NVD Jun 12, 2026
CVE-2026-6739 Mattermost versions 11 MEDIUM 6.7 NVD Jun 12, 2026
CVE-2026-53982 Cap-go Console < 12 MEDIUM 6.5 NVD Jun 12, 2026
CVE-2026-53981 Cap-go prior to 12 HIGH 7.6 NVD Jun 12, 2026
CVE-2026-12066 A security flaw has been discovered in PbootCMS up to 3 HIGH 7.3 NVD Jun 12, 2026
CVE-2026-11849 The  iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded CRITICAL 9.8 NVD Jun 12, 2026
CVE-2026-50631 Cxf — A race condition in AbstractOAuthDataProvider allows concurr HIGH 7.4 NVD Jun 12, 2026
CVE-2026-50630 Cxf — A CRLF injection vulnerability exists in the OAuth2 Authoriz MEDIUM 6.5 NVD Jun 12, 2026
CVE-2026-50623 Cxf — An authentication bypass vulnerability exists in the OAuth2 MEDIUM 6.5 NVD Jun 12, 2026
CVE-2026-48914 A flaw was found in QEMU's virtio-blk device MEDIUM 6.7 NVD Jun 12, 2026
CVE-2026-11846 The  iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has HIGH 8.1 NVD Jun 12, 2026
CVE-2026-11845 The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has HIGH 7.2 NVD Jun 12, 2026
CVE-2026-12060 Heptabase developed by Hepta Platforms has a Exposed Dangerous Method or Functio MEDIUM 6.5 NVD Jun 12, 2026
CVE-2026-12059 The SSH service of CelloOS developed by Cellopoint has an Improper Access Contro HIGH 8.8 NVD Jun 12, 2026
CVE-2026-44892 Netty is a network application framework for development of protocol servers and HIGH 7.5 NVD Jun 12, 2026
CVE-2026-48610 Under certain network configurations, a malicious actor with access to network c HIGH 8.1 NVD Jun 12, 2026
CVE-2026-47370 A malicious actor with access to the network and low privileges could exploit an CRITICAL 9.9 NVD Jun 12, 2026
CVE-2026-47369 A malicious actor with access to the network and low privileges could exploit an CRITICAL 9.9 NVD Jun 12, 2026
CVE-2026-47368 A malicious actor with access to the network could exploit a Path Traversal vuln HIGH 8.6 NVD Jun 12, 2026
CVE-2026-47367 A malicious actor with access to the network and low privileges could exploit an CRITICAL 9.9 NVD Jun 12, 2026
CVE-2026-47365 Argument injection vulnerability in WordPress Toolkit before 6 CRITICAL 9.9 NVD Jun 12, 2026
CVE-2026-9125 The Presto Player plugin for WordPress is vulnerable to Stored Cross-Site Script MEDIUM 6.4 NVD Jun 12, 2026
CVE-2026-11933 A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript HIGH 8.8 NVD Jun 12, 2026
CVE-2026-35273 Oracle - PeopleSoft Enterprise PeopleTools CRITICAL N/A CISA Jun 12, 2026
CVE-2026-47238 ClipBucket v5 is an open source video sharing platform MEDIUM 6.5 NVD Jun 11, 2026
CVE-2026-45418 ClipBucket v5 is an open source video sharing platform HIGH 8.8 NVD Jun 11, 2026
CVE-2026-45060 ClipBucket v5 is an open source video sharing platform CRITICAL 9.8 NVD Jun 11, 2026
CVE-2026-42846 ClipBucket v5 is an open source video sharing platform CRITICAL 9.8 NVD Jun 11, 2026
CVE-2026-49261 MariaDB server is a community developed fork of MySQL server CRITICAL 10.0 NVD Jun 11, 2026
CVE-2026-48546 KanaDojo before 0 HIGH 7.3 NVD Jun 11, 2026
CVE-2026-47157 aiograpi is an asynchronous Instagram API for Python MEDIUM 6.5 NVD Jun 11, 2026
CVE-2026-46697 Fediverse Embeds embeds fediverse posts on WordPress sites HIGH 7.5 NVD Jun 11, 2026
CVE-2026-49982 tmp is a temporary file and directory creator for node HIGH 8.2 NVD Jun 11, 2026
CVE-2026-44496 Axios — Axios is a promise based HTTP client for the browser and Nod HIGH 7.5 NVD Jun 11, 2026
CVE-2026-44495 Axios is a promise based HTTP client for the browser and Node HIGH 7.0 NVD Jun 11, 2026
CVE-2026-44494 Axios — Axios is a promise based HTTP client for the browser and Nod HIGH 8.7 NVD Jun 11, 2026
CVE-2026-44492 Axios — Axios is a promise based HTTP client for the browser and Nod HIGH 8.6 NVD Jun 11, 2026
CVE-2026-44488 Axios — Axios is a promise based HTTP client for the browser and Nod HIGH 7.5 NVD Jun 11, 2026
CVE-2026-44487 Axios — Axios is a promise based HTTP client for the browser and Nod HIGH 7.5 NVD Jun 11, 2026
CVE-2026-44486 Axios — Axios is a promise based HTTP client for the browser and Nod HIGH 7.5 NVD Jun 11, 2026
CVE-2026-11945 PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superu MEDIUM 6.4 NVD Jun 11, 2026
CVE-2026-8589 Gitlab — GitLab has remediated an issue in GitLab EE affecting all ve HIGH 7.3 NVD Jun 11, 2026
CVE-2026-7250 Gitlab — GitLab has remediated an issue in GitLab CE/EE affecting all HIGH 7.5 NVD Jun 11, 2026
CVE-2026-6552 Gitlab — GitLab has remediated an issue in GitLab EE affecting all ve HIGH 8.7 NVD Jun 11, 2026
CVE-2026-1500 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17 MEDIUM 6.5 NVD Jun 11, 2026
CVE-2026-10087 GitLab has remediated an issue in GitLab EE affecting all versions from 17 HIGH 8.7 NVD Jun 11, 2026
CVE-2023-33999 Improper neutralization of input during web page generation ('cross-site scripti HIGH 7.1 NVD Jun 11, 2026
CVE-2026-41856 Spring For Graphql — The Spring GraphQL annotation detection mechanism for @Contr HIGH 7.5 NVD Jun 11, 2026
CVE-2026-41700 Spring For Graphql — Spring for GraphQL applications that have enabled the WebSoc HIGH 8.1 NVD Jun 11, 2026
CVE-2026-41699 Spring For Graphql — Spring for GraphQL applications are vulnerable to Unsafe Des HIGH 8.1 NVD Jun 11, 2026
CVE-2026-40999 When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spri HIGH 8.6 NVD Jun 11, 2026
CVE-2026-40998 Jaxp13XPathTemplate evaluated XPath expressions for StreamSource and SAXSource i HIGH 8.2 NVD Jun 11, 2026
CVE-2026-40994 Wss4jSecurityInterceptor initialized its BSP (WS-I Basic Security Profile) compl HIGH 8.2 NVD Jun 11, 2026
CVE-2026-40987 A malicious or compromised FTP/SFTP/SMB server can write arbitrary files anywher HIGH 7.1 NVD Jun 11, 2026
CVE-2026-10795 The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable HIGH 8.1 NVD Jun 11, 2026
CVE-2026-40985 Applications that configure the WebFlowELExpressionParser are vulnerable to the MEDIUM 6.4 NVD Jun 11, 2026
CVE-2026-10520 Ivanti - Sentry CRITICAL N/A CISA Jun 11, 2026
CVE-2026-47342 Ofbiz — A privilege escalation vulnerability in Apache OFBiz allows HIGH 8.8 NVD Jun 10, 2026
CVE-2026-47213 Boxlite is a sandbox service that allows users to create lightweight virtual mac MEDIUM 6.5 NVD Jun 10, 2026
CVE-2026-46703 Boxlite is a sandbox service that allows users to create lightweight virtual mac CRITICAL 9.6 NVD Jun 10, 2026
CVE-2026-46695 Boxlite is a sandbox service that allows users to create lightweight virtual mac CRITICAL 10.0 NVD Jun 10, 2026
CVE-2026-46557 Imagemagick — ImageMagick is free and open-source software used for editin MEDIUM 6.2 NVD Jun 10, 2026
CVE-2026-44693 Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tr HIGH 8.8 NVD Jun 10, 2026
CVE-2026-42558 Xibo is an open source digital signage platform with a web content management sy HIGH 7.6 NVD Jun 10, 2026
CVE-2026-42305 Dulwich is a pure-Python implementation of the Git file formats and protocols HIGH 8.8 NVD Jun 10, 2026
CVE-2026-46642 draw MEDIUM 6.1 NVD Jun 10, 2026
CVE-2026-46614 Fission is an open-source, Kubernetes-native serverless framework that simplifie CRITICAL 9.8 NVD Jun 10, 2026
CVE-2026-46612 Fission is an open-source, Kubernetes-native serverless framework that simplifie HIGH 8.8 NVD Jun 10, 2026
CVE-2026-45062 FrankenPHP is a modern application server for PHP HIGH 8.1 NVD Jun 10, 2026
CVE-2026-20258 In Splunk Enterprise versions below 10 HIGH 7.1 NVD Jun 10, 2026
CVE-2026-20253 In Splunk Enterprise versions below 10 CRITICAL 9.8 NVD Jun 10, 2026
CVE-2026-20252 In Splunk Enterprise versions below 10 HIGH 7.6 NVD Jun 10, 2026
CVE-2026-20251 In Splunk Enterprise versions below 10 HIGH 8.8 NVD Jun 10, 2026
CVE-2026-11417 OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-li HIGH 7.3 NVD Jun 10, 2026
CVE-2026-52758 Ghidra — Ghidra before 12 HIGH 8.8 NVD Jun 10, 2026
CVE-2026-52755 Ghidra — Ghidra before 12 HIGH 7.8 NVD Jun 10, 2026
CVE-2026-52754 Ghidra — Ghidra before 12 HIGH 8.8 NVD Jun 10, 2026
CVE-2026-52752 Ghidra — Ghidra before 12 HIGH 7.8 NVD Jun 10, 2026
CVE-2026-52751 Ghidra — Ghidra before 12 HIGH 8.8 NVD Jun 10, 2026
CVE-2026-52750 Ghidra — Ghidra before 12 HIGH 7.8 NVD Jun 10, 2026
CVE-2026-49498 Ghidra — Ghidra 11 HIGH 8.8 NVD Jun 10, 2026
CVE-2026-49496 Ghidra — Ghidra before 12 MEDIUM 6.1 NVD Jun 10, 2026
CVE-2026-49069 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti HIGH 7.1 NVD Jun 10, 2026
CVE-2025-71330 image-size through 2 HIGH 7.5 NVD Jun 10, 2026
CVE-2025-71329 image-size through 2 HIGH 7.5 NVD Jun 10, 2026
CVE-2026-24067 Slate Digital Connect 1 HIGH 8.4 NVD Jun 10, 2026
CVE-2026-24066 Slate Digital Connect 1 HIGH 8.4 NVD Jun 10, 2026
CVE-2026-11853 Debusine is an integrated solution to build, distribute and maintain a Debian-ba MEDIUM 6.5 NVD Jun 10, 2026
CVE-2026-11852 Debusine is an integrated solution to build, distribute and maintain a Debian-ba MEDIUM 6.5 NVD Jun 10, 2026
CVE-2025-6254 The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in CRITICAL 9.8 NVD Jun 10, 2026
CVE-2026-9019 The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site S MEDIUM 6.4 NVD Jun 10, 2026
CVE-2026-8613 The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cr MEDIUM 6.4 NVD Jun 10, 2026
CVE-2026-9067 The Schema & Structured Data for WP & AMP WordPress plugin before 1 CRITICAL 9.1 NVD Jun 10, 2026
CVE-2026-8071 The Anti-Spam by CleanTalk HIGH 8.8 NVD Jun 10, 2026
CVE-2026-3326 The Xstore WordPress theme before 9 HIGH 8.6 NVD Jun 10, 2026
CVE-2026-11837 A local privilege escalation vulnerability was found in the ansible HIGH 7.3 NVD Jun 10, 2026
CVE-2025-8444 The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Tem MEDIUM 6.4 NVD Jun 10, 2026
CVE-2026-40988 An application using spring-security-saml2-service-provider and the REDIRECT bin HIGH 7.5 NVD Jun 10, 2026
CVE-2026-9754 An authenticated user with the read role may read limited amounts of uninitializ MEDIUM 6.5 NVD Jun 09, 2026
CVE-2026-9753 The $_internalApplyOplogUpdate aggregation pipeline stage can be used to execute HIGH 8.1 NVD Jun 09, 2026
CVE-2026-9752 An authorized user could trigger a server crash by running a query with a 2dsphe MEDIUM 6.5 NVD Jun 09, 2026
CVE-2026-9750 An authenticated user can cause a MongoDB server to crash or return incorrect re MEDIUM 6.5 NVD Jun 09, 2026
CVE-2026-9749 This issue can occur when running an aggregation pipeline that uses the internal MEDIUM 6.5 NVD Jun 09, 2026
CVE-2026-9748 The $_internalConvertBucketIndexStats stage used PauseExecution as a way to sign MEDIUM 6.5 NVD Jun 09, 2026
CVE-2026-9747 Adding fromRouter:true and runtimeConstants MEDIUM 6.5 NVD Jun 09, 2026
CVE-2026-9746 When using $changestreams and $_requestReshardingResumeToken with the exchange o MEDIUM 6.5 NVD Jun 09, 2026
CVE-2026-9743 In MongoDB Server 8 MEDIUM 6.5 NVD Jun 09, 2026
CVE-2026-9742 When OIDC authentication is enabled in configuration, clients may set specific v HIGH 7.5 NVD Jun 09, 2026
CVE-2026-9741 A bug in query analysis processing of the $vectorSearch aggregation stage for Qu MEDIUM 6.5 NVD Jun 09, 2026
CVE-2026-9740 A vulnerability in MongoDB Server's BSON validation logic allows an unauthentica HIGH 7.5 NVD Jun 09, 2026
CVE-2026-46433 Lldpd — lldpd is an implementation of IEEE 802 MEDIUM 6.5 NVD Jun 09, 2026
CVE-2026-46374 SQLFluff is a modular SQL linter and auto-formatter with support for multiple di HIGH 7.5 NVD Jun 09, 2026
CVE-2026-46373 SQLFluff is a modular SQL linter and auto-formatter with support for multiple di HIGH 7.5 NVD Jun 09, 2026
CVE-2026-33828 Windows 10 1607 — Trust boundary violation in Windows Attestation allows an au HIGH 7.8 NVD Jun 09, 2026
CVE-2026-32193 Improper limitation of a pathname to a restricted directory ('path traversal') i HIGH 8.8 NVD Jun 09, 2026
CVE-2026-26142 Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized a CRITICAL 9.8 NVD Jun 09, 2026
CVE-2026-24181 NVIDIA DALI contains a vulnerability in a component where an attacker could caus HIGH 7.3 NVD Jun 09, 2026
CVE-2026-24180 NVIDIA DALI contains a vulnerability in a component where an attacker could caus HIGH 7.3 NVD Jun 09, 2026
CVE-2026-22926 Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation HIGH 7.8 NVD Jun 09, 2026
CVE-2017-20245 Wow Viral Signups 2 HIGH 8.2 NVD Jun 09, 2026
CVE-2017-20244 Wow Forms WordPress Plugin version 2 HIGH 8.2 NVD Jun 09, 2026
CVE-2017-20243 WordPress Car Park Booking Plugin version 13 October 17 contains a time-based SQ HIGH 8.2 NVD Jun 09, 2026
CVE-2016-20065 Product Catalog 8 1 HIGH 8.2 NVD Jun 09, 2026
CVE-2016-20064 WP Vault 0 MEDIUM 6.2 NVD Jun 09, 2026
CVE-2016-20063 Single Personal Message 1 HIGH 7.1 NVD Jun 09, 2026
CVE-2016-20062 Simply Poll 1 HIGH 8.2 NVD Jun 09, 2026
CVE-2026-41842 Spring Framework — Spring MVC and WebFlux applications are vulnerable to Denial HIGH 7.5 NVD Jun 09, 2026
CVE-2026-41720 Spring LDAP's DirContextAuthenticationStrategy implementations do not reject a b HIGH 7.4 NVD Jun 09, 2026
CVE-2026-41715 In specific scenarios involving HTTP redirects from a secure to an insecure endp MEDIUM 6.1 NVD Jun 09, 2026
CVE-2026-41007 Spring HATEOAS maintains an unbounded static cache of StringLinkRelation instanc HIGH 7.5 NVD Jun 09, 2026
CVE-2026-41006 Spring HATEOAS's internal PropertyUtils HIGH 7.5 NVD Jun 09, 2026
CVE-2026-40984 In Micrometer, it is possible for a user to provide specially crafted HTTP reque HIGH 7.5 NVD Jun 09, 2026
CVE-2026-40983 In Micrometer, it is possible for a user to provide specially crafted gRPC reque HIGH 7.5 NVD Jun 09, 2026
CVE-2026-11603 The Product Filter Widget for Elementor plugin for WordPress is vulnerable to Re MEDIUM 6.1 NVD Jun 09, 2026
CVE-2026-10738 The jQuery Hover Footnotes plugin for WordPress is vulnerable to Stored Cross-Si MEDIUM 6.4 NVD Jun 09, 2026
CVE-2026-10024 The TinyMCE shortcode Addon plugin for WordPress is vulnerable to Stored Cross-S MEDIUM 6.4 NVD Jun 09, 2026
CVE-2026-11646 Chrome — Use after free in ViewTransitions in Google Chrome prior to HIGH 8.8 NVD Jun 09, 2026
CVE-2026-11644 Chrome — Use after free in Views in Google Chrome on Linux prior to 1 HIGH 7.5 NVD Jun 09, 2026
CVE-2026-11643 Chrome — Use after free in Proxy in Google Chrome prior to 149 HIGH 8.1 NVD Jun 09, 2026
CVE-2026-11642 Chrome — Use after free in Web Apps in Google Chrome prior to 149 HIGH 8.3 NVD Jun 09, 2026
CVE-2026-11641 Chrome — Use after free in Bluetooth in Google Chrome on Windows prio HIGH 7.5 NVD Jun 09, 2026
CVE-2026-11640 Chrome — Integer overflow in libyuv in Google Chrome prior to 149 HIGH 8.3 NVD Jun 09, 2026
CVE-2026-11639 Chrome — Use after free in Compositing in Google Chrome on Mac prior HIGH 7.5 NVD Jun 09, 2026
CVE-2026-11638 Chrome — Use after free in Printing in Google Chrome prior to 149 CRITICAL 9.6 NVD Jun 09, 2026
CVE-2026-11637 Chrome — Use after free in Views in Google Chrome on Mac prior to 149 HIGH 8.8 NVD Jun 09, 2026
CVE-2026-11636 Chrome — Use after free in Autofill in Google Chrome on Windows prior HIGH 7.5 NVD Jun 09, 2026
CVE-2026-11635 Chrome — Use after free in Bluetooth in Google Chrome on Mac prior to HIGH 8.3 NVD Jun 09, 2026
CVE-2026-11634 Chrome — Use after free in Gamepad in Google Chrome on Windows prior CRITICAL 9.6 NVD Jun 09, 2026
CVE-2026-11633 Chrome — Use after free in Bluetooth in Google Chrome on Mac prior to HIGH 8.8 NVD Jun 09, 2026
CVE-2026-11632 Chrome — Use after free in TabStrip in Google Chrome prior to 149 HIGH 7.5 NVD Jun 09, 2026
CVE-2026-11631 Chrome — Use after free in Aura in Google Chrome on Windows prior to HIGH 8.3 NVD Jun 09, 2026
CVE-2026-11630 Chrome — Use after free in File Input in Google Chrome prior to 149 HIGH 8.8 NVD Jun 09, 2026
CVE-2026-11629 Chrome — Use after free in Ozone in Google Chrome prior to 149 HIGH 8.8 NVD Jun 09, 2026
CVE-2026-11628 Chrome — Use after free in Ozone in Google Chrome prior to 149 MEDIUM 6.8 NVD Jun 09, 2026
CVE-2026-11645 Google - Chromium V8 CRITICAL N/A CISA Jun 09, 2026
CVE-2026-20245 Cisco - Catalyst SD-WAN Manager CRITICAL N/A CISA Jun 09, 2026
CVE-2026-7473 Arista - Extensible Operating System CRITICAL N/A CISA Jun 09, 2026
CVE-2026-41448 AdGuard Home, when started with the --glinet flag, contains an authentication by CRITICAL 9.4 NVD Jun 08, 2026
CVE-2026-39910 STACKIT IaaS API contains a missing authorization check vulnerability that allow CRITICAL 9.8 NVD Jun 08, 2026
CVE-2026-39908 OpenBullet2 through version 0 MEDIUM 6.5 NVD Jun 08, 2026
CVE-2026-25856 OpenBullet2 through version 0 HIGH 8.8 NVD Jun 08, 2026
CVE-2026-25855 OpenBullet2 through version 0 HIGH 8.8 NVD Jun 08, 2026
CVE-2026-25559 OpenBullet2 through version 0 HIGH 8.8 NVD Jun 08, 2026
CVE-2026-25555 OpenBullet2 through version 0 CRITICAL 9.8 NVD Jun 08, 2026
CVE-2026-11611 A flaw was found in 389 Directory Server MEDIUM 6.5 NVD Jun 08, 2026
CVE-2026-11532 A weakness has been identified in imvks786 student_management_system up to 9599b MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-11531 A security flaw has been discovered in imvks786 student_management_system up to HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11530 A vulnerability was identified in imvks786 student_management_system up to 9599b HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11577 A flaw was found in Keycloak HIGH 7.2 NVD Jun 08, 2026
CVE-2026-11514 A flaw has been found in itsourcecode Hospital Management System 1 MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-11513 A vulnerability was detected in itsourcecode Hospital Management System 1 MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-50752 A weakness in the certificate validation logic of the deprecated IKEv1 key excha HIGH 7.4 NVD Jun 08, 2026
CVE-2026-3011 The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-S MEDIUM 6.4 NVD Jun 08, 2026
CVE-2026-11510 A security flaw has been discovered in CodeAstro Leave Management System 1 MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-11509 A vulnerability was identified in CodeAstro Leave Management System 1 MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-11508 A vulnerability was determined in CodeAstro Leave Management System 1 MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-11507 A vulnerability was found in CodeAstro Leave Management System 1 MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-11506 A vulnerability has been found in CodeAstro Leave Management System 1 MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-11504 A vulnerability was detected in Tenda CX12L 16 HIGH 8.8 NVD Jun 08, 2026
CVE-2026-41724 VMware Cloud Foundation Operations contains multiple stored cross-site scripting HIGH 8.0 NVD Jun 08, 2026
CVE-2026-41723 VMware Cloud Foundation Operations contains multiple stored cross-site scripting HIGH 8.0 NVD Jun 08, 2026
CVE-2026-41722 VMware Cloud Foundation Operations contains multiple stored cross-site scripting HIGH 8.0 NVD Jun 08, 2026
CVE-2026-3238 A flaw was found in Samba’s WINS server component when running as an Active Dire HIGH 7.5 NVD Jun 08, 2026
CVE-2026-11499 A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon CRITICAL 9.8 NVD Jun 08, 2026
CVE-2026-11498 A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon HIGH 8.8 NVD Jun 08, 2026
CVE-2026-11495 A vulnerability was detected in CodeAstro Ingredients Stock Management System 1 MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-11490 A vulnerability was determined in code-projects Online Music Site 1 HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11489 A vulnerability was found in code-projects Online Music Site 1 HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11488 A vulnerability has been found in code-projects Simple Flight Ticket Booking Sys HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11486 A vulnerability was detected in SourceCodester Class and Exam Timetabling System HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11485 A security vulnerability has been detected in SourceCodester Class and Exam Time HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11484 A weakness has been identified in SourceCodester Class and Exam Timetabling Syst HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11483 A security flaw has been discovered in SourceCodester Class and Exam Timetabling HIGH 7.3 NVD Jun 08, 2026
CVE-2023-54352 WordPress Seotheme contains a remote code execution vulnerability that allows un CRITICAL 9.8 NVD Jun 08, 2026
CVE-2023-54351 WordPress Sonaar Music Plugin 4 HIGH 7.2 NVD Jun 08, 2026
CVE-2023-54350 WordPress Augmented-Reality plugin contains a remote code execution vulnerabilit HIGH 7.5 NVD Jun 08, 2026
CVE-2022-50953 WordPress Plugin admin-word-count-column 2 MEDIUM 6.2 NVD Jun 08, 2026
CVE-2021-47984 WordPress Plugin WP24 Domain Check 1 MEDIUM 6.4 NVD Jun 08, 2026
CVE-2021-47983 WordPress Plugin Stripe Payments 2 MEDIUM 6.4 NVD Jun 08, 2026
CVE-2021-47982 WordPress Plugin WP-Paginate 2 MEDIUM 6.4 NVD Jun 08, 2026
CVE-2026-11474 A security flaw has been discovered in Kushan2k student-management-system up to HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11473 A vulnerability was identified in jflyfox jfinal_cms up to 5 MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-11472 A vulnerability was determined in SourceCodester Class and Exam Timetabling Syst HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11471 A vulnerability was found in SourceCodester Class and Exam Timetabling System 1 HIGH 7.3 NVD Jun 08, 2026
CVE-2026-11470 A vulnerability has been found in hs-web hsweb-framework up to 5 MEDIUM 6.3 NVD Jun 08, 2026
CVE-2026-50751 Check Point - Security Gateway CRITICAL N/A CISA Jun 08, 2026
CVE-2026-42271 BerriAI - LiteLLM CRITICAL N/A CISA Jun 08, 2026
EDB-52610 [webapps] OpenEMR 7.0.2 - Arbitrary File Read HIGH N/A EXPLOIT-DB Jun 08, 2026
CVE-2026-11463 A vulnerability was determined in USCiLab Cereal up to 1 HIGH 7.3 NVD Jun 07, 2026
CVE-2026-11462 A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up t HIGH 7.3 NVD Jun 07, 2026
CVE-2026-11461 A vulnerability has been found in NousResearch hermes-agent up to 0 MEDIUM 6.3 NVD Jun 07, 2026
CVE-2026-11460 A flaw has been found in Boost Serialization up to 1 HIGH 7.3 NVD Jun 07, 2026
CVE-2026-49494 Comodo Internet Security's firewall driver Inspect HIGH 7.5 NVD Jun 07, 2026
CVE-2026-11457 A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d44 HIGH 7.3 NVD Jun 07, 2026
CVE-2026-11456 A vulnerability was identified in Chanjet CRM 1 HIGH 7.3 NVD Jun 07, 2026
CVE-2026-11453 A vulnerability was found in Tiobon Employee Self-Service System up to 7 MEDIUM 6.3 NVD Jun 07, 2026
CVE-2026-11452 A vulnerability has been found in GL HIGH 7.3 NVD Jun 07, 2026
CVE-2026-11451 A flaw has been found in GL HIGH 7.3 NVD Jun 07, 2026
CVE-2026-11450 A vulnerability was detected in GL HIGH 7.3 NVD Jun 07, 2026
CVE-2026-11449 A security vulnerability has been detected in GL MEDIUM 6.3 NVD Jun 07, 2026
CVE-2026-11447 A security flaw has been discovered in GL MEDIUM 6.3 NVD Jun 07, 2026
CVE-2026-26422 clash-verge-service-ipc before 2 HIGH 8.4 NVD Jun 06, 2026
CVE-2026-11441 A vulnerability was identified in theonedev onedev up to 15 MEDIUM 6.3 NVD Jun 06, 2026
CVE-2026-11440 A vulnerability was determined in theonedev onedev up to 15 MEDIUM 6.3 NVD Jun 06, 2026
CVE-2026-11439 A vulnerability was found in theonedev onedev up to 15 MEDIUM 6.3 NVD Jun 06, 2026
CVE-2026-11438 A vulnerability has been found in theonedev onedev up to 15 MEDIUM 6.3 NVD Jun 06, 2026
CVE-2026-11437 A flaw has been found in perfree go-fastdfs-web up to 1 HIGH 7.3 NVD Jun 06, 2026
CVE-2026-11435 A security vulnerability has been detected in Jinher OA 1 HIGH 7.3 NVD Jun 06, 2026
CVE-2026-11413 A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4 HIGH 8.8 NVD Jun 06, 2026
CVE-2026-11412 A weakness has been identified in Jinher OA C6 MEDIUM 6.3 NVD Jun 06, 2026
CVE-2026-11408 A vulnerability was identified in vertex-app vertex up to 2026 MEDIUM 6.3 NVD Jun 06, 2026
CVE-2026-11406 A vulnerability was determined in GL MEDIUM 6.3 NVD Jun 06, 2026
CVE-2026-9851 The Booking Package plugin for WordPress is vulnerable to Privilege Escalation v HIGH 7.2 NVD Jun 06, 2026
CVE-2026-9829 The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress MEDIUM 6.5 NVD Jun 06, 2026
CVE-2026-8901 The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity For HIGH 7.2 NVD Jun 06, 2026
CVE-2026-8438 The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is v HIGH 7.2 NVD Jun 06, 2026
CVE-2026-9290 The WP User Manager – User Profile Builder & Membership plugin for WordPress is HIGH 7.5 NVD Jun 06, 2026
CVE-2026-8900 The Simple SEO Slideshow plugin for WordPress is vulnerable to Stored Cross-Site MEDIUM 6.4 NVD Jun 06, 2026
CVE-2026-8893 The Express Payment For Stripe plugin for WordPress is vulnerable to Stored Cros MEDIUM 6.4 NVD Jun 06, 2026
CVE-2026-7654 The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection lea HIGH 8.8 NVD Jun 05, 2026
CVE-2026-11344 A vulnerability was found in code-projects Vehicle Management System 1 HIGH 7.3 NVD Jun 05, 2026
CVE-2026-11342 A vulnerability has been found in code-projects Hotel and Tourism Reservation Sy HIGH 7.3 NVD Jun 05, 2026
CVE-2026-11341 A flaw has been found in D-Link DWR-M920 up to 1 MEDIUM 6.3 NVD Jun 05, 2026
CVE-2025-71318 NetMan 204 fails to enforce authentication on its administrative pages and comma CRITICAL 9.8 NVD Jun 05, 2026
CVE-2025-71317 NetMan 204 contains a hard-coded backdoor account with the username and password CRITICAL 9.8 NVD Jun 05, 2026
CVE-2026-48112 7-Zip is a file archiver with a high compression ratio MEDIUM 6.5 NVD Jun 05, 2026
CVE-2026-11339 A vulnerability was detected in D-Link DWR-M920 up to 1 MEDIUM 6.3 NVD Jun 05, 2026
CVE-2025-5090 CVX is not resilient to unexpected messages from a connected switch MEDIUM 6.5 NVD Jun 05, 2026
CVE-2025-5089 In a CVX cluster, an EOS switch connected to a CVX server is not resilient to ce MEDIUM 6.5 NVD Jun 05, 2026
CVE-2025-5088 An authenticated Redis session could be used to obtain full root access to all s HIGH 8.3 NVD Jun 05, 2026
CVE-2026-50265 A flaw was found in libinput HIGH 7.0 NVD Jun 05, 2026
CVE-2026-21031 Android — Improper authorization in AppBlock prior to SMR Jun-2026 Rel HIGH 7.8 NVD Jun 05, 2026
CVE-2026-21030 Android — Improper access control in MediaTek Audio HAL prior to SMR J HIGH 7.8 NVD Jun 05, 2026
CVE-2026-21029 Android — Improper export of android application components in Galaxy HIGH 7.8 NVD Jun 05, 2026
CVE-2026-6274 Improper Authentication, Missing authentication for critical function, Weak Auth CRITICAL 9.8 NVD Jun 05, 2026
CVE-2026-49777 Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin CRITICAL 10.0 NVD Jun 05, 2026
CVE-2026-11332 A flaw was found in ansible-core HIGH 7.8 NVD Jun 05, 2026
CVE-2026-21826 HCL Digital Experience and HCL Digital Experience Compose could be susceptible t MEDIUM 6.1 NVD Jun 05, 2026
CVE-2026-21825 HCL Digital Experience Compose is affected by a reflected cross-site scripting ( MEDIUM 6.1 NVD Jun 05, 2026
CVE-2026-10732 All versions of the package decompress are vulnerable to Arbitrary File Write vi MEDIUM 6.4 NVD Jun 05, 2026
EDB-52609 [webapps] WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection HIGH N/A EXPLOIT-DB Jun 05, 2026
CVE-2026-28318 SolarWinds - Serv-U CRITICAL N/A CISA Jun 05, 2026
CVE-2026-10891 Chrome — Use after free in GFX in Google Chrome on Linux prior to 149 HIGH 8.8 NVD Jun 04, 2026
CVE-2026-10890 Chrome — Use after free in Cast in Google Chrome prior to 149 HIGH 8.8 NVD Jun 04, 2026
CVE-2026-10889 Chrome — Out of bounds read in ANGLE in Google Chrome prior to 149 HIGH 8.3 NVD Jun 04, 2026
CVE-2026-10888 Chrome — Use after free in Cast Streaming in Google Chrome prior to 1 HIGH 8.8 NVD Jun 04, 2026
CVE-2026-10887 Chrome — Use after free in Chromoting in Google Chrome on Mac prior t HIGH 8.1 NVD Jun 04, 2026
CVE-2026-10886 Chrome — Use after free in FileSystem in Google Chrome prior to 149 CRITICAL 9.6 NVD Jun 04, 2026
CVE-2026-10885 Chrome — Use after free in Chrome for iOS in Google Chrome on iOS pri HIGH 8.8 NVD Jun 04, 2026
CVE-2026-10884 Chrome — Use after free in Chromecast in Google Chrome prior to 149 HIGH 8.3 NVD Jun 04, 2026
CVE-2026-10883 Chrome — Type Confusion in ANGLE in Google Chrome prior to 149 HIGH 8.8 NVD Jun 04, 2026
CVE-2026-10882 Chrome — Use after free in Network in Google Chrome prior to 149 HIGH 8.8 NVD Jun 04, 2026
CVE-2026-10881 Chrome — Out of bounds read and write in ANGLE in Google Chrome prior CRITICAL 9.6 NVD Jun 04, 2026
CVE-2026-10875 A security flaw has been discovered in projectworlds Online Art Gallery Shop Pro MEDIUM 6.3 NVD Jun 04, 2026
CVE-2026-10874 A vulnerability was identified in projectworlds Online Art Gallery Shop Project MEDIUM 6.3 NVD Jun 04, 2026
CVE-2026-10873 A vulnerability was determined in Shibby Tomato 1 HIGH 7.2 NVD Jun 04, 2026
CVE-2026-10872 A vulnerability was found in Shibby Tomato 1 HIGH 7.2 NVD Jun 04, 2026
CVE-2025-8873 On affected platforms running Arista EOS with IPsec configured, a specially craf HIGH 7.5 NVD Jun 04, 2026
CVE-2024-27892 Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set req CRITICAL 9.6 NVD Jun 04, 2026
CVE-2024-27890 Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set req CRITICAL 9.6 NVD Jun 04, 2026
CVE-2025-71316 SQLite 'sqldiff CRITICAL 9.8 NVD Jun 04, 2026
CVE-2025-65640 Cross Site Scripting (XSS) vulnerability in the "Task in Progress / Recent" page MEDIUM 6.3 NVD Jun 04, 2026
CVE-2026-50292 Libinput — In libinput before 1 HIGH 7.4 NVD Jun 04, 2026
CVE-2026-48040 Netty-Incubator-Codec-Ohttp — The netty incubator codec CRITICAL 9.1 NVD Jun 04, 2026
CVE-2026-25551 Seagull Software BarTender 2021 R1 through 12 HIGH 7.8 NVD Jun 04, 2026
CVE-2026-25550 Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remot CRITICAL 9.8 NVD Jun 04, 2026
CVE-2026-10880 OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpo CRITICAL 9.8 NVD Jun 04, 2026
CVE-2026-10796 Node Version Manager — nvm (Node Version Manager) through 0 HIGH 7.5 NVD Jun 04, 2026
CVE-2025-69755 An issue in Neterbit NW-431F Router vNW-431F-20241014-IR03 allows a remote attac HIGH 8.2 NVD Jun 04, 2026
CVE-2025-67448 The SMS module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable HIGH 7.1 NVD Jun 04, 2026
CVE-2025-67447 The network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and CRITICAL 9.8 NVD Jun 04, 2026
CVE-2026-50076 Deserialization of Untrusted Data in the Java replace-resolve path in Apache For CRITICAL 9.1 NVD Jun 04, 2026
CVE-2026-49942 Net::CIDR::Set versions through 0 HIGH 7.3 NVD Jun 04, 2026
CVE-2026-49941 Net::CIDR::Set versions through 0 HIGH 7.5 NVD Jun 04, 2026
CVE-2026-49940 Net::CIDR::Set versions through 0 MEDIUM 6.5 NVD Jun 04, 2026
CVE-2026-46741 Etsy::StatsD versions through 1 HIGH 7.5 NVD Jun 04, 2026
CVE-2025-67446 Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Route CRITICAL 9.8 NVD Jun 04, 2026
CVE-2019-25729 PDF Signer 3 CRITICAL 9.8 NVD Jun 04, 2026
CVE-2019-25728 Care2x 2 HIGH 8.2 NVD Jun 04, 2026
CVE-2019-25727 WordPress Plugin ad manager wd 1 CRITICAL 9.8 NVD Jun 04, 2026
CVE-2019-25726 All in One Video Downloader 1 HIGH 8.2 NVD Jun 04, 2026
CVE-2026-4104 Authorization bypass through User-Controlled SQL primary key vulnerability in Ak CRITICAL 9.8 NVD Jun 04, 2026
CVE-2026-10843 A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM polici HIGH 7.2 NVD Jun 04, 2026
CVE-2026-10840 A flaw was found in the OpenShift Pipelines operator CRITICAL 9.6 NVD Jun 04, 2026
CVE-2025-52612 Icontrol — HCL iControl was affected by Export CSV - CSV Injection vuln HIGH 7.1 NVD Jun 04, 2026
CVE-2026-50210 Connect M6E 5G Firmware — The device encrypts data using AES-CBC with static zero-fill HIGH 7.5 NVD Jun 04, 2026
CVE-2026-50209 Connect M6E 5G Firmware — Broadcast events allow malicious software to rewrite the dev HIGH 7.8 NVD Jun 04, 2026
CVE-2026-50208 Connect M6E 5G Firmware — High-risk TrustAllCerts routines disable standard TLS certif CRITICAL 9.4 NVD Jun 04, 2026
CVE-2026-50207 Connect M6E 5G Firmware — The system Binder boundary accepts unverified pass-through A HIGH 7.8 NVD Jun 04, 2026
CVE-2026-3820 There is a vulnerability in the Supermicro BMC SMTP service at Supermicro AS-21 HIGH 7.2 NVD Jun 04, 2026
CVE-2026-50206 Connect M6E 5G Firmware — Incoming VPN network profile settings fail to process specia MEDIUM 6.8 NVD Jun 04, 2026
CVE-2026-50205 Connect M6E 5G Firmware — System log files output unencrypted SMTP server authenticati HIGH 8.2 NVD Jun 04, 2026
CVE-2026-49204 Connect M6E 5G Firmware — Leftover debug modules contain fixed credentials for interna MEDIUM 6.5 NVD Jun 04, 2026
CVE-2026-49203 Connect M6E 5G Firmware — Crucial management API endpoints for cellular eSIM allocatio HIGH 8.3 NVD Jun 04, 2026
CVE-2026-49202 Connect M6E 5G Firmware — Internal multimedia session archives are accessible without HIGH 8.6 NVD Jun 04, 2026
CVE-2026-49194 Connect M6E 5G Firmware — The debugging routine SCREEN_CLICK(5053) enables a connectio HIGH 8.8 NVD Jun 04, 2026
CVE-2026-49193 Connect M6E 5G Firmware — Overly permissive configuration settings on cloud storage co HIGH 7.5 NVD Jun 04, 2026
CVE-2026-49191 Connect M6E 5G Firmware — The production build of the M3WebServer hard-codes its backe CRITICAL 9.8 NVD Jun 04, 2026
CVE-2026-49190 Connect M6E 5G Firmware — The system fails to evaluate instructional permissions over HIGH 8.8 NVD Jun 04, 2026
CVE-2026-49189 Connect M6E 5G Firmware — Unchecked public access permissions on a core Broadcast Rece HIGH 7.8 NVD Jun 04, 2026
CVE-2026-49188 Connect M6E 5G Firmware — The ai_cmd utility executes with full root permissions CRITICAL 9.8 NVD Jun 04, 2026
CVE-2026-49187 Connect M6E 5G Firmware — The hard-coded APK resource files never expire, and the shar HIGH 7.5 NVD Jun 04, 2026
CVE-2026-10805 A flaw was found in NetworkManager MEDIUM 6.7 NVD Jun 04, 2026
CVE-2026-49186 Connect M6E 5G Firmware — The local MQTT broker does not enforce topic-level Access Co CRITICAL 9.8 NVD Jun 04, 2026
CVE-2026-49185 Connect M6E 5G Firmware — The FieldX MDM adb messaging topic passes unverified payload CRITICAL 9.8 NVD Jun 04, 2026
CVE-2026-41283 OpenStack Mistral through 22 CRITICAL 9.9 NVD Jun 04, 2026
CVE-2026-41010 ReleaseJob#unpack builds job_dir = File HIGH 8.2 NVD Jun 04, 2026
CVE-2026-8829 HTML::Entities versions before 3 HIGH 7.5 NVD Jun 04, 2026
CVE-2026-41860 CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redir HIGH 8.8 NVD Jun 04, 2026
CVE-2026-41859 A network man-in-the-middle between nats-sync and the BOSH director can steal th HIGH 7.8 NVD Jun 04, 2026
CVE-2026-41858 Weak Randomness / Insecure Cryptographic Primitive (CWE-338) in Get-RandomPasswo HIGH 7.5 NVD Jun 04, 2026
CVE-2026-41011 PackagePersister HIGH 8.2 NVD Jun 04, 2026
CVE-2026-8653 The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL I MEDIUM 6.5 NVD Jun 04, 2026
CVE-2026-7764 An out-of-bounds read vulnerability in the morse MEDIUM 6.8 NVD Jun 04, 2026
CVE-2026-10737 The SP Project & Document Manager plugin for WordPress is vulnerable to unauthor HIGH 7.5 NVD Jun 04, 2026
CVE-2026-8722 Net::Async::Statsd::Client versions through 0 MEDIUM 6.5 NVD Jun 04, 2026
CVE-2026-10777 A vulnerability was identified in ealpha072 Student-Management-System up to 0145 HIGH 7.3 NVD Jun 03, 2026
CVE-2026-36612 Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 enables WPS 2 MEDIUM 6.4 NVD Jun 03, 2026
CVE-2026-36611 Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 returns 128 bytes of un HIGH 7.3 NVD Jun 03, 2026
CVE-2026-36609 Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 uses a static au HIGH 7.3 NVD Jun 03, 2026
CVE-2026-36608 Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows UPnP AddP HIGH 8.8 NVD Jun 03, 2026
CVE-2026-36607 Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows unauthent HIGH 8.8 NVD Jun 03, 2026
CVE-2026-36606 Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 encrypts configu HIGH 7.1 NVD Jun 03, 2026
CVE-2026-36605 Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 is vulnerable to MEDIUM 6.5 NVD Jun 03, 2026
CVE-2026-36604 Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 does not validat MEDIUM 6.5 NVD Jun 03, 2026
CVE-2026-36603 Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 exposes 15 of 18 HIGH 8.1 NVD Jun 03, 2026
CVE-2026-20233 A vulnerability in the web-based user interface of Cisco Webex Meetings could ha MEDIUM 6.1 NVD Jun 03, 2026
CVE-2026-20230 A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco U HIGH 8.6 NVD Jun 03, 2026
CVE-2026-20175 A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker MEDIUM 6.1 NVD Jun 03, 2026
CVE-2019-25720 Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL MEDIUM 6.5 NVD Jun 03, 2026
CVE-2026-35084 A remote attacker with user privileges can exploit a stack buffer overflow in da HIGH 8.8 NVD Jun 03, 2026
CVE-2026-35083 A remote attacker with user privileges can exploit a stack buffer overflow to ga HIGH 8.8 NVD Jun 03, 2026
CVE-2026-35082 The ugw-logread method allows a remote attacker with user privileges to access a HIGH 8.8 NVD Jun 03, 2026
CVE-2026-35081 The ugw-logstop method allows a remote attacker with user privileges to terminat HIGH 8.1 NVD Jun 03, 2026
CVE-2026-35080 The ugw-restoreinfo method allows a remote attacker with user privileges to dele HIGH 8.1 NVD Jun 03, 2026
CVE-2026-35079 The ugw-restore method allows a remote attacker with user privileges to delete a HIGH 8.1 NVD Jun 03, 2026
CVE-2026-35078 The ugw-logstop method allows a remote attacker with user privileges to delete HIGH 8.1 NVD Jun 03, 2026
CVE-2026-35077 The ugw-delete-file method allows a remote attacker with user privileges to del HIGH 8.1 NVD Jun 03, 2026
CVE-2026-35076 The bac-scanresult method allows a remote attacker with user privileges to delet HIGH 8.1 NVD Jun 03, 2026
CVE-2026-35075 An unauthenticated remote attacker can recover a default, hard coded password fr CRITICAL 9.8 NVD Jun 03, 2026
CVE-2026-47065 ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via j CRITICAL 9.8 NVD Jun 03, 2026
CVE-2026-41032 It is possible for an unauthenticated adjacent attacker to download log files of HIGH 7.5 NVD Jun 03, 2026
CVE-2025-15656 Incorrect Privilege Assignment vulnerability in Mojoomla School Management allow HIGH 8.8 NVD Jun 03, 2026
CVE-2025-15655 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 7.6 NVD Jun 03, 2026
CVE-2025-14774 T-Mac Plus — Incorrect Authorization vulnerability in ABB T-MAC Plus HIGH 7.4 NVD Jun 03, 2026
CVE-2025-14773 T-Mac Plus — Improper neutralization of input during web page generation HIGH 8.0 NVD Jun 03, 2026
CVE-2025-14772 T-Mac Plus — Authorization bypass through User-Controlled key vulnerabili HIGH 8.8 NVD Jun 03, 2026
CVE-2025-14771 T-Mac Plus — Files or directories accessible to external parties vulnerab CRITICAL 9.9 NVD Jun 03, 2026
CVE-2026-4035 Mlflow — A vulnerability in mlflow/mlflow versions prior to 3 HIGH 7.7 NVD Jun 03, 2026
CVE-2025-15654 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti HIGH 7.1 NVD Jun 03, 2026
CVE-2026-10690 A vulnerability was identified in wonderwhy-er DesktopCommanderMCP 0 MEDIUM 6.3 NVD Jun 03, 2026
CVE-2026-45247 Mirasvit - Mirasvit Full Page Cache Warmer CRITICAL N/A CISA Jun 03, 2026
CVE-2026-44654 Librechat — LibreChat is an enhanced ChatGPT clone that supports multipl HIGH 8.1 NVD Jun 02, 2026
CVE-2026-44653 Librechat — LibreChat is an enhanced ChatGPT clone that supports multipl MEDIUM 6.5 NVD Jun 02, 2026
CVE-2026-42504 Decoding a maliciously-crafted MIME header containing many invalid encoded-words HIGH 7.5 NVD Jun 02, 2026
CVE-2026-35482 alf HIGH 8.0 NVD Jun 02, 2026
CVE-2026-32625 Librechat — LibreChat is an enhanced ChatGPT clone that supports multipl CRITICAL 9.6 NVD Jun 02, 2026
CVE-2026-31942 Librechat — LibreChat is an enhanced ChatGPT clone that supports multipl HIGH 7.1 NVD Jun 02, 2026
CVE-2026-27145 (*x509 MEDIUM 6.5 NVD Jun 02, 2026
CVE-2026-10662 A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3 MEDIUM 6.3 NVD Jun 02, 2026
CVE-2019-25724 Dräger Infinity M300 patient worn monitors with software version VG2 MEDIUM 6.5 NVD Jun 02, 2026
CVE-2019-25722 Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL HIGH 7.6 NVD Jun 02, 2026
CVE-2019-25721 Dräger Infinity M300 patient worn monitors with software version VG2 MEDIUM 6.5 NVD Jun 02, 2026
CVE-2026-49943 CZ MEDIUM 6.3 NVD Jun 02, 2026
CVE-2026-42074 Openclaude — OpenClaude is an open-source coding-agent command line inter CRITICAL 9.8 NVD Jun 02, 2026
CVE-2026-42073 Openclaude — OpenClaude is an open-source coding-agent command line inter MEDIUM 6.5 NVD Jun 02, 2026
CVE-2026-40715 Dell ThinOS 10, versions prior to ThinOS10 2602_10 HIGH 7.8 NVD Jun 02, 2026
CVE-2026-40713 Dell ThinOS 10, versions prior to ThinOS10 2602_10 MEDIUM 6.1 NVD Jun 02, 2026
CVE-2026-24237 NVIDIA NVTabular contains a vulnerability where an attacker could cause improper HIGH 7.8 NVD Jun 02, 2026
CVE-2026-24221 NVIDIA NVTabular contains a vulnerability where an attacker could cause improper HIGH 7.8 NVD Jun 02, 2026
CVE-2026-10606 A vulnerability was determined in DedeCMS 5 HIGH 7.3 NVD Jun 02, 2026
CVE-2026-0611 Spacelabs Healthcare Sentinel versions 10 CRITICAL 9.8 NVD Jun 02, 2026
CVE-2026-10622 Improper Authentication in REST API in Collibra Agent, allows a remote unauthent HIGH 8.2 NVD Jun 02, 2026
CVE-2026-10621 Path traversal in restore handler in Collibra Agent, allows an attacker to write HIGH 7.5 NVD Jun 02, 2026
CVE-2025-69369 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP HIGH 8.1 NVD Jun 02, 2026
CVE-2025-68886 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP HIGH 8.1 NVD Jun 02, 2026
CVE-2025-58897 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP HIGH 8.1 NVD Jun 02, 2026
CVE-2025-58707 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP HIGH 8.1 NVD Jun 02, 2026
CVE-2019-25719 Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors HIGH 8.6 NVD Jun 02, 2026
CVE-2026-8993 D MEDIUM 6.5 NVD Jun 02, 2026
CVE-2026-42685 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti HIGH 7.1 NVD Jun 02, 2026
CVE-2026-42684 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti CRITICAL 9.3 NVD Jun 02, 2026
CVE-2026-42670 Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star HIGH 7.5 NVD Jun 02, 2026
CVE-2026-42669 Missing Authorization vulnerability in EventPrime allows Exploiting Incorrectly HIGH 7.5 NVD Jun 02, 2026
CVE-2026-39551 Deserialization of Untrusted Data vulnerability in Elated-Themes Töbel allows Ob HIGH 8.1 NVD Jun 02, 2026
CVE-2026-39550 Deserialization of Untrusted Data vulnerability in Elated-Themes Aperitif allows HIGH 8.1 NVD Jun 02, 2026
CVE-2025-58705 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP HIGH 8.1 NVD Jun 02, 2026
CVE-2025-58024 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP HIGH 7.5 NVD Jun 02, 2026
CVE-2025-53440 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP HIGH 8.1 NVD Jun 02, 2026
CVE-2025-52759 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti HIGH 7.1 NVD Jun 02, 2026
CVE-2026-8885 The DeMomentSomTres Shortcodes plugin for WordPress is vulnerable to Stored Cros MEDIUM 6.4 NVD Jun 02, 2026
CVE-2026-4081 The ZeM STL plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi MEDIUM 6.4 NVD Jun 02, 2026
CVE-2026-4080 The Easy Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting MEDIUM 6.4 NVD Jun 02, 2026
CVE-2026-2425 The hiWeb Migration Simple plugin for WordPress is vulnerable to Reflected Cross MEDIUM 6.1 NVD Jun 02, 2026
CVE-2026-2382 The FPW Category Thumbnails plugin for WordPress is vulnerable to Stored Cross-S MEDIUM 6.4 NVD Jun 02, 2026
CVE-2026-1784 The Route OpenShift resource allows to define routes to make pods reachable at a HIGH 8.8 NVD Jun 02, 2026
CVE-2026-1451 The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting MEDIUM 6.1 NVD Jun 02, 2026
CVE-2026-1450 The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting MEDIUM 6.1 NVD Jun 02, 2026
CVE-2026-8293 The Really Simple Security WordPress plugin before 9 HIGH 7.5 NVD Jun 02, 2026
CVE-2025-48595 Android - Framework CRITICAL N/A CISA Jun 02, 2026
CVE-2022-0492 Linux - Kernel CRITICAL N/A CISA Jun 02, 2026
CVE-2026-24088 Ar9380 Firmware — Cryptographic Issue while processing a specific partition wh HIGH 8.2 NVD Jun 01, 2026
CVE-2026-24087 Ar8031 Firmware — Memory corruption while processing fastboot OEM commands HIGH 7.2 NVD Jun 01, 2026
CVE-2026-24085 Qca6391 Firmware — Memory Corruption when processing display command line infor HIGH 7.2 NVD Jun 01, 2026
CVE-2026-10297 A vulnerability was identified in itsourcecode Fees Management System 1 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10296 A vulnerability was determined in itsourcecode Fees Management System 1 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2025-59614 Cologne Firmware — Memory Corruption when sending random number generator comma MEDIUM 6.7 NVD Jun 01, 2026
CVE-2025-59613 Cologne Firmware — Memory Corruption when output buffer size is smaller than in MEDIUM 6.7 NVD Jun 01, 2026
CVE-2025-59612 Cologne Firmware — Memory corruption in windows drivers while sending incorrect MEDIUM 6.7 NVD Jun 01, 2026
CVE-2025-59611 Aqt1000 Firmware — Memory corruption in diagnostic services due to absence of i MEDIUM 6.7 NVD Jun 01, 2026
CVE-2025-59610 Snapdragon G1 Gen 2 Gaming Platform Firmware — Memory Corruption when processing IOCTL requests with mismat MEDIUM 6.4 NVD Jun 01, 2026
CVE-2025-59606 Cologne Firmware — Memory Corruption when writing to invalid memory locations o HIGH 7.8 NVD Jun 01, 2026
CVE-2025-59605 Snapdragon G1 Gen 2 Gaming Platform Firmware — Memory Corruption when processing device identifier strings HIGH 7.8 NVD Jun 01, 2026
CVE-2025-59604 Snapdragon 480 5G Mobile Platform Firmware — Memory Corruption when running a memory copy operation due t HIGH 7.8 NVD Jun 01, 2026
CVE-2025-59601 Fastconnect 7800 Firmware — Information Disclosure when resetting device to factory defa MEDIUM 6.5 NVD Jun 01, 2026
CVE-2019-25718 Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that HIGH 8.4 NVD Jun 01, 2026
CVE-2026-42674 Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced Access Ma HIGH 7.5 NVD Jun 01, 2026
CVE-2026-42673 Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Act HIGH 7.5 NVD Jun 01, 2026
CVE-2026-42672 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti CRITICAL 9.3 NVD Jun 01, 2026
CVE-2026-42671 Missing Authorization vulnerability in Paolo GeoDirectory allows Exploiting Inco MEDIUM 6.5 NVD Jun 01, 2026
CVE-2026-38950 An issue in ESA AnomalyMatch before 1 HIGH 7.8 NVD Jun 01, 2026
CVE-2026-37227 FlexRIC v2 HIGH 7.5 NVD Jun 01, 2026
CVE-2026-37225 FlexRIC v2 HIGH 7.5 NVD Jun 01, 2026
CVE-2026-37224 FlexRIC v2 HIGH 7.5 NVD Jun 01, 2026
CVE-2026-37223 FlexRIC v2 HIGH 7.5 NVD Jun 01, 2026
CVE-2026-37222 FlexRIC v2 HIGH 7.5 NVD Jun 01, 2026
CVE-2026-10274 A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833a MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10273 A vulnerability was found in php-censor up to 2 HIGH 7.3 NVD Jun 01, 2026
CVE-2026-10272 A vulnerability has been found in a4m4 Student-Management-System up to f0c5f6842 MEDIUM 6.5 NVD Jun 01, 2026
CVE-2026-10271 A flaw has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431f MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10270 A vulnerability was detected in D-Link DI-7001 MINI up to 19 HIGH 8.8 NVD Jun 01, 2026
CVE-2026-10269 A security vulnerability has been detected in decolua 9router up to 0 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10118 A flaw was found in Poppler's Splash backend HIGH 7.8 NVD Jun 01, 2026
CVE-2022-4991 Tychon includes an OpenSSL component that specifies an OPENSSLDIR variable as a HIGH 7.4 NVD Jun 01, 2026
CVE-2026-10258 A weakness has been identified in itsourcecode Content Management System 1 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10257 A security flaw has been discovered in itsourcecode Content Management System 1 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10256 A vulnerability was identified in itsourcecode Content Management System 1 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10253 A vulnerability was detected in itsourcecode Online House Rental System 1 HIGH 7.3 NVD Jun 01, 2026
CVE-2026-10252 A security vulnerability has been detected in itsourcecode Online House Rental S HIGH 7.3 NVD Jun 01, 2026
CVE-2026-10251 A weakness has been identified in itsourcecode Online House Rental System 1 HIGH 7.3 NVD Jun 01, 2026
CVE-2026-25600 The PDBM application relies on a static, hard‑coded secret embedded in the PDBM MEDIUM 6.4 NVD Jun 01, 2026
CVE-2026-25599 Missing authentication and clear‑text transmission of data from the heat pumps t MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10250 A security flaw has been discovered in itsourcecode Online Blood Bank Management HIGH 7.3 NVD Jun 01, 2026
CVE-2026-10249 A vulnerability was identified in itsourcecode Online Blood Bank Management Syst HIGH 7.3 NVD Jun 01, 2026
CVE-2026-10240 A vulnerability was identified in JeecgBoot up to 3 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10239 A vulnerability was determined in JeecgBoot up to 3 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10236 A vulnerability has been found in SourceCodester Water Billing Management System HIGH 7.3 NVD Jun 01, 2026
CVE-2026-45192 Airflow — A bug in the GET `/api/v2/connections/{connection_id}` REST MEDIUM 6.5 NVD Jun 01, 2026
CVE-2026-35563 Directory Ldap Api — It was identified that the LDAP client implementation in ver HIGH 8.5 NVD Jun 01, 2026
CVE-2026-10235 A flaw has been found in CodeAstro Ingredients Stock Management System 1 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10227 A vulnerability has been found in raisulislamg4 student_management_system_by_php HIGH 7.3 NVD Jun 01, 2026
CVE-2026-10226 A flaw has been found in raisulislamg4 student_management_system_by_php up to 31 HIGH 7.3 NVD Jun 01, 2026
CVE-2026-10225 A vulnerability was detected in raisulislamg4 student_management_system_by_php u HIGH 7.3 NVD Jun 01, 2026
CVE-2026-10223 A weakness has been identified in NousResearch hermes-agent up to 2026 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10217 A flaw has been found in nextlevelbuilder GoClaw up to 3 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10214 A weakness has been identified in zhayujie chatgpt-on-wechat up to 2 HIGH 7.3 NVD Jun 01, 2026
CVE-2026-10212 A vulnerability was identified in AstrBotDevs AstrBot 4 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10211 A vulnerability was determined in AstrBotDevs AstrBot 4 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10210 A vulnerability was found in AstrBotDevs AstrBot 4 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10209 A vulnerability has been found in code-projects Online Hospital Management Syste MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10208 A flaw has been found in code-projects Online Hospital Management System 1 HIGH 7.3 NVD Jun 01, 2026
CVE-2026-10206 A vulnerability was detected in D-Link DI-8400 up to 16 HIGH 8.8 NVD Jun 01, 2026
CVE-2026-10205 A security vulnerability has been detected in Metasoft 美特软件 MetaCRM 6 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10204 A weakness has been identified in OFCMS 1 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10203 A security flaw has been discovered in OFCMS 1 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2026-10202 A vulnerability was identified in OFCMS 1 MEDIUM 6.3 NVD Jun 01, 2026
CVE-2024-21182 Oracle - WebLogic Server CRITICAL N/A CISA Jun 01, 2026
EDB-52607 [webapps] WordPress OrderConvo 14 - Path Traversal HIGH N/A EXPLOIT-DB Jun 01, 2026
EDB-52608 [webapps] Drupal Core 10.5.5 - Error-Based SQL Injection HIGH N/A EXPLOIT-DB Jun 01, 2026
CVE-2026-8796 Sereal::Decoder versions before 5 HIGH 8.1 NVD May 31, 2026
CVE-2026-10194 A weakness has been identified in OFFIS DCMTK 3 MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10193 A security flaw has been discovered in OFCMS up to 1 MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10192 A vulnerability was identified in Tenda W12 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10191 A vulnerability was determined in Tenda W12 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10190 A vulnerability was found in Tenda W12 3 MEDIUM 6.5 NVD May 31, 2026
CVE-2026-10189 A vulnerability has been found in Tenda W12 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10188 A flaw has been found in Tenda W12 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10187 A vulnerability was detected in Totolink N300RH 6 CRITICAL 9.8 NVD May 31, 2026
CVE-2026-10186 A security vulnerability has been detected in code-projects Online Hospital Mana HIGH 7.3 NVD May 31, 2026
CVE-2026-10185 A weakness has been identified in SourceCodester Hospitals Patient Records Manag HIGH 7.3 NVD May 31, 2026
CVE-2026-10184 A security flaw has been discovered in SourceCodester Hospitals Patient Records HIGH 7.3 NVD May 31, 2026
CVE-2026-10183 A vulnerability was identified in TRENDnet TEW-432BRP 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10182 A vulnerability was determined in TRENDnet TEW-432BRP 3 MEDIUM 6.3 NVD May 31, 2026
CVE-2026-49490 OpenCATS from version 0 HIGH 8.1 NVD May 31, 2026
CVE-2026-49489 OpenCATS through 0 HIGH 8.5 NVD May 31, 2026
CVE-2026-10181 A vulnerability was found in TRENDnet TEW-432BRP 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10180 A vulnerability has been found in TRENDnet TEW-432BRP 3 MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10179 A flaw has been found in TRENDnet TEW-432BRP 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10178 A vulnerability was detected in code-projects Online Music Site 1 HIGH 7.3 NVD May 31, 2026
CVE-2026-10177 A security vulnerability has been detected in Aider-AI Aider 0 MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10176 A weakness has been identified in Aider-AI Aider 0 MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10175 A security flaw has been discovered in Aider-AI Aider 0 MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10174 A vulnerability was identified in Aider-AI Aider 0 MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10172 A security flaw has been discovered in Bdtask Multi-Store Inventory Management S MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10170 A flaw has been found in code-projects Visitor Management System 1 MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10168 A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School St MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10167 A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Manage HIGH 7.3 NVD May 31, 2026
CVE-2026-10166 A vulnerability was determined in Edimax BR-6478AC 1 MEDIUM 6.3 NVD May 31, 2026
CVE-2026-10165 A vulnerability was identified in Edimax BR-6478AC 1 HIGH 8.8 NVD May 31, 2026
CVE-2026-10164 A vulnerability was found in Edimax BR-6478AC 1 HIGH 8.8 NVD May 31, 2026
CVE-2026-10163 A vulnerability has been found in Edimax BR-6478AC 1 HIGH 8.8 NVD May 31, 2026
CVE-2026-10162 A flaw has been found in TRENDnet TEW-432BRP 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10161 A vulnerability was detected in TRENDnet TEW-432BRP 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10160 A security vulnerability has been detected in TRENDnet TEW-432BRP 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10159 A weakness has been identified in TRENDnet TEW-432BRP 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10158 A security flaw has been discovered in TRENDnet TEW-432BRP 3 HIGH 8.8 NVD May 31, 2026
CVE-2026-10157 A vulnerability was identified in Open5GS up to 2 HIGH 7.3 NVD May 31, 2026
CVE-2026-10152 A vulnerability was detected in TaleLin lin-cms-spring-boot up to 0 MEDIUM 6.3 NVD May 30, 2026
CVE-2026-10127 A weakness has been identified in Edimax BR-6478AC 1 MEDIUM 6.3 NVD May 30, 2026
CVE-2026-10126 A security flaw has been discovered in Edimax BR-6478AC 1 HIGH 8.8 NVD May 30, 2026
CVE-2018-25417 AiOPMSD Final 1 HIGH 8.2 NVD May 30, 2026
CVE-2018-25416 AiOPMSD Final 1 HIGH 8.2 NVD May 30, 2026
CVE-2018-25415 AiOPMSD Final 1 HIGH 8.2 NVD May 30, 2026
CVE-2018-25414 AiOPMSD Final 1 HIGH 8.2 NVD May 30, 2026
CVE-2018-25413 AiOPMSD Final 1 HIGH 8.2 NVD May 30, 2026
CVE-2018-25412 Delta Sql 1 CRITICAL 9.8 NVD May 30, 2026
CVE-2018-25411 MGB OpenSource Guestbook 0 HIGH 8.2 NVD May 30, 2026
CVE-2018-25410 SIM-PKH 2 HIGH 7.1 NVD May 30, 2026
CVE-2018-25409 SIM-PKH 2 HIGH 8.8 NVD May 30, 2026
CVE-2018-25408 The Open ISES Project 3 HIGH 7.5 NVD May 30, 2026
CVE-2018-25407 eNdonesia Portal 8 HIGH 8.2 NVD May 30, 2026
CVE-2018-25406 eNdonesia Portal 8 HIGH 8.2 NVD May 30, 2026
CVE-2018-25405 eNdonesia Portal 8 HIGH 8.2 NVD May 30, 2026
CVE-2026-10120 A vulnerability was detected in TRENDnet TEW-432BRP 3 HIGH 8.8 NVD May 30, 2026
CVE-2026-10119 A security vulnerability has been detected in TRENDnet TEW-432BRP 3 HIGH 8.8 NVD May 30, 2026
CVE-2026-9757 The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlat HIGH 7.5 NVD May 30, 2026
CVE-2026-7465 The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for W HIGH 8.8 NVD May 30, 2026
CVE-2026-7459 The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPres HIGH 7.5 NVD May 30, 2026
CVE-2026-5071 The SocketCAN implementation validates the length of a user-provided buffer cont MEDIUM 6.1 NVD May 30, 2026
CVE-2026-10111 A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1 HIGH 7.3 NVD May 30, 2026
CVE-2026-10110 A vulnerability was detected in code-projects Student Details Management System HIGH 7.3 NVD May 30, 2026
EDB-52604 [webapps] YAMCS yamcs-core 5.12.7 - User Enumeration HIGH N/A EXPLOIT-DB May 30, 2026
EDB-52603 [webapps] YAMCS yamcs-core 5.12.7 - LDAP Injection HIGH N/A EXPLOIT-DB May 30, 2026
EDB-52606 [remote] Notepad++ 8.9.6 - Arbitrary Code Execution HIGH N/A EXPLOIT-DB May 30, 2026
EDB-52605 [webapps] YAMCS yamcs-core 5.12.7 - No Rate Limiting HIGH N/A EXPLOIT-DB May 30, 2026
CVE-2026-47125 Arcane is an interface for managing Docker containers, images, networks, and vol HIGH 8.8 NVD May 29, 2026
CVE-2026-45661 Dokploy is a free, self-hostable Platform as a Service (PaaS) CRITICAL 9.9 NVD May 29, 2026
CVE-2026-45633 Dokploy is a free, self-hostable Platform as a Service (PaaS) CRITICAL 9.9 NVD May 29, 2026
CVE-2026-45632 Dokploy is a free, self-hostable Platform as a Service (PaaS) CRITICAL 9.9 NVD May 29, 2026
CVE-2026-45631 Dokploy is a free, self-hostable Platform as a Service (PaaS) CRITICAL 10.0 NVD May 29, 2026
CVE-2026-45630 Dokploy is a free, self-hostable Platform as a Service (PaaS) CRITICAL 9.0 NVD May 29, 2026
CVE-2026-45629 Dokploy is a free, self-hostable Platform as a Service (PaaS) CRITICAL 9.9 NVD May 29, 2026
CVE-2026-45628 Dokploy is a free, self-hostable Platform as a Service (PaaS) CRITICAL 9.6 NVD May 29, 2026
CVE-2026-45627 Arcane is an interface for managing Docker containers, images, networks, and vol HIGH 8.2 NVD May 29, 2026
CVE-2026-45626 Arcane is an interface for managing Docker containers, images, networks, and vol MEDIUM 6.3 NVD May 29, 2026
CVE-2026-45625 Arcane is an interface for managing Docker containers, images, networks, and vol CRITICAL 9.9 NVD May 29, 2026
CVE-2026-44697 Klever-Go is the Go implementation of the Klever blockchain protocol HIGH 8.6 NVD May 29, 2026
CVE-2026-10108 xiaomusic v0 HIGH 7.5 NVD May 29, 2026
CVE-2026-10107 MoviePilot v2 contains a server-side request forgery vulnerability in the image HIGH 7.7 NVD May 29, 2026
CVE-2026-10105 agno 2 HIGH 8.3 NVD May 29, 2026
CVE-2026-9558 A Server-Side Template Injection (SSTI) vulnerability exists in Mautic's theme e CRITICAL 9.9 NVD May 29, 2026
CVE-2026-9557 A Server-Side Request Forgery (SSRF) vulnerability exists in Mautic's Focus comp MEDIUM 6.4 NVD May 29, 2026
CVE-2026-46579 A flaw was found in the OpenShift Router HIGH 7.4 NVD May 29, 2026
CVE-2026-42965 A flaw was found in the OpenShift Router HIGH 7.7 NVD May 29, 2026
CVE-2026-10056 CORS misconfiguration in the REST API of Network Optix Nx Witness VMS before ver HIGH 7.5 NVD May 29, 2026
CVE-2026-9243 The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross MEDIUM 6.4 NVD May 29, 2026
CVE-2026-4776 An SQL injection vulnerability exists in Mautic's API contact filtering mechanis HIGH 7.1 NVD May 29, 2026
CVE-2026-3655 The OTP Login With Phone Number, OTP Verification plugin for WordPress is vulner CRITICAL 9.8 NVD May 29, 2026
CVE-2025-11262 The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Sc HIGH 7.2 NVD May 29, 2026
CVE-2026-9714 The Simple Divi Shortcode plugin for WordPress is vulnerable to Stored Cross-Sit MEDIUM 6.4 NVD May 29, 2026
CVE-2026-9493 Service Center developed by BankPro E-Service Technology has an Insecure Direct MEDIUM 6.5 NVD May 29, 2026
CVE-2026-8732 The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via A CRITICAL 9.8 NVD May 29, 2026
CVE-2026-6275 The StatCounter – Free Real Time Visitor Stats plugin for WordPress is vulnerabl MEDIUM 6.4 NVD May 29, 2026
CVE-2025-14042 The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerab MEDIUM 6.4 NVD May 29, 2026
CVE-2025-11993 The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vuln HIGH 8.8 NVD May 29, 2026
EDB-52596 [webapps] Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52595 [local] ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52593 [local] ZTE ZXHN H188A V6 - Authentication Bypass HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52592 [local] ZTE H298A / H108N - Unauthenticated Credential Exposure HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52591 [local] Linux Kernel - Local Privilege Escalation HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52590 [webapps] MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52589 [remote] Wing FTP Server 8.1.3 - Authenticated Remote Code Execution HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52588 [webapps] CubeCart < 6.7.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated) HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52587 [remote] strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52586 [dos] strongSwan 5.9.13 - DoS HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52594 [local] ZTE Routers - Unauthenticated Denial of Service HIGH N/A EXPLOIT-DB May 29, 2026
CVE-2026-0257 Palo Alto Networks - PAN-OS CRITICAL N/A CISA May 29, 2026
EDB-52601 [remote] Microsoft - NTLMv2 Hash Capture HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52600 [webapps] MikroORM 7.0.13 - SQL Injection HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52598 [webapps] Prodigy Commerce 3.3.0 - Local File Inclusion HIGH N/A EXPLOIT-DB May 29, 2026
EDB-52597 [webapps] Langflow 1.3.0 - Remote Code Execution HIGH N/A EXPLOIT-DB May 29, 2026
CVE-2026-10019 Chrome — Integer overflow in ANGLE in Google Chrome prior to 148 HIGH 8.8 NVD May 28, 2026
CVE-2026-10018 Chrome — Integer overflow in ANGLE in Google Chrome prior to 148 MEDIUM 6.5 NVD May 28, 2026
CVE-2026-10017 Out of bounds read in Headless in Google Chrome prior to 148 HIGH 8.3 NVD May 28, 2026
CVE-2026-10016 Use after free in DOM in Google Chrome prior to 148 HIGH 8.8 NVD May 28, 2026
CVE-2026-10015 Integer overflow in WTF in Google Chrome prior to 148 HIGH 8.8 NVD May 28, 2026
CVE-2026-10014 Use after free in WebMIDI in Google Chrome on Android prior to 148 HIGH 8.3 NVD May 28, 2026
CVE-2026-10013 Use after free in WebCodecs in Google Chrome prior to 148 HIGH 8.8 NVD May 28, 2026
CVE-2026-10012 Chrome — Use after free in Skia in Google Chrome prior to 148 HIGH 8.3 NVD May 28, 2026
CVE-2026-10009 Integer overflow in Skia in Google Chrome prior to 148 HIGH 7.5 NVD May 28, 2026
CVE-2026-10008 Uninitialized Use in GPU in Google Chrome on Android prior to 148 MEDIUM 6.5 NVD May 28, 2026
CVE-2026-10007 Use after free in SVG in Google Chrome prior to 148 HIGH 8.8 NVD May 28, 2026
CVE-2026-10006 Chrome — Race in WebAudio in Google Chrome prior to 148 HIGH 7.5 NVD May 28, 2026
CVE-2026-10005 Use after free in WebAppInstalls in Google Chrome on Mac prior to 148 HIGH 7.5 NVD May 28, 2026
CVE-2026-10004 Chrome — Insufficient validation of untrusted input in Passwords in G MEDIUM 6.5 NVD May 28, 2026
CVE-2026-10003 Use after free in Views in Google Chrome prior to 148 HIGH 7.5 NVD May 28, 2026
CVE-2026-10002 Chrome — Use after free in PDFium in Google Chrome prior to 148 HIGH 8.8 NVD May 28, 2026
CVE-2026-10001 Chrome — Use after free in PerformanceManager in Google Chrome prior HIGH 8.3 NVD May 28, 2026
CVE-2026-10000 Use after free in Passwords in Google Chrome on Windows prior to 148 HIGH 8.3 NVD May 28, 2026
CVE-2026-44543 Local Path Provisioner provides a way for the Kubernetes users to utilize the lo HIGH 8.7 NVD May 28, 2026
CVE-2026-44466 Zed is a code editor HIGH 8.6 NVD May 28, 2026
CVE-2026-44465 Zed is a code editor HIGH 8.6 NVD May 28, 2026
CVE-2026-44463 Zed is a code editor HIGH 8.6 NVD May 28, 2026
CVE-2026-44462 Zed is a code editor MEDIUM 6.4 NVD May 28, 2026
CVE-2026-44461 Zed is a code editor HIGH 8.6 NVD May 28, 2026
CVE-2026-41141 EspoCRM is an open source customer relationship management application MEDIUM 6.5 NVD May 28, 2026
CVE-2026-38707 Ir315 Firmware — A command injection vulnerability exists in the IPSec VPN fe CRITICAL 9.8 NVD May 28, 2026
CVE-2026-38704 Ir315 Firmware — A command injection vulnerability exists in the WireGuard VP CRITICAL 9.8 NVD May 28, 2026
CVE-2026-38703 Ir315 Firmware — A command injection vulnerability exists in the ZeroTier VPN CRITICAL 9.8 NVD May 28, 2026
CVE-2026-38702 Ir315 Firmware — A command injection vulnerability exists in the Admin Access CRITICAL 9.8 NVD May 28, 2026
CVE-2026-24444 SDMC NE6037 cable modem routers running firmware 7 CRITICAL 9.8 NVD May 28, 2026
CVE-2026-44594 esm HIGH 7.5 NVD May 28, 2026
CVE-2026-44358 Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflo HIGH 8.2 NVD May 28, 2026
CVE-2026-41565 CryptX versions before 0 HIGH 7.5 NVD May 28, 2026
CVE-2026-35676 phpMyFAQ before 4 HIGH 8.2 NVD May 28, 2026
CVE-2026-35675 phpMyFAQ before 4 HIGH 8.2 NVD May 28, 2026
CVE-2026-35672 phpMyFAQ before 4 HIGH 7.5 NVD May 28, 2026
CVE-2026-35671 phpMyFAQ before 4 HIGH 8.8 NVD May 28, 2026
CVE-2026-49238 An issue was discovered in Canonical Multipass before version 1 HIGH 8.4 NVD May 28, 2026
CVE-2026-49237 An issue was discovered in Canonical Multipass for macOS before version 1 HIGH 7.8 NVD May 28, 2026
CVE-2026-37579 An issue in SMSGate sms-core<=2 HIGH 7.3 NVD May 28, 2026
CVE-2026-37266 An issue in Responsive File Manager Responsive FileManager Version 9 HIGH 8.0 NVD May 28, 2026
CVE-2026-9644 The LiveSmart Video Chat Live Video Chat plugin for WordPress is vulnerable to S MEDIUM 6.4 NVD May 28, 2026
CVE-2026-9009 The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnera HIGH 8.8 NVD May 28, 2026
CVE-2026-3173 The Meta Field Block plugin for WordPress is vulnerable to Insecure Direct Objec MEDIUM 6.5 NVD May 28, 2026
CVE-2026-9796 A flaw was found in Keycloak MEDIUM 6.5 NVD May 28, 2026
CVE-2026-9795 A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature HIGH 7.3 NVD May 28, 2026
CVE-2026-9792 A flaw was found in Keycloak's Client Policies, specifically within the `org MEDIUM 6.5 NVD May 28, 2026
CVE-2026-7802 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authoriza HIGH 8.8 NVD May 28, 2026
CVE-2026-5737 The Independent Analytics plugin for WordPress is vulnerable to Server-Side Requ MEDIUM 6.5 NVD May 28, 2026
CVE-2026-32999 Insufficient character filtering in backup agent signing module on Comet Backup CRITICAL 9.0 NVD May 28, 2026
CVE-2026-2374 The Login No Captcha reCAPTCHA plugin for WordPress is vulnerable to Stored Cros HIGH 7.2 NVD May 28, 2026
CVE-2026-8915 Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflo HIGH 8.8 NVD May 28, 2026
CVE-2026-46416 Microsoft UFO open-source framework for intelligent automation across devices an MEDIUM 6.3 NVD May 27, 2026
CVE-2026-46414 Microsoft UFO open-source framework for intelligent automation across devices an HIGH 8.8 NVD May 27, 2026
CVE-2026-46402 Microsoft UFO open-source framework for intelligent automation across devices an HIGH 8.1 NVD May 27, 2026
CVE-2026-45322 Microsoft UFO open-source framework for intelligent automation across devices an HIGH 7.8 NVD May 27, 2026
CVE-2026-44322 Free5Gc — free5GC is an open-source implementation of the 5G core netw HIGH 7.5 NVD May 27, 2026
CVE-2026-44321 Free5Gc — free5GC is an open-source implementation of the 5G core netw HIGH 7.5 NVD May 27, 2026
CVE-2026-44320 Free5Gc — free5GC is an open-source implementation of the 5G core netw HIGH 7.3 NVD May 27, 2026
CVE-2026-44319 Free5Gc — free5GC is an open-source implementation of the 5G core netw HIGH 7.5 NVD May 27, 2026
CVE-2026-44318 Free5Gc — free5GC is an open-source implementation of the 5G core netw MEDIUM 6.5 NVD May 27, 2026
CVE-2026-44317 Free5Gc — free5GC is an open-source implementation of the 5G core netw MEDIUM 6.5 NVD May 27, 2026
CVE-2026-44316 Free5Gc — free5GC is an open-source implementation of the 5G core netw HIGH 7.5 NVD May 27, 2026
CVE-2026-44315 Free5Gc — free5GC is an open-source implementation of the 5G core netw CRITICAL 9.4 NVD May 27, 2026
CVE-2026-42459 Free5Gc — free5GC is an open-source implementation of the 5G core netw HIGH 7.5 NVD May 27, 2026
CVE-2026-42083 Free5Gc — free5GC is an open-source implementation of the 5G core netw HIGH 8.2 NVD May 27, 2026
CVE-2026-42081 free5GC is an open-source implementation of the 5G core network MEDIUM 6.1 NVD May 27, 2026
CVE-2026-38945 Command injection in Raynet rvia version 12 HIGH 7.8 NVD May 27, 2026
CVE-2026-38930 OpenRapid RapidCMS v1 MEDIUM 6.5 NVD May 27, 2026
CVE-2026-42738 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti HIGH 7.1 NVD May 27, 2026
CVE-2026-42737 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v HIGH 8.6 NVD May 27, 2026
CVE-2026-42736 Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Be HIGH 7.5 NVD May 27, 2026
CVE-2026-42735 Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic HIGH 8.2 NVD May 27, 2026
CVE-2026-42734 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti HIGH 7.1 NVD May 27, 2026
CVE-2026-42733 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti HIGH 7.1 NVD May 27, 2026
CVE-2026-42732 Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQua MEDIUM 6.5 NVD May 27, 2026
CVE-2026-42731 Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verifi CRITICAL 9.8 NVD May 27, 2026
CVE-2026-42730 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 8.5 NVD May 27, 2026
CVE-2026-42729 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti HIGH 7.1 NVD May 27, 2026
CVE-2026-42728 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti HIGH 7.1 NVD May 27, 2026
CVE-2026-42727 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti CRITICAL 9.3 NVD May 27, 2026
CVE-2026-42726 Missing Authorization vulnerability in Strategy11 Team AWP Classifieds another-w MEDIUM 6.5 NVD May 27, 2026
CVE-2026-42725 Authorization Bypass Through User-Controlled Key vulnerability in WP Wham Checko MEDIUM 6.5 NVD May 27, 2026
CVE-2026-3349 The MinhNhut Link Gateway plugin for WordPress is vulnerable to Reflected Cross- MEDIUM 6.1 NVD May 27, 2026
CVE-2026-3012 A flaw was found in Samba’s certificate auto-enrollment Group Policy handling HIGH 8.0 NVD May 27, 2026
CVE-2025-0898 The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Arbitrary MEDIUM 6.5 NVD May 27, 2026
CVE-2026-8844 The Responsive Check plugin for WordPress is vulnerable to Stored Cross-Site Scr MEDIUM 6.4 NVD May 27, 2026
CVE-2026-8842 The Google+ Link Name plugin for WordPress is vulnerable to Stored Cross-Site Sc MEDIUM 6.4 NVD May 27, 2026
CVE-2026-8837 The WP Iframe Geo Style for Amazon affiliates plugin for WordPress is vulnerable MEDIUM 6.4 NVD May 27, 2026
CVE-2026-8787 The Firebase Support & Chat Management plugin for WordPress is vulnerable to pri HIGH 8.8 NVD May 27, 2026
CVE-2026-8760 The Login with OTP plugin for WordPress is vulnerable to authentication bypass i CRITICAL 9.8 NVD May 27, 2026
CVE-2026-8707 The NS Product icon badge plugin for WordPress is vulnerable to Reflected Cross- MEDIUM 6.1 NVD May 27, 2026
CVE-2026-8703 The Endless Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scrip MEDIUM 6.4 NVD May 27, 2026
CVE-2026-8702 The GBI To Print plugin for WordPress is vulnerable to Stored Cross-Site Scripti MEDIUM 6.4 NVD May 27, 2026
CVE-2026-8701 The GNTT Post Title Ticker plugin for WordPress is vulnerable to Stored Cross-Si MEDIUM 6.4 NVD May 27, 2026
CVE-2026-8698 The Cryptocurrency Prijsvergelijking Widget plugin for WordPress is vulnerable t MEDIUM 6.4 NVD May 27, 2026
CVE-2026-8048 The My Email Shortcode plugin for WordPress is vulnerable to Stored Cross-Site S MEDIUM 6.4 NVD May 27, 2026
CVE-2026-8040 The faq shortocde plugin for WordPress is vulnerable to Stored Cross-Site Script MEDIUM 6.4 NVD May 27, 2026
CVE-2026-6268 The EventPress WordPress theme before 22 HIGH 7.1 NVD May 27, 2026
CVE-2026-8450 HTTP::Daemon versions before 6 CRITICAL 9.1 NVD May 27, 2026
CVE-2026-49000 An insecure password scheme refers to vulnerabilities arising from improper sele HIGH 7.0 NVD May 27, 2026
CVE-2026-9631 A vulnerability was detected in UTT HiPER 1250GW up to 3 HIGH 8.8 NVD May 27, 2026
CVE-2026-9628 A weakness has been identified in UTT HiPER 1200GW up to 2 HIGH 8.8 NVD May 27, 2026
CVE-2026-9627 A security flaw has been discovered in UTT HiPER 1200GW up to 2 HIGH 8.8 NVD May 27, 2026
CVE-2026-9207 Connect — Tanium addressed an unauthorized code execution vulnerabilit HIGH 8.8 NVD May 27, 2026
CVE-2026-9156 Tanium addressed a denial of service vulnerability in Tanium Server MEDIUM 6.5 NVD May 27, 2026
CVE-2026-6565 The Style Kits – Advanced Theme Styles for Elementor, Elementor Kits & Elementor MEDIUM 6.4 NVD May 27, 2026
CVE-2026-49014 In GDAL 3 HIGH 7.4 NVD May 27, 2026
CVE-2026-9607 A vulnerability was found in itsourcecode Courier Management System 1 MEDIUM 6.3 NVD May 27, 2026
CVE-2026-9606 A vulnerability has been found in itsourcecode Courier Management System 1 HIGH 7.3 NVD May 27, 2026
CVE-2026-9605 A flaw has been found in GNU libredwg up to 0 HIGH 7.3 NVD May 27, 2026
CVE-2026-45321 TanStack - TanStack CRITICAL N/A CISA May 27, 2026
EDB-52585 [local] Linux Kernel - Local Privilege Escalation HIGH N/A EXPLOIT-DB May 27, 2026
EDB-52584 [webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversal HIGH N/A EXPLOIT-DB May 27, 2026
EDB-52583 [webapps] EspoCRM 9.3.3 - SSRF HIGH N/A EXPLOIT-DB May 27, 2026
EDB-52582 [webapps] scramble - Remote Code Execution HIGH N/A EXPLOIT-DB May 27, 2026
EDB-52581 [hardware] MeiG Smart FORGE_SLT711 - OS Command Injection HIGH N/A EXPLOIT-DB May 27, 2026
EDB-52580 [local] Realtek rtl819x - Local Privilege HIGH N/A EXPLOIT-DB May 27, 2026
EDB-52579 [webapps] OpenCATS 0.9.7.4 - SQL Injection HIGH N/A EXPLOIT-DB May 27, 2026
CVE-2026-8398 Daemon - Daemon Tools Lite CRITICAL N/A CISA May 27, 2026
CVE-2026-48027 Nx - Nx Console CRITICAL N/A CISA May 27, 2026
CVE-2026-40383 Joomla\! — An improper validation of user-supplied input leads to a loc CRITICAL 9.8 NVD May 26, 2026
CVE-2026-35222 Joomla\! — Improperly validated order clauses lead to a SQL injection v CRITICAL 9.8 NVD May 26, 2026
CVE-2026-35221 Joomla\! — Improperly built filter clauses lead to a SQL injection vuln CRITICAL 9.8 NVD May 26, 2026
CVE-2026-30895 Joomla\! — Lack of output escaping leads to a XSS vector in the readmor MEDIUM 6.1 NVD May 26, 2026
CVE-2026-30894 Joomla\! — Lack of output escaping leads to a XSS vector in the content MEDIUM 6.1 NVD May 26, 2026
CVE-2026-25901 Joomla\! — Lack of output escaping leads to a XSS vector in the multili MEDIUM 6.1 NVD May 26, 2026
CVE-2026-25900 Joomla\! — Lack of output escaping leads to a XSS vector in the feed mo MEDIUM 6.1 NVD May 26, 2026
CVE-2026-24212 Isaac Launchable — NVIDIA Isaac Launchable for Linux contains a vulnerability w HIGH 7.5 NVD May 26, 2026
CVE-2026-24162 NVIDIA Transformers4Rec for Linux contains a vulnerability where an attacker cou HIGH 7.8 NVD May 26, 2026
CVE-2025-36126 IBM Cognos Analytics 11 MEDIUM 6.4 NVD May 26, 2026
CVE-2026-41401 libyang before 5 MEDIUM 6.5 NVD May 26, 2026
CVE-2026-40034 gix-submodule before 0 HIGH 7.8 NVD May 26, 2026
CVE-2026-40033 Freerdp — FreeRDP before 3 HIGH 8.8 NVD May 26, 2026
CVE-2026-9544 A vulnerability was found in Shenzhen Sixun Software Sixun Shanghui Group Busine HIGH 7.3 NVD May 26, 2026
CVE-2026-9543 A vulnerability has been found in Totolink N300RH 6 CRITICAL 9.8 NVD May 26, 2026
CVE-2026-9542 A weakness has been identified in CodeAstro Leave Management System 1 MEDIUM 6.3 NVD May 26, 2026
CVE-2026-7374 A flaw was found in KubeVirt's virt-handler component CRITICAL 9.9 NVD May 26, 2026
CVE-2026-48133 When the Identity Awareness blade is enabled with Browser-Based Authentication, HIGH 7.5 NVD May 26, 2026
CVE-2026-48132 The Security Gateway does not correctly validate a length value in certain IKE p HIGH 8.1 NVD May 26, 2026
CVE-2026-48131 The VPN service may mishandle an unexpected IKE fragment value received on the I HIGH 8.1 NVD May 26, 2026
CVE-2025-11482 An Allocation of Resources Without Limits or Throttling vulnerability in the OPC HIGH 7.5 NVD May 26, 2026
CVE-2026-25104 MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability HIGH 7.8 NVD May 26, 2026
CVE-2026-8047 The affected products perform improper length checking when parsing incoming HTT HIGH 7.5 NVD May 26, 2026
CVE-2026-8046 The affected products insufficiently verify authorization when deleting user acc HIGH 8.1 NVD May 26, 2026
CVE-2026-44469 The affected product extracts installation files to a temporary directory with i HIGH 7.8 NVD May 26, 2026
CVE-2026-44468 The affected product creates a directory with insecure default permissions durin HIGH 7.8 NVD May 26, 2026
CVE-2026-9534 A flaw has been found in Totolink CA750-PoE 6 MEDIUM 6.3 NVD May 26, 2026
CVE-2026-9533 A vulnerability was detected in Totolink CA750-PoE 6 MEDIUM 6.3 NVD May 26, 2026
CVE-2026-9532 A security vulnerability has been detected in Totolink CA750-PoE 6 MEDIUM 6.3 NVD May 26, 2026
CVE-2026-9496 Versions of the package pacote from 11 HIGH 7.5 NVD May 26, 2026
CVE-2026-9495 Versions of the package @koa/router from 14 HIGH 7.3 NVD May 26, 2026
CVE-2026-9531 A weakness has been identified in Totolink CA750-PoE 6 MEDIUM 6.3 NVD May 26, 2026
CVE-2026-9528 A vulnerability was identified in itsourcecode Electronic Judging System 1 HIGH 7.3 NVD May 26, 2026
CVE-2026-9526 A vulnerability was found in itsourcecode Electronic Judging System 1 HIGH 7.3 NVD May 26, 2026
CVE-2026-9517 A vulnerability was determined in hemant6488 CodeIgniter-StudentManagementSystem HIGH 7.3 NVD May 26, 2026
CVE-2026-9515 A vulnerability was detected in Totolink CA750-PoE 6 MEDIUM 6.3 NVD May 26, 2026
CVE-2026-8376 Perl — Perl versions through 5 CRITICAL 9.8 NVD May 26, 2026
EDB-52573 [local] Linux Kernel 6.8 - Local Privilege Escalation HIGH N/A EXPLOIT-DB May 26, 2026
EDB-52574 [webapps] cPanel - CRLF Injection HIGH N/A EXPLOIT-DB May 26, 2026
EDB-52575 [webapps] Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover HIGH N/A EXPLOIT-DB May 26, 2026
EDB-52576 [hardware] D-Link DSL2600U - 'rom-0' Admin Password Disclosure HIGH N/A EXPLOIT-DB May 26, 2026
EDB-52577 [webapps] Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service HIGH N/A EXPLOIT-DB May 26, 2026
EDB-52578 [webapps] Grav CMS 2.0.0-beta.2 - Remote Code Execution HIGH N/A EXPLOIT-DB May 26, 2026
CVE-2026-48172 LiteSpeed - cPanel Plugin CRITICAL N/A CISA May 26, 2026
CVE-2026-9514 A security vulnerability has been detected in Totolink CA750-PoE 6 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-9513 A weakness has been identified in Totolink CA750-PoE 6 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-9512 A security flaw has been discovered in Totolink CA750-PoE 6 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-48837 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 8.5 NVD May 25, 2026
CVE-2026-45438 Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce a HIGH 7.5 NVD May 25, 2026
CVE-2026-45435 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti MEDIUM 6.5 NVD May 25, 2026
CVE-2026-45217 Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeH MEDIUM 6.5 NVD May 25, 2026
CVE-2026-45216 Incorrect Privilege Assignment vulnerability in StoreApps Smart Manager allows P HIGH 8.8 NVD May 25, 2026
CVE-2026-45209 Missing Authorization vulnerability in edward_plainview MyCryptoCheckout allows HIGH 7.5 NVD May 25, 2026
CVE-2026-42776 Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Ex MEDIUM 6.3 NVD May 25, 2026
CVE-2026-42774 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti CRITICAL 9.3 NVD May 25, 2026
CVE-2026-42773 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti CRITICAL 9.3 NVD May 25, 2026
CVE-2026-42763 Missing Authorization vulnerability in SePay team SePay Gateway allows Retrieve MEDIUM 6.5 NVD May 25, 2026
CVE-2026-39436 Cross-Site Request Forgery (CSRF) vulnerability in bgermann CformsII allows Cros HIGH 7.1 NVD May 25, 2026
CVE-2026-24937 Improper Control of Generation of Code ('Code Injection') vulnerability in Video HIGH 7.2 NVD May 25, 2026
CVE-2026-48846 In Roundcube Webmail 1 MEDIUM 6.5 NVD May 25, 2026
CVE-2026-48845 In Roundcube Webmail 1 MEDIUM 6.5 NVD May 25, 2026
CVE-2026-48844 Roundcube Webmail 1 HIGH 7.5 NVD May 25, 2026
CVE-2026-48843 Roundcube Webmail 1 HIGH 7.2 NVD May 25, 2026
CVE-2026-48842 Roundcube Webmail 1 HIGH 8.1 NVD May 25, 2026
CVE-2026-9483 A vulnerability was found in SourceCodester Student Grades Management System 1 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-9482 A vulnerability has been found in Edimax EW-7438RPn 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9481 A flaw has been found in Edimax EW-7438RPn 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9480 A vulnerability was detected in Edimax EW-7438RPn 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9479 A security vulnerability has been detected in Edimax EW-7438RPn 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9478 A weakness has been identified in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9477 A security flaw has been discovered in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9476 A vulnerability was identified in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9475 A vulnerability was determined in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9474 A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f HIGH 7.3 NVD May 25, 2026
CVE-2026-9473 A vulnerability has been found in c-rick jimeng-mcp 1 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-9472 A flaw has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af8176 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-27768 SQL Injection affecting the Access Manager role MEDIUM 6.6 NVD May 25, 2026
CVE-2018-25359 Splinterware System Scheduler Pro 5 HIGH 8.4 NVD May 25, 2026
CVE-2026-9461 A security vulnerability has been detected in Edimax EW-7438RPn 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9460 A weakness has been identified in Edimax EW-7438RPn 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9459 A security flaw has been discovered in Edimax EW-7438RPn 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9458 A vulnerability was identified in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9457 A vulnerability was determined in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9456 A vulnerability was found in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9455 A vulnerability has been found in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9454 A flaw has been found in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9453 A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76 HIGH 7.3 NVD May 25, 2026
CVE-2026-9452 A security vulnerability has been detected in FoundDream miniclawd up to 2d65665 HIGH 7.3 NVD May 25, 2026
CVE-2026-9451 A weakness has been identified in code-projects Employee Management System 1 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-9450 A security flaw has been discovered in code-projects Employee Management System MEDIUM 6.3 NVD May 25, 2026
CVE-2026-9449 A vulnerability was identified in code-projects Employee Management System 1 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-9447 A vulnerability was found in SourceCodester Simple POS and Inventory System 1 HIGH 7.3 NVD May 25, 2026
CVE-2026-9436 A flaw has been found in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9435 A vulnerability was detected in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-4915 Mattermost versions 11 MEDIUM 6.5 NVD May 25, 2026
CVE-2026-45249 A cross-site scripting (XSS) vulnerability exists in Apache ECharts in the Lines MEDIUM 6.1 NVD May 25, 2026
CVE-2026-9434 A security vulnerability has been detected in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9433 A weakness has been identified in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9432 A security flaw has been discovered in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9431 A vulnerability was identified in Tenda F1202 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9430 A vulnerability was determined in Tenda F1202 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9429 A vulnerability was found in Tenda F1202 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9428 A vulnerability has been found in Tenda F1202 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-41863 Spring AI's support for Anthropic's Skills API used LLM-influenced filenames uns MEDIUM 6.5 NVD May 25, 2026
CVE-2026-25193 Insertion of Sensitive Information into Log File (CWE-532) in some Command Centr HIGH 8.1 NVD May 25, 2026
CVE-2026-9427 A flaw has been found in Edimax EW-7438RPn 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9426 A vulnerability was detected in Edimax EW-7438RPn 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9425 A security vulnerability has been detected in Edimax EW-7438RPn 1 HIGH 8.8 NVD May 25, 2026
CVE-2026-9424 A weakness has been identified in Edimax EW-7438RPn 1 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-9422 A vulnerability was identified in KLiK SocialMediaWebsite 1 HIGH 7.3 NVD May 25, 2026
CVE-2026-9412 A vulnerability was determined in SourceCodester Indian Invoicing System 1 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-9411 A vulnerability was found in SourceCodester Indian Invoicing System 1 MEDIUM 6.3 NVD May 25, 2026
CVE-2026-9408 A vulnerability was detected in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9407 A security vulnerability has been detected in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9406 A weakness has been identified in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9405 A security flaw has been discovered in Totolink A8000RU 7 CRITICAL 9.8 NVD May 25, 2026
CVE-2026-9404 A vulnerability was identified in Totolink A8000RU 7 CRITICAL 9.8 NVD May 24, 2026
CVE-2026-9403 A vulnerability was determined in Edimax BR-6675nD 1 HIGH 8.8 NVD May 24, 2026
CVE-2026-9402 A vulnerability was found in Edimax BR-6675nD 1 MEDIUM 6.3 NVD May 24, 2026
CVE-2026-9401 A vulnerability has been found in Edimax BR-6675nD 1 HIGH 8.8 NVD May 24, 2026
CVE-2026-9400 A flaw has been found in Edimax BR-6675nD 1 MEDIUM 6.3 NVD May 24, 2026
CVE-2026-9399 A vulnerability was detected in Edimax BR-6675nD 1 HIGH 8.8 NVD May 24, 2026
CVE-2026-9397 A weakness has been identified in Besen BS20 EV Charging Station up to 20260426 HIGH 8.1 NVD May 24, 2026
CVE-2026-9393 A vulnerability was found in H3C Magic B0 up to 100R002 HIGH 8.8 NVD May 24, 2026
CVE-2026-9082 Drupal - Core CRITICAL N/A CISA May 22, 2026
CVE-2026-39593 Missing Authorization vulnerability in VillaTheme HAPPY allows Exploiting Incorr MEDIUM 6.5 NVD May 21, 2026
CVE-2026-48207 Deserialization of untrusted data in Apache Fory PyFory CRITICAL 9.8 NVD May 21, 2026
CVE-2026-44064 An out-of-bounds read in ASP session ID handling in Netatalk 1 HIGH 7.1 NVD May 21, 2026
CVE-2026-44062 A missing output length bounds check in pull_charset_flags() in Netatalk 2 HIGH 7.5 NVD May 21, 2026
CVE-2026-44060 An integer underflow in dsi_writeinit() in Netatalk 1 HIGH 7.5 NVD May 21, 2026
CVE-2026-44058 An authentication bypass vulnerability in Netatalk 2 HIGH 7.2 NVD May 21, 2026
CVE-2026-44056 A stack-based buffer overflow in desktop MEDIUM 6.4 NVD May 21, 2026
CVE-2026-44055 A logic error involving bitwise OR operations in Netatalk 3 HIGH 7.5 NVD May 21, 2026
CVE-2026-44054 Netatalk 2 MEDIUM 6.5 NVD May 21, 2026
CVE-2026-44053 Netatalk 1 HIGH 7.4 NVD May 21, 2026
CVE-2026-44052 Netatalk 2 HIGH 7.5 NVD May 21, 2026
CVE-2026-44051 An improper link resolution vulnerability in Netatalk 3 HIGH 8.1 NVD May 21, 2026
CVE-2026-44050 A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk CRITICAL 9.9 NVD May 21, 2026
CVE-2026-44049 An out-of-bounds write due to improper null termination in convert_charset() in HIGH 7.5 NVD May 21, 2026
CVE-2026-44048 A stack-based buffer overflow via UCS-2 type confusion in convert_charset() in N HIGH 8.8 NVD May 21, 2026
CVE-2026-44047 An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3 HIGH 8.8 NVD May 21, 2026
CVE-2026-6279 The Avada Builder (fusion-builder) plugin for WordPress is vulnerable to Unauthe CRITICAL 9.8 NVD May 21, 2026
CVE-2026-1543 The Avada (Fusion) Builder plugin for WordPress is vulnerable to Stored Cross-Si MEDIUM 6.4 NVD May 21, 2026
CVE-2026-9149 A flaw was found in libsolv MEDIUM 6.5 NVD May 21, 2026
CVE-2026-40165 authentik is an open-source identity provider HIGH 8.7 NVD May 21, 2026
CVE-2025-34291 Langflow - Langflow CRITICAL N/A CISA May 21, 2026
EDB-52568 [webapps] FUXA 1.2.9 - RCE HIGH N/A EXPLOIT-DB May 21, 2026
EDB-52569 [webapps] solaredge - (CSRF-OOB-Injection) HIGH N/A EXPLOIT-DB May 21, 2026
EDB-52570 [local] Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path HIGH N/A EXPLOIT-DB May 21, 2026
EDB-52571 [webapps] BookStack 25.12.1 - Denial of Service HIGH N/A EXPLOIT-DB May 21, 2026
EDB-52572 [webapps] Cockpit 359 - RCE HIGH N/A EXPLOIT-DB May 21, 2026
CVE-2026-34926 Trend Micro - Apex One CRITICAL N/A CISA May 21, 2026
CVE-2026-9150 A flaw was found in libsolv MEDIUM 6.5 NVD May 20, 2026
CVE-2026-24216 Bionemo Framework — NVIDIA BioNemo for Linux contains a vulnerability where a us HIGH 7.8 NVD May 20, 2026
CVE-2026-24188 NVIDIA TensorRT contains a vulnerability where an attacker could cause an out-of HIGH 8.2 NVD May 20, 2026
CVE-2026-30691 Cross-Site Scripting (XSS) vulnerability in @cyntler/react-doc-viewer v1 MEDIUM 6.1 NVD May 20, 2026
CVE-2026-20240 Splunk — In Splunk Enterprise versions below 10 MEDIUM 6.5 NVD May 20, 2026
CVE-2026-20239 Splunk — In Splunk Enterprise versions below 10 HIGH 7.5 NVD May 20, 2026
CVE-2026-20238 In Splunk AI Toolkit versions below 5 MEDIUM 6.5 NVD May 20, 2026
CVE-2026-9087 A flaw was found in Keycloak MEDIUM 6.4 NVD May 20, 2026
CVE-2026-7613 The Cost of Goods by PixelYourSite plugin for WordPress is vulnerable to Stored HIGH 7.2 NVD May 20, 2026
CVE-2026-44926 InfoScale CmdServer before 7 HIGH 8.8 NVD May 20, 2026
CVE-2026-44925 Infoscale Operations Manager — Cross-Site Request Forgery (CSRF) vulnerability in InfoScale HIGH 8.8 NVD May 20, 2026
CVE-2026-44923 Infoscale Operations Manager — SQL injection in InfoScale VIOM before v9 MEDIUM 6.5 NVD May 20, 2026
CVE-2026-20223 A vulnerability in the&nbsp;access validation of internal REST APIs of Cisco Sec CRITICAL 10.0 NVD May 20, 2026
CVE-2026-20206 A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Age MEDIUM 6.3 NVD May 20, 2026
CVE-2026-20171 A vulnerability in the Border Gateway Protocol (BGP)&nbsp;enforce-first-as featu MEDIUM 6.8 NVD May 20, 2026
CVE-2026-42834 Windows Admin Center — Improper link resolution before file access ('link following HIGH 7.8 NVD May 20, 2026
CVE-2026-42383 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 7.6 NVD May 20, 2026
CVE-2026-3593 Bind — A use-after-free vulnerability exists within the DNS-over-HT HIGH 7.4 NVD May 20, 2026
CVE-2026-3039 Bind — BIND servers that are configured to use TKEY-based authentic HIGH 7.5 NVD May 20, 2026
CVE-2026-29518 Rsync — Rsync versions before 3 HIGH 7.0 NVD May 20, 2026
CVE-2026-27405 Missing Authorization vulnerability in Magepeople inc MEDIUM 6.5 NVD May 20, 2026
CVE-2026-24573 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti MEDIUM 6.5 NVD May 20, 2026
CVE-2025-11954 Cross-Site request forgery (CSRF) vulnerability in Sitemio Information Technolog HIGH 8.0 NVD May 20, 2026
CVE-2026-22315 Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Co HIGH 7.2 NVD May 20, 2026
CVE-2026-22314 Improper Control of Generation of Code ('Code Injection') vulnerability in Mesal CRITICAL 9.0 NVD May 20, 2026
CVE-2026-0857 Cleartext Storage of Sensitive Information in Memory vulnerability in Mesalvo Me MEDIUM 6.0 NVD May 20, 2026
CVE-2026-0856 Improper Access Control vulnerability in Mesalvo Meona Client Launcher Component HIGH 7.8 NVD May 20, 2026
CVE-2026-41054 In `src/havegecmd HIGH 7.8 NVD May 20, 2026
CVE-2026-35070 Dell SmartFabric Storage Software, versions prior to 1 MEDIUM 6.4 NVD May 20, 2026
CVE-2026-33278 Unbound — NLnet Labs Unbound 1 CRITICAL 9.8 NVD May 20, 2026
CVE-2026-5200 The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution HIGH 8.8 NVD May 20, 2026
CVE-2026-5776 The Email Encoder WordPress plugin before 2 MEDIUM 6.1 NVD May 20, 2026
CVE-2026-47784 Memcached — In memcached before 1 HIGH 8.1 NVD May 20, 2026
CVE-2026-47783 Memcached — In memcached before 1 HIGH 8.1 NVD May 20, 2026
CVE-2026-2955 The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable MEDIUM 6.4 NVD May 20, 2026
CVE-2026-9057 A broken access control issue has been identified in the Talend Administration C HIGH 8.2 NVD May 20, 2026
CVE-2026-7522 The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Lo HIGH 8.8 NVD May 20, 2026
CVE-2026-43618 Rsync — Rsync version 3 HIGH 8.1 NVD May 20, 2026
CVE-2026-3985 The Creative Mail – Easier WordPress & WooCommerce Email Marketing plugin for Wo HIGH 7.5 NVD May 20, 2026
CVE-2026-45585 Windows 11 24H2 — Microsoft is aware of a security feature bypass vulnerabilit MEDIUM 6.8 NVD May 20, 2026
CVE-2026-35593 Trilium Notes is an open-source, cross-platform hierarchical note taking applica MEDIUM 6.8 NVD May 20, 2026
CVE-2009-1537 Microsoft - DirectX CRITICAL N/A CISA May 20, 2026
CVE-2026-41091 Microsoft - Defender CRITICAL N/A CISA May 20, 2026
CVE-2010-0806 Microsoft - Internet Explorer CRITICAL N/A CISA May 20, 2026
CVE-2010-0249 Microsoft - Internet Explorer CRITICAL N/A CISA May 20, 2026
CVE-2009-3459 Adobe - Acrobat and Reader CRITICAL N/A CISA May 20, 2026
CVE-2008-4250 Microsoft - Windows CRITICAL N/A CISA May 20, 2026
CVE-2026-45498 Microsoft - Defender CRITICAL N/A CISA May 20, 2026
CVE-2026-8495 Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing CRITICAL 9.8 NVD May 19, 2026
CVE-2026-6871 Obfuscate — Improper Neutralization of Input During Web Page Generation MEDIUM 6.1 NVD May 19, 2026
CVE-2026-6367 Drupal — Improper Neutralization of Input During Web Page Generation MEDIUM 6.1 NVD May 19, 2026
CVE-2026-6366 Drupal — Improperly Controlled Modification of Dynamically-Determined MEDIUM 6.6 NVD May 19, 2026
CVE-2026-6365 Drupal — Improper Neutralization of Input During Web Page Generation MEDIUM 6.1 NVD May 19, 2026
CVE-2026-6095 Orejime — Improper Neutralization of Input During Web Page Generation MEDIUM 6.1 NVD May 19, 2026
CVE-2026-33741 EspoCRM is an open source customer relationship management application MEDIUM 6.8 NVD May 19, 2026
CVE-2026-33642 Kitty is a cross-platform GPU based terminal CRITICAL 9.9 NVD May 19, 2026
CVE-2026-32738 Libheif — libheif is a HEIF and AVIF file format decoder and encoder MEDIUM 6.5 NVD May 19, 2026
CVE-2026-47107 Windmill prior to 1 HIGH 8.1 NVD May 19, 2026
CVE-2026-33633 Kitty is a cross-platform GPU based terminal HIGH 7.5 NVD May 19, 2026
CVE-2025-61081 In BYD Atto3, an attacker can obtain an authentication key through Brute Force a HIGH 7.5 NVD May 19, 2026
CVE-2026-47358 Terrascan — Terrascan v1 HIGH 7.5 NVD May 19, 2026
CVE-2026-47357 Terrascan — Terrascan v1 HIGH 7.5 NVD May 19, 2026
CVE-2026-47356 Terrascan — Terrascan v1 HIGH 7.5 NVD May 19, 2026
CVE-2026-36829 An authentication bypass vulnerability exists in the embedded HTTP server of Pan CRITICAL 9.8 NVD May 19, 2026
CVE-2026-36828 A command injection vulnerability exists in the /cgi-bin/tools/ajax_cmd endpoint HIGH 8.8 NVD May 19, 2026
CVE-2026-8912 The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the HIGH 7.5 NVD May 19, 2026
CVE-2026-4883 The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file upload du CRITICAL 9.8 NVD May 19, 2026
CVE-2026-7571 A flaw was found in Keycloak HIGH 7.1 NVD May 19, 2026
CVE-2026-7507 A session fixation vulnerability was found in Keycloak's login-actions endpoints HIGH 7.5 NVD May 19, 2026
CVE-2026-7504 A flaw was found in Keycloak's URL validation logic during redirect operations HIGH 8.1 NVD May 19, 2026
CVE-2026-7307 A flaw was found in Keycloak HIGH 7.5 NVD May 19, 2026
CVE-2026-4630 A flaw was found in Keycloak MEDIUM 6.8 NVD May 19, 2026
CVE-2026-43493 crypto: pcrypt - Fix handling of MAY_BACKLOG requests MAY_BACKLOG requests can CRITICAL 9.8 NVD May 19, 2026
CVE-2026-37982 A flaw was found in Keycloak MEDIUM 6.8 NVD May 19, 2026
CVE-2026-37979 A flaw was found in Keycloak MEDIUM 6.5 NVD May 19, 2026
CVE-2026-29220 Ofbiz — Improper Limitation of a Pathname to a Restricted Directory MEDIUM 6.5 NVD May 19, 2026
CVE-2026-29207 Ofbiz — Improper Neutralization of Special Elements Used in a Templa MEDIUM 6.5 NVD May 19, 2026
CVE-2026-44408 There is an unauthorized access vulnerability in ZTE MU5250 MEDIUM 6.3 NVD May 19, 2026
CVE-2026-4885 The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbit CRITICAL 9.8 NVD May 19, 2026
CVE-2026-47314 Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflo HIGH 7.8 NVD May 19, 2026
CVE-2026-8813 This affects versions of the package exifreader before 4 HIGH 7.5 NVD May 19, 2026
CVE-2026-47311 Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows HIGH 7.8 NVD May 19, 2026
CVE-2026-47310 Use after free vulnerability in Samsung Open Source Escargot allows Pointer Mani HIGH 7.8 NVD May 19, 2026
CVE-2025-15609 The Fortis for WooCommerce WordPress plugin before 1 HIGH 7.5 NVD May 19, 2026
CVE-2026-28733 in OpenHarmony v6 MEDIUM 6.5 NVD May 19, 2026
CVE-2026-27648 in OpenHarmony v6 HIGH 8.8 NVD May 19, 2026
CVE-2026-25781 in OpenHarmony v6 HIGH 8.4 NVD May 19, 2026
CVE-2026-24792 in OpenHarmony v6 HIGH 8.1 NVD May 19, 2026
CVE-2026-22069 A local privilege escalation vulnerability exists in O+ Connect because it fails HIGH 7.3 NVD May 19, 2026
CVE-2026-33233 AutoGPT is a workflow automation platform for creating, deploying, and managing HIGH 7.6 NVD May 19, 2026
CVE-2026-33232 AutoGPT is a workflow automation platform for creating, deploying, and managing HIGH 7.5 NVD May 19, 2026
CVE-2026-32323 Mullvad VPN is a VPN client app for desktop and mobile HIGH 7.3 NVD May 19, 2026
CVE-2026-30950 AutoGPT is a workflow automation platform for creating, deploying, and managing HIGH 7.1 NVD May 18, 2026
CVE-2026-8836 A vulnerability was found in lwIP up to 2 CRITICAL 9.8 NVD May 18, 2026
CVE-2026-45243 Summarize — Summarize prior to 0 MEDIUM 6.1 NVD May 18, 2026
CVE-2026-45242 Summarize — Summarize prior to 0 HIGH 7.1 NVD May 18, 2026
CVE-2026-45231 DumbAssets through 1 MEDIUM 6.1 NVD May 18, 2026
CVE-2026-45495 Edge Chromium — Microsoft Edge (Chromium-based) Remote Code Execution Vulner HIGH 8.8 NVD May 18, 2026
CVE-2026-45230 DumbAssets through 1 CRITICAL 9.1 NVD May 18, 2026
CVE-2026-42822 Improper authentication in Azure Local Disconnected Operations allows an unautho CRITICAL 10.0 NVD May 18, 2026
CVE-2026-29965 Mailinspector — HSC MailInspector 5 MEDIUM 6.1 NVD May 18, 2026
CVE-2026-29964 Mailinspector — HSC MailInspector v5 MEDIUM 6.1 NVD May 18, 2026
CVE-2026-29963 Mailinspector — HSC MailInspector 5 HIGH 7.5 NVD May 18, 2026
CVE-2026-29962 Mailinspector — HSC MailInspector v5 HIGH 7.5 NVD May 18, 2026
CVE-2023-24215 Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware CRITICAL 9.1 NVD May 18, 2026
CVE-2026-8843 Creating a "2dsphere_bucket" index on a non-timeseries bucket collection will su MEDIUM 6.5 NVD May 18, 2026
CVE-2026-41085 Thermo Fisher Scientific Torrent Suite Dx through 5 HIGH 8.8 NVD May 18, 2026
CVE-2026-38719 OpENer v2 MEDIUM 6.2 NVD May 18, 2026
CVE-2026-20685 An attacker in a privileged network position may be able to leak sensitive infor MEDIUM 6.5 NVD May 18, 2026
CVE-2025-57282 ngrok v4 HIGH 8.8 NVD May 18, 2026
CVE-2025-56352 In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), the br HIGH 7.5 NVD May 18, 2026
CVE-2026-41948 Dify — Dify version 1 HIGH 7.7 NVD May 18, 2026
CVE-2026-41947 Dify — Dify version 1 HIGH 7.4 NVD May 18, 2026
CVE-2026-39079 An issue in prestashop upsshipping all versions through at least 2 HIGH 7.5 NVD May 18, 2026
CVE-2026-26462 Offline Hospital Management System 5 HIGH 7.3 NVD May 18, 2026
CVE-2026-42009 A flaw was found in gnutls HIGH 7.5 NVD May 18, 2026
CVE-2026-7304 Sglang — SGLangs multimodal generation runtime is vulnerable to unaut CRITICAL 9.8 NVD May 18, 2026
CVE-2026-7302 Sglang — SGLangs multimodal generation runtime is vulnerable to an un CRITICAL 9.1 NVD May 18, 2026
CVE-2026-7301 Sglang — SGLangs multimodal generation runtime scheduler's ROUTER soc CRITICAL 9.8 NVD May 18, 2026
CVE-2026-41119 Dell Live Optics Windows and Personal Edition collectors contain an improper cer MEDIUM 6.8 NVD May 18, 2026
CVE-2026-3471 Mattermost Desktop App versions <=6 MEDIUM 6.5 NVD May 18, 2026
CVE-2026-3117 Mattermost Plugins versions <=11 MEDIUM 6.5 NVD May 18, 2026
CVE-2026-8788 Net::Statsd::Lite versions through 0 HIGH 7.3 NVD May 18, 2026
CVE-2026-6495 The Ajax Load More WordPress plugin before 7 HIGH 7.1 NVD May 18, 2026
CVE-2026-6381 The WP Maps WordPress plugin before 4 HIGH 7.5 NVD May 18, 2026
CVE-2026-6379 The WP Photo Album Plus WordPress plugin before 9 HIGH 8.6 NVD May 18, 2026
CVE-2026-3220 The Autoptimize WordPress plugin before 3 HIGH 8.8 NVD May 18, 2026
CVE-2026-8777 A vulnerability was found in Edimax BR-6428NS 1 MEDIUM 6.3 NVD May 18, 2026
CVE-2026-8776 A vulnerability has been found in Edimax BR-6428NS 1 HIGH 8.8 NVD May 18, 2026
CVE-2026-8775 A flaw has been found in Edimax BR-6428NS 1 HIGH 8.8 NVD May 18, 2026
CVE-2026-8774 A vulnerability was detected in Edimax BR-6228NC 1 MEDIUM 6.3 NVD May 18, 2026
CVE-2026-8771 A security flaw has been discovered in linlinjava litemall up to 1 HIGH 7.3 NVD May 18, 2026
CVE-2026-8768 Ai — A vulnerability was found in vercel ai up to 3 HIGH 7.3 NVD May 17, 2026
CVE-2026-8764 A security vulnerability has been detected in H3C Magic B3 up to 100R002 HIGH 7.2 NVD May 17, 2026
CVE-2026-8721 Crypt::OpenSSL::PKCS12 versions through 1 CRITICAL 9.8 NVD May 17, 2026
CVE-2026-8507 Crypt::OpenSSL::PKCS12 versions through 1 CRITICAL 9.8 NVD May 17, 2026
CVE-2026-46720 Net::Statsd::Tiny versions before 0 HIGH 8.2 NVD May 17, 2026
CVE-2018-25333 Nordex N149/4 HIGH 8.2 NVD May 17, 2026
CVE-2018-25332 GitBucket 4 CRITICAL 9.8 NVD May 17, 2026
CVE-2018-25331 Zenar Content Management System contains a cross-site scripting vulnerability th MEDIUM 6.1 NVD May 17, 2026
CVE-2018-25330 Joomla! extension EkRishta 2 HIGH 8.2 NVD May 17, 2026
CVE-2018-25329 WordPress Plugin WP with Spritz 1 HIGH 7.5 NVD May 17, 2026
CVE-2018-25328 VX Search 10 HIGH 8.4 NVD May 17, 2026
CVE-2018-25326 Google Drive for WordPress 2 HIGH 7.5 NVD May 17, 2026
CVE-2018-25325 Woocommerce CSV Importer 3 HIGH 7.5 NVD May 17, 2026
CVE-2018-25324 Simple Fields 0 MEDIUM 6.2 NVD May 17, 2026
CVE-2018-25323 Allok AVI DivX MPEG to DVD Converter 2 HIGH 8.4 NVD May 17, 2026
CVE-2018-25322 Allok Fast AVI MPEG Splitter 1 HIGH 8.4 NVD May 17, 2026
CVE-2018-25320 ACL Analytics versions 11 CRITICAL 9.8 NVD May 17, 2026
CVE-2018-25319 Redaxo CMS Addon MyEvents 2 HIGH 7.1 NVD May 17, 2026
CVE-2026-8751 A security flaw has been discovered in h2oai h2o-3 up to 7402 HIGH 7.3 NVD May 17, 2026
CVE-2026-8747 A weakness has been identified in Z-BlogPHP 1 MEDIUM 6.3 NVD May 17, 2026
CVE-2026-8743 A vulnerability was found in Open5GS up to 2 MEDIUM 6.3 NVD May 17, 2026
CVE-2026-8740 A flaw has been found in Sanluan PublicCMS 5 MEDIUM 6.3 NVD May 17, 2026
CVE-2026-8738 A security vulnerability has been detected in Sanluan PublicCMS 5 MEDIUM 6.5 NVD May 17, 2026
CVE-2026-8735 A vulnerability was identified in Oinone Pamirs up to 7 MEDIUM 6.3 NVD May 17, 2026
CVE-2026-8734 A vulnerability was determined in Oinone Pamirs up to 7 HIGH 7.3 NVD May 17, 2026
CVE-2026-8733 A vulnerability was found in Investintech SlimPDFReader up to 2 MEDIUM 6.3 NVD May 17, 2026
CVE-2026-8719 The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPre HIGH 8.8 NVD May 17, 2026
CVE-2026-8725 A weakness has been identified in CoreWorxLab CAAL up to 1 HIGH 7.3 NVD May 17, 2026
CVE-2026-46728 Das U-Boot before 2026 HIGH 8.2 NVD May 16, 2026
CVE-2020-37244 Supsystic Membership 1 HIGH 8.2 NVD May 16, 2026
CVE-2020-37243 Supsystic Pricing Table 1 HIGH 8.2 NVD May 16, 2026
CVE-2020-37242 Supsystic Ultimate Maps 1 HIGH 8.2 NVD May 16, 2026
CVE-2020-37240 Queue Management System 4 MEDIUM 6.4 NVD May 16, 2026
CVE-2020-37239 libbabl 0 CRITICAL 9.8 NVD May 16, 2026
CVE-2020-37238 CMS Made Simple 2 MEDIUM 6.4 NVD May 16, 2026
CVE-2020-37237 Composr CMS 10 MEDIUM 6.4 NVD May 16, 2026
CVE-2020-37236 NewsLister contains an authenticated persistent cross-site scripting vulnerabili MEDIUM 6.4 NVD May 16, 2026
CVE-2020-37235 WordPress Theme Wibar 1 MEDIUM 6.4 NVD May 16, 2026
CVE-2020-37234 Internet Download Manager 6 MEDIUM 6.2 NVD May 16, 2026
CVE-2020-37233 WordPress Plugin Buddypress 6 MEDIUM 6.4 NVD May 16, 2026
CVE-2020-37232 Advanced System Care Service 13 HIGH 7.8 NVD May 16, 2026
CVE-2020-37231 Privacy Drive 3 HIGH 7.8 NVD May 16, 2026
CVE-2020-37230 Syncplify HIGH 7.8 NVD May 16, 2026
CVE-2020-37229 OKI sPSV Port Manager 1 HIGH 7.8 NVD May 16, 2026
CVE-2020-37228 iDS6 DSSPro Digital Signage System 6 CRITICAL 9.8 NVD May 16, 2026
CVE-2020-37227 HS Brand Logo Slider 2 HIGH 8.8 NVD May 16, 2026
CVE-2026-8657 Versions of the package jsondiffpatch before 0 HIGH 8.2 NVD May 16, 2026
CVE-2026-8656 Versions of the package jsondiffpatch before 0 MEDIUM 6.1 NVD May 16, 2026
CVE-2026-8695 radare2 6 HIGH 7.5 NVD May 15, 2026
CVE-2026-45539 Microsoft APM is an open-source, community-driven dependency manager for AI agen HIGH 7.4 NVD May 15, 2026
CVE-2026-45037 Tabby (formerly Terminus) is a highly configurable terminal emulator HIGH 7.1 NVD May 15, 2026
CVE-2026-45036 Tabby (formerly Terminus) is a highly configurable terminal emulator HIGH 7.0 NVD May 15, 2026
CVE-2026-44717 MCP Calculate Server is a mathematical calculation service based on MCP protocol CRITICAL 9.8 NVD May 15, 2026
CVE-2026-44714 The bitcoinj library is a Java implementation of the Bitcoin protocol HIGH 7.5 NVD May 15, 2026
CVE-2026-44641 Microsoft APM is an open-source, community-driven dependency manager for AI agen HIGH 7.1 NVD May 15, 2026
CVE-2026-42207 Magento Long Term Support (LTS) is an unofficial, community-driven project provi MEDIUM 6.1 NVD May 15, 2026
CVE-2026-41258 OpenMRS is an open source electronic medical record system platform CRITICAL 9.1 NVD May 15, 2026
CVE-2026-35194 Code injection in SQL code generation in Apache Flink 1 HIGH 8.1 NVD May 15, 2026
CVE-2026-8669 Imager versions through 1 MEDIUM 6.5 NVD May 15, 2026
CVE-2026-39054 Oinone Pamirs 7 HIGH 7.3 NVD May 15, 2026
CVE-2026-39053 Oinone Pamirs 7 MEDIUM 6.5 NVD May 15, 2026
CVE-2026-39052 Oinone Pamirs 7 MEDIUM 6.5 NVD May 15, 2026
CVE-2026-38728 An issue in Nodemailer smtp_server before v HIGH 7.5 NVD May 15, 2026
CVE-2026-34253 A buffer underflow vulnerability has been identified in the ogg123 utility from HIGH 8.2 NVD May 15, 2026
CVE-2025-67437 Medical Management System a81df1ce700a9662cb136b27af47f4cbde64156b is vulnerable MEDIUM 6.5 NVD May 15, 2026
CVE-2026-8503 Apache::Session::Generate::SHA256 versions before 1 MEDIUM 6.5 NVD May 15, 2026
CVE-2026-6415 The Advanced Custom Fields: Font Awesome plugin for WordPress is vulnerable to S MEDIUM 6.4 NVD May 15, 2026
CVE-2026-6403 The Quick Playground plugin for WordPress is vulnerable to Path Traversal in ver HIGH 7.5 NVD May 15, 2026
CVE-2026-6228 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege HIGH 8.8 NVD May 15, 2026
CVE-2026-5229 The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in v CRITICAL 9.8 NVD May 15, 2026
CVE-2026-4683 The Smartcat Translator for WPML plugin for WordPress is vulnerable to unauthori MEDIUM 6.5 NVD May 15, 2026
CVE-2026-6646 The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via th MEDIUM 6.4 NVD May 15, 2026
CVE-2026-4094 The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is HIGH 8.1 NVD May 15, 2026
CVE-2026-41702 VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that o HIGH 7.8 NVD May 15, 2026
EDB-52565 [local] Remote Sunrise Helper for Windows 2026.14 - Remote Code Execution HIGH N/A EXPLOIT-DB May 15, 2026
CVE-2026-42897 Microsoft - Microsoft CRITICAL N/A CISA May 15, 2026
EDB-52566 [local] Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing HIGH N/A EXPLOIT-DB May 15, 2026
EDB-52567 [local] Windows Snipping Tool - NTLMv2 Hash Hijack HIGH N/A EXPLOIT-DB May 15, 2026
CVE-2026-44514 Kubetail is a real-time logging dashboard for Kubernetes MEDIUM 6.5 NVD May 14, 2026
CVE-2026-44513 Diffusers is the a library for pretrained diffusion models HIGH 8.8 NVD May 14, 2026
CVE-2026-44511 Katalyst Koi is a framework for building Rails admin functionality HIGH 7.4 NVD May 14, 2026
CVE-2026-42555 Valtimo is an open-source business process automation platform CRITICAL 9.1 NVD May 14, 2026
CVE-2026-20224 A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN HIGH 8.6 NVD May 14, 2026
CVE-2026-6476 SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_creat HIGH 7.2 NVD May 14, 2026
CVE-2026-6475 Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allo HIGH 8.8 NVD May 14, 2026
CVE-2026-6473 Integer wraparound in multiple PostgreSQL server features allows an unprivileged HIGH 8.8 NVD May 14, 2026
CVE-2025-15025 Authorization bypass through User-Controlled key vulnerability in Yordam Informa HIGH 8.8 NVD May 14, 2026
CVE-2026-6008 Authorization bypass through User-Controlled key vulnerability in Im Park Inform MEDIUM 6.8 NVD May 14, 2026
CVE-2026-4031 The Database Backup for WordPress plugin for WordPress is vulnerable to authoriz HIGH 7.5 NVD May 14, 2026
CVE-2026-4030 The Database Backup for WordPress plugin for WordPress is vulnerable to unauthor HIGH 8.1 NVD May 14, 2026
CVE-2026-4029 The Database Backup for WordPress plugin for WordPress is vulnerable to unauthor HIGH 7.5 NVD May 14, 2026
CVE-2025-12008 Authorization bypass through User-Controlled key vulnerability in APPYAP Technol HIGH 8.8 NVD May 14, 2026
CVE-2026-4527 Gitlab — GitLab has remediated an issue in GitLab CE/EE affecting all MEDIUM 6.5 NVD May 14, 2026
CVE-2026-4524 Gitlab — GitLab has remediated an issue in GitLab CE/EE affecting all MEDIUM 6.5 NVD May 14, 2026
CVE-2026-1659 Gitlab — GitLab has remediated an issue in GitLab CE/EE affecting all HIGH 7.5 NVD May 14, 2026
CVE-2026-1322 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16 MEDIUM 6.8 NVD May 14, 2026
CVE-2026-1184 GitLab has remediated an issue in GitLab EE affecting all versions from 11 MEDIUM 6.5 NVD May 14, 2026
CVE-2025-15345 The MapGeo – Interactive Geo Maps plugin for WordPress is vulnerable to Reflecte MEDIUM 6.1 NVD May 14, 2026
CVE-2025-14870 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18 HIGH 7.5 NVD May 14, 2026
CVE-2025-14869 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18 HIGH 7.5 NVD May 14, 2026
CVE-2026-5361 The Envira Gallery Lite plugin for WordPress is vulnerable to Stored Cross-Site MEDIUM 6.4 NVD May 14, 2026
CVE-2026-5486 The Unlimited Elements for Elementor plugin for WordPress is vulnerable to SQL I MEDIUM 6.5 NVD May 14, 2026
CVE-2026-46446 SOGo before 5 HIGH 7.1 NVD May 14, 2026
CVE-2026-46445 SOGo before 5 HIGH 7.1 NVD May 14, 2026
CVE-2026-46419 Yubico webauthn-server-core (aka java-webauthn-server) 2 HIGH 7.5 NVD May 14, 2026
EDB-52564 [webapps] WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI HIGH N/A EXPLOIT-DB May 14, 2026
CVE-2026-20182 Cisco - Catalyst SD-WAN CRITICAL N/A CISA May 14, 2026
EDB-52561 [webapps] PJPROJECT 2.16 - Heap Bufferoverflow HIGH N/A EXPLOIT-DB May 14, 2026
EDB-52562 [webapps] ePati Antikor NGFW 2.0.1301 - Authentication Bypass HIGH N/A EXPLOIT-DB May 14, 2026
EDB-52563 [webapps] Apache HertzBeat 1.8.0 - Remote Code Execution HIGH N/A EXPLOIT-DB May 14, 2026
CVE-2026-8500 Web::Passwd versions through 0 CRITICAL 9.8 NVD May 13, 2026
CVE-2026-32991 Improper authorization checks of team members privileges allow a team member to HIGH 7.1 NVD May 13, 2026
CVE-2026-29206 Insufficient sanitization of SQL queries in the `sqloptimizer` utility script al HIGH 8.1 NVD May 13, 2026
CVE-2026-44005 Vm2 — vm2 is an open source vm/sandbox for Node CRITICAL 10.0 NVD May 13, 2026
CVE-2026-44004 Vm2 — vm2 is an open source vm/sandbox for Node HIGH 7.5 NVD May 13, 2026
CVE-2026-44001 Vm2 — vm2 is an open source vm/sandbox for Node HIGH 8.6 NVD May 13, 2026
CVE-2026-44000 Vm2 — vm2 is an open source vm/sandbox for Node MEDIUM 6.5 NVD May 13, 2026
CVE-2026-43999 Vm2 — vm2 is an open source vm/sandbox for Node CRITICAL 9.9 NVD May 13, 2026
CVE-2026-43998 Vm2 — vm2 is an open source vm/sandbox for Node HIGH 8.5 NVD May 13, 2026
CVE-2026-43997 Vm2 — vm2 is an open source vm/sandbox for Node CRITICAL 10.0 NVD May 13, 2026
CVE-2026-44575 Next.Js — Next HIGH 7.5 NVD May 13, 2026
CVE-2026-44574 Next.Js — Next HIGH 8.1 NVD May 13, 2026
CVE-2026-44573 Next.Js — Next HIGH 7.5 NVD May 13, 2026
CVE-2026-2695 A command injection vulnerability was discovered in TeamViewer DEX Platform On-P MEDIUM 6.3 NVD May 13, 2026
CVE-2024-48519 Buffer Overflow vulnerability in Ardupilot rover commit v MEDIUM 6.2 NVD May 13, 2026
CVE-2026-3425 The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Local File HIGH 8.8 NVD May 13, 2026
CVE-2026-6276 Curl — Using libcurl, when a custom `Host:` header is first set for HIGH 7.5 NVD May 13, 2026
CVE-2026-5773 Curl — libcurl might in some circumstances reuse the wrong connecti HIGH 7.5 NVD May 13, 2026
CVE-2026-5545 Curl — libcurl might in some circumstances reuse the wrong connecti MEDIUM 6.5 NVD May 13, 2026
CVE-2026-4798 The Avada Builder plugin for WordPress is vulnerable to time-based SQL Injection HIGH 7.5 NVD May 13, 2026
CVE-2026-4782 The Avada Builder plugin for WordPress is vulnerable to Arbitrary File Read in a MEDIUM 6.5 NVD May 13, 2026
CVE-2026-21021 Android — Improper input validation in Routines prior to SMR May-2026 MEDIUM 6.8 NVD May 13, 2026
CVE-2026-21020 Android — Improper export of android application components in OmaCP p HIGH 7.8 NVD May 13, 2026
CVE-2026-21018 Android — Out-of-bounds write in SveService prior to SMR May-2026 Rele MEDIUM 6.7 NVD May 13, 2026
CVE-2025-11159 Hitachi Vantara Pentaho Data Integration & Analytics of all versions contain a J CRITICAL 9.1 NVD May 13, 2026
CVE-2026-7635 The coreActivity: Activity Logging for WordPress plugin for WordPress is vulnera HIGH 8.1 NVD May 13, 2026
CVE-2026-7619 The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Dona MEDIUM 6.5 NVD May 13, 2026
CVE-2026-6962 The Cost of Goods: Product Cost & Profit Calculator for WooCommerce plugin for W MEDIUM 6.4 NVD May 13, 2026
CVE-2026-6828 The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Fo MEDIUM 6.4 NVD May 13, 2026
EDB-52557 [webapps] Flowise < 3.0.5 - Missing Authentication for Critical Function HIGH N/A EXPLOIT-DB May 13, 2026
EDB-52559 [webapps] glances 4.5.2 - command injection HIGH N/A EXPLOIT-DB May 13, 2026
EDB-52560 [webapps] Ninja Forms Uploads - Unauthenticated PHP File Upload HIGH N/A EXPLOIT-DB May 13, 2026
EDB-52558 [webapps] coreruleset 4.21.0 - Firewall Bypass HIGH N/A EXPLOIT-DB May 13, 2026
CVE-2026-8108 The installation of Fuji Tellus adds a driver to the kernel which grants all use HIGH 7.8 NVD May 12, 2026
CVE-2026-5371 The MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Ma HIGH 7.1 NVD May 12, 2026
CVE-2026-44548 ChurchCRM is an open-source church management system HIGH 8.1 NVD May 12, 2026
CVE-2026-44547 ChurchCRM is an open-source church management system CRITICAL 9.6 NVD May 12, 2026
CVE-2026-44245 Kyverno is a policy engine designed for cloud native platform engineering teams MEDIUM 6.1 NVD May 12, 2026
CVE-2026-43685 Filemaker Cloud — A Remote Code Execution vulnerability in Claris FileMaker Cl HIGH 7.2 NVD May 12, 2026
CVE-2026-43680 Filemaker Cloud — A Remote Code Execution vulnerability in Claris FileMaker Cl HIGH 7.2 NVD May 12, 2026
CVE-2026-42289 ChurchCRM is an open-source church management system HIGH 8.8 NVD May 12, 2026
CVE-2026-42288 ChurchCRM is an open-source church management system CRITICAL 10.0 NVD May 12, 2026
CVE-2026-41901 Thymeleaf is a server-side Java template engine for web and standalone environme CRITICAL 9.0 NVD May 12, 2026
CVE-2026-1250 The Court Reservation – Manage Your Court Bookings Online plugin for WordPress i HIGH 7.5 NVD May 12, 2026
CVE-2025-15463 The The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to a MEDIUM 6.5 NVD May 12, 2026
CVE-2025-65719 An issue in Open Source Kubectl MCP Server v1 CRITICAL 9.8 NVD May 12, 2026
CVE-2026-35071 Insightiq — Dell PowerScale InsightIQ, versions 6 HIGH 8.2 NVD May 12, 2026
CVE-2026-33603 Attacker can use a specially crafted base64 exchange between Dovecot and Client MEDIUM 6.8 NVD May 12, 2026
CVE-2026-27851 When safe filter is used with variable expansion, all following pipelines on the HIGH 7.4 NVD May 12, 2026
CVE-2026-45218 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 7.7 NVD May 12, 2026
CVE-2026-45214 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 8.5 NVD May 12, 2026
CVE-2026-45213 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 7.6 NVD May 12, 2026
CVE-2026-45211 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 8.5 NVD May 12, 2026
CVE-2026-42742 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 8.5 NVD May 12, 2026
CVE-2026-42741 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 8.5 NVD May 12, 2026
CVE-2026-41713 Spring Ai — A malicious user could craft input that is stored in convers HIGH 8.2 NVD May 12, 2026
CVE-2026-41712 Spring Ai — Spring AI's chat memory component contained a problematic de HIGH 7.5 NVD May 12, 2026
CVE-2026-2465 Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering HIGH 8.8 NVD May 12, 2026
CVE-2026-5715 The Voyage Plus plugin for WordPress is vulnerable to Stored Cross-Site Scriptin MEDIUM 6.4 NVD May 12, 2026
CVE-2026-5340 The Fancy Image Show plugin for WordPress is vulnerable to Stored Cross-Site Scr MEDIUM 6.4 NVD May 12, 2026
CVE-2026-5028 The Eight Day Week Print Workflow plugin for WordPress is vulnerable to time-bas MEDIUM 6.5 NVD May 12, 2026
CVE-2026-4920 The Next Date plugin for WordPress is vulnerable to Stored Cross-Site Scripting MEDIUM 6.4 NVD May 12, 2026
CVE-2026-4859 The SP Blog Designer plugin for WordPress is vulnerable to Stored Cross-Site Scr MEDIUM 6.4 NVD May 12, 2026
CVE-2026-39432 Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Inco HIGH 8.2 NVD May 12, 2026
CVE-2026-2993 The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable HIGH 7.5 NVD May 12, 2026
CVE-2026-2300 The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripti MEDIUM 6.4 NVD May 12, 2026
CVE-2026-1681 Issuing an ICMP ping via the `net ping` shell command to a device's own IPv4 add MEDIUM 6.1 NVD May 12, 2026
CVE-2026-0804 An ACAP configuration file lacked sufficient input validation, which could allow MEDIUM 6.7 NVD May 12, 2026
CVE-2026-0802 An ACAP configuration file lacked sufficient input validation, which could allow MEDIUM 6.0 NVD May 12, 2026
CVE-2026-0541 ACAP applications can gain elevated privileges due to improper input validation MEDIUM 6.7 NVD May 12, 2026
CVE-2026-43887 Outline is a service that allows for collaborative documentation HIGH 7.3 NVD May 11, 2026
CVE-2026-43886 Outline is a service that allows for collaborative documentation HIGH 8.2 NVD May 11, 2026
CVE-2026-43884 WWBN AVideo is an open source video platform HIGH 7.7 NVD May 11, 2026
CVE-2026-43878 WWBN AVideo is an open source video platform MEDIUM 6.1 NVD May 11, 2026
CVE-2026-43876 WWBN AVideo is an open source video platform MEDIUM 6.4 NVD May 11, 2026
CVE-2026-43875 WWBN AVideo is an open source video platform MEDIUM 6.8 NVD May 11, 2026
CVE-2026-43873 WWBN AVideo is an open source video platform HIGH 7.5 NVD May 11, 2026
CVE-2026-42564 jotty·page is a self-hosted app for your checklists and notes HIGH 8.2 NVD May 11, 2026
CVE-2026-42046 libcaca is a colour ASCII art library HIGH 7.8 NVD May 11, 2026
CVE-2026-34961 Barebox — barebox prior to version 2026 MEDIUM 6.2 NVD May 11, 2026
CVE-2026-34960 barebox prior to version 2026 MEDIUM 6.5 NVD May 11, 2026
CVE-2026-44738 Grav is a file-based Web platform HIGH 7.7 NVD May 11, 2026
CVE-2026-42843 Grav API Plugin is a RESTful API for Grav CMS that provides full headless access HIGH 8.8 NVD May 11, 2026
CVE-2026-42603 OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses HIGH 8.8 NVD May 11, 2026
CVE-2026-36906 Cross Site Scripting vulnerability in iotgateway v MEDIUM 6.1 NVD May 11, 2026
CVE-2026-33362 In Meari IoT SDK builds embedded in CloudEdge 5 HIGH 8.6 NVD May 11, 2026
CVE-2026-33361 In Meari IoT SDK image handling (libmrplayer HIGH 7.5 NVD May 11, 2026
CVE-2026-33359 In Meari IoT Cloud alert image storage on Alibaba OSS (latest observed; storage HIGH 7.5 NVD May 11, 2026
CVE-2026-33357 In Meari client applications embedding "com HIGH 7.5 NVD May 11, 2026
CVE-2026-33356 In Meari IoT Cloud MQTT Broker deployments running EMQX 4 HIGH 7.7 NVD May 11, 2026
CVE-2026-31254 The flash-attention project thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 HIGH 7.3 NVD May 11, 2026
CVE-2026-31253 The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5 HIGH 7.3 NVD May 11, 2026
CVE-2026-31251 CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) cont HIGH 7.3 NVD May 11, 2026
CVE-2026-31250 CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) cont HIGH 7.3 NVD May 11, 2026
CVE-2026-31249 CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) cont HIGH 7.3 NVD May 11, 2026
CVE-2026-31248 Docling's METS GBS backend is vulnerable to XML Entity Expansion (XXE) attacks t HIGH 7.5 NVD May 11, 2026
CVE-2026-26946 Elastic Cloud Storage — Dell ECS versions 3 MEDIUM 6.7 NVD May 11, 2026
CVE-2025-8325 The software fails to enforce role-based access controls for certain Gateway API MEDIUM 6.3 NVD May 11, 2026
CVE-2025-10908 Due to a lack of user account state validation during authentication, locked use HIGH 7.3 NVD May 11, 2026
CVE-2026-43826 The OpenSearch logging provider, when configured with a `host` URL that embeds c MEDIUM 6.5 NVD May 11, 2026
CVE-2026-41018 The Elasticsearch logging provider, when configured with a `host` URL that embed MEDIUM 6.5 NVD May 11, 2026
CVE-2026-5084 WebDyne::Session versions through 2 MEDIUM 6.5 NVD May 11, 2026
CVE-2026-43500 Linux Kernel — rxrpc: Also unshare DATA/RESPONSE packets when paged frags a HIGH 7.8 NVD May 11, 2026
CVE-2026-6433 The Custom css-js-php WordPress plugin through 2 HIGH 7.3 NVD May 11, 2026
CVE-2026-8264 Ac6 Firmware — A weakness has been identified in Tenda AC6 15 MEDIUM 6.3 NVD May 11, 2026
CVE-2026-8260 A vulnerability was found in D-Link DCS-935L up to 1 HIGH 8.8 NVD May 11, 2026
CVE-2026-8177 XML::LibXML versions through 2 HIGH 7.5 NVD May 10, 2026
CVE-2026-45191 Net::CIDR::Lite versions before 0 MEDIUM 6.5 NVD May 10, 2026
CVE-2026-45190 Net::CIDR::Lite versions before 0 MEDIUM 6.5 NVD May 10, 2026
CVE-2026-45180 Catalyst::Plugin::Statsd versions through 0 HIGH 7.5 NVD May 10, 2026
CVE-2021-47940 WordPress Plugin Download From Files version 1 CRITICAL 9.8 NVD May 10, 2026
CVE-2021-47939 Evolution CMS 3 HIGH 8.8 NVD May 10, 2026
CVE-2021-47938 ImpressCMS 1 HIGH 8.8 NVD May 10, 2026
CVE-2021-47937 e107 CMS 2 HIGH 8.8 NVD May 10, 2026
CVE-2021-47936 OpenCATS 0 CRITICAL 9.8 NVD May 10, 2026
CVE-2021-47935 Sentry 8 HIGH 8.8 NVD May 10, 2026
CVE-2021-47933 WordPress MStore API 2 CRITICAL 9.8 NVD May 10, 2026
CVE-2021-47932 WordPress TheCartPress 1 CRITICAL 9.8 NVD May 10, 2026
CVE-2021-47931 Exponent CMS 2 MEDIUM 6.4 NVD May 10, 2026
CVE-2021-47930 Balbooa Joomla Forms Builder 2 HIGH 8.2 NVD May 10, 2026
CVE-2021-47929 Filterable Portfolio Gallery 1 MEDIUM 6.4 NVD May 10, 2026
CVE-2021-47928 Opencart TMD Vendor System 3 HIGH 8.2 NVD May 10, 2026
CVE-2021-47927 WordPress Plugin WP Symposium Pro 2021 MEDIUM 6.4 NVD May 10, 2026
CVE-2021-47926 Contact Form to Email 1 MEDIUM 6.4 NVD May 10, 2026
CVE-2021-47925 CMDBuild 3 MEDIUM 6.4 NVD May 10, 2026
CVE-2021-47924 Ultimate Product Catalog 5 MEDIUM 6.4 NVD May 10, 2026
CVE-2021-47923 OpenCart 3 CRITICAL 9.8 NVD May 10, 2026
CVE-2021-47922 Slider by Soliloquy 2 MEDIUM 6.4 NVD May 10, 2026
CVE-2021-47910 AccessPress Social Icons 1 MEDIUM 6.4 NVD May 10, 2026
CVE-2021-47907 Rocket LMS 1 MEDIUM 6.4 NVD May 10, 2026
CVE-2026-8231 A vulnerability has been found in CodeAstro Online Catering Ordering System 1 MEDIUM 6.3 NVD May 10, 2026
CVE-2026-8230 A flaw has been found in Wavlink NU516U1 240425 MEDIUM 6.3 NVD May 10, 2026
CVE-2026-8229 A vulnerability was detected in Wavlink NU516U1 240425 MEDIUM 6.3 NVD May 10, 2026
CVE-2026-8228 A security vulnerability has been detected in Wavlink NU516U1 240425 MEDIUM 6.3 NVD May 10, 2026
CVE-2026-8227 A weakness has been identified in Wavlink NU516U1 240425 MEDIUM 6.3 NVD May 10, 2026
CVE-2026-8217 A security flaw has been discovered in Industrial Application Software IAS Cania MEDIUM 6.3 NVD May 10, 2026
CVE-2026-8216 A vulnerability was identified in Industrial Application Software IAS Canias ERP HIGH 7.3 NVD May 10, 2026
CVE-2026-45184 Kdenlive before 26 MEDIUM 6.5 NVD May 09, 2026
CVE-2026-42605 AzuraCast is a self-hosted, all-in-one web radio management suite HIGH 8.8 NVD May 09, 2026
CVE-2026-42576 apko allows users to build and publish OCI container images built from apk packa MEDIUM 6.5 NVD May 09, 2026
CVE-2026-42575 apko allows users to build and publish OCI container images built from apk packa HIGH 7.5 NVD May 09, 2026
CVE-2026-42574 apko allows users to build and publish OCI container images built from apk packa HIGH 7.5 NVD May 09, 2026
CVE-2026-42569 phpVMS is a PHP application to run and simulate an airline CRITICAL 9.4 NVD May 09, 2026
CVE-2026-42562 Plainpad is a self hosted note taking app HIGH 8.3 NVD May 09, 2026
CVE-2026-8193 A weakness has been identified in Akaunting 3 MEDIUM 6.3 NVD May 09, 2026
CVE-2026-8192 A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425 MEDIUM 6.3 NVD May 09, 2026
CVE-2026-8191 A vulnerability was identified in Wavlink NU516U1 M16U1_V240425 MEDIUM 6.3 NVD May 09, 2026
CVE-2026-8190 A vulnerability was determined in Wavlink NU516U1 M16U1_V240425 MEDIUM 6.3 NVD May 09, 2026
CVE-2026-8189 A vulnerability was found in Wavlink NU516U1 M16U1_V240425 MEDIUM 6.3 NVD May 09, 2026
CVE-2026-8188 A vulnerability has been found in Wavlink NU516U1 M16U1_V240425 MEDIUM 6.3 NVD May 09, 2026
CVE-2026-8185 A security vulnerability has been detected in UGREEN CM933 1 MEDIUM 6.3 NVD May 09, 2026
CVE-2026-3828 Some Hikvision switch products (discontinued since December 2023) are vulnerable HIGH 7.2 NVD May 09, 2026
CVE-2026-1749 There is an Access Control Vulnerability in some HikCentral Professional version MEDIUM 6.8 NVD May 09, 2026
CVE-2026-42560 auth provides authentication via oauth2, direct and email CRITICAL 9.1 NVD May 09, 2026
CVE-2026-42452 Termix is a web-based server management platform with SSH terminal, tunneling, a HIGH 8.1 NVD May 08, 2026
CVE-2026-42451 Grimmory is a self-hosted digital library MEDIUM 6.3 NVD May 08, 2026
CVE-2026-42354 Sentry is an error tracking and performance monitoring tool CRITICAL 9.1 NVD May 08, 2026
CVE-2026-42352 pygeoapi is a Python server implementation of the OGC API suite of standards HIGH 8.6 NVD May 08, 2026
CVE-2026-42351 pygeoapi is a Python server implementation of the OGC API suite of standards HIGH 7.5 NVD May 08, 2026
CVE-2026-42346 Postiz is an AI social media scheduling tool MEDIUM 6.5 NVD May 08, 2026
CVE-2026-42345 FastGPT is an AI Agent building platform HIGH 7.7 NVD May 08, 2026
CVE-2026-42344 FastGPT is an AI Agent building platform MEDIUM 6.3 NVD May 08, 2026
CVE-2026-42302 FastGPT is an AI Agent building platform CRITICAL 9.8 NVD May 08, 2026
CVE-2026-42298 Postiz is an AI social media scheduling tool CRITICAL 10.0 NVD May 08, 2026
CVE-2026-42291 SysReptor is a fully customizable pentest reporting platform MEDIUM 6.8 NVD May 08, 2026
CVE-2026-42224 ipl/web is a set of common web components for php projects HIGH 7.6 NVD May 08, 2026
CVE-2026-41520 Cilium is a networking, observability, and security solution with an eBPF-based HIGH 7.9 NVD May 08, 2026
CVE-2026-41432 New API is a large language mode (LLM) gateway and artificial intelligence (AI) HIGH 7.1 NVD May 08, 2026
CVE-2026-42189 Russh is a Rust SSH client & server library HIGH 7.5 NVD May 08, 2026
CVE-2026-42181 Lemmy is a link aggregator and forum for the fediverse MEDIUM 6.5 NVD May 08, 2026
CVE-2026-42180 Lemmy is a link aggregator and forum for the fediverse MEDIUM 6.3 NVD May 08, 2026
CVE-2026-42176 Scoold is a Q&A and a knowledge sharing platform for teams MEDIUM 6.7 NVD May 08, 2026
CVE-2026-8178 An issue exists in Amazon Redshift JDBC Driver versions prior to 2 HIGH 8.1 NVD May 08, 2026
CVE-2026-41511 OpenMcdf is a fully MEDIUM 6.2 NVD May 08, 2026
CVE-2026-29203 A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlink HIGH 8.8 NVD May 08, 2026
CVE-2026-29202 Insufficient input validation of the `plugin` parameter of the `create_user` plu HIGH 8.8 NVD May 08, 2026
CVE-2026-6659 Crypt::PasswdMD5 versions through 1 HIGH 7.5 NVD May 08, 2026
CVE-2026-42072 Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub- CRITICAL 9.8 NVD May 08, 2026
CVE-2026-42030 MapServer is a system for developing web-based GIS applications MEDIUM 6.1 NVD May 08, 2026
CVE-2026-38360 Directory Traversal vulnerability in fohrloop dash-uploader v CRITICAL 9.8 NVD May 08, 2026
CVE-2026-25199 Cloudstack — Instances deployed via the Proxmox extension allow unauthori CRITICAL 9.1 NVD May 08, 2026
CVE-2026-25077 Cloudstack — Account users are allowed by default to register templates t MEDIUM 6.3 NVD May 08, 2026
CVE-2025-69233 Cloudstack — Due to multiple time-of-check time-of-use race conditions in MEDIUM 6.5 NVD May 08, 2026
CVE-2025-66467 Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows use HIGH 8.0 NVD May 08, 2026
CVE-2025-66172 The CloudStack Backup plugin has an improper access logic in versions 4 MEDIUM 6.5 NVD May 08, 2026
CVE-2025-66171 The CloudStack Backup plugin has an improper access logic in versions 4 MEDIUM 6.5 NVD May 08, 2026
CVE-2025-66170 The CloudStack Backup plugin has an improper authorization logic in versions 4 MEDIUM 6.5 NVD May 08, 2026
CVE-2022-50994 DrayTek Vigor 2960 firmware versions prior to 1 HIGH 8.1 NVD May 08, 2026
CVE-2026-8153 OS command injection in Dashboard Server interface in Universal Robots PolyScope CRITICAL 9.8 NVD May 08, 2026
CVE-2024-33722 SOPlanning 1 MEDIUM 6.3 NVD May 08, 2026
CVE-2024-33288 Prison Management System Using PHP v1 HIGH 7.3 NVD May 08, 2026
CVE-2024-30167 /cgi-bin/time MEDIUM 6.3 NVD May 08, 2026
CVE-2024-27686 Mikrotik RouterOS (x86) 6 HIGH 7.5 NVD May 08, 2026
CVE-2026-8148 NAVER MYBOX Explorer for Windows before 3 HIGH 7.8 NVD May 08, 2026
CVE-2026-8138 A vulnerability was found in Tenda CX12L 16 HIGH 8.8 NVD May 08, 2026
CVE-2026-8137 A vulnerability has been found in Totolink X5000R 9 HIGH 8.8 NVD May 08, 2026
CVE-2026-42277 Onyx is an open-source AI platform MEDIUM 6.5 NVD May 08, 2026
CVE-2023-42345 A Cross Site Scripting vulnerability in Alkacon OpenCms before 16 exists via upd MEDIUM 6.1 NVD May 08, 2026
CVE-2023-42344 Alkacon OpenCms before 10 HIGH 7.3 NVD May 08, 2026
CVE-2023-42343 A Cross Site Scripting vulnerability in Alkacon OpenCms before 10 MEDIUM 6.1 NVD May 08, 2026
CVE-2022-45899 Nokia Broadcast Message Center (BMC) before 13 MEDIUM 6.5 NVD May 08, 2026
CVE-2022-26522 The socket connection handler in aswArPot HIGH 7.8 NVD May 08, 2026
CVE-2022-23961 In Thruk Monitoring through 2 MEDIUM 6.1 NVD May 08, 2026
CVE-2026-41500 Electerm — electerm is an open-sourced terminal/ssh/sftp/telnet/serialp CRITICAL 9.8 NVD May 08, 2026
CVE-2026-8128 A vulnerability was found in SourceCodester SUP Online Shopping 1 HIGH 7.3 NVD May 08, 2026
CVE-2026-8127 A vulnerability has been found in eladmin up to 2 MEDIUM 6.3 NVD May 08, 2026
CVE-2026-8126 A flaw has been found in SourceCodester Comment System 1 HIGH 7.3 NVD May 08, 2026
CVE-2026-8125 A vulnerability was detected in code-projects Simple Chat System 1 MEDIUM 6.3 NVD May 08, 2026
CVE-2026-8116 A weakness has been identified in huangjunsen0406 xiaozhi-mcphub up to 1 MEDIUM 6.3 NVD May 08, 2026
CVE-2026-42208 BerriAI - LiteLLM CRITICAL N/A CISA May 08, 2026
CVE-2026-6411 This vulnerability, in the MAXHUB Pivot client application versions prior to v1 HIGH 7.3 NVD May 07, 2026
CVE-2026-42880 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes CRITICAL 9.6 NVD May 07, 2026
CVE-2026-8083 A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System HIGH 7.3 NVD May 07, 2026
CVE-2026-44742 Postorius through 1 HIGH 7.2 NVD May 07, 2026
CVE-2026-44244 GitPython is a python library used to interact with Git repositories HIGH 7.8 NVD May 07, 2026
CVE-2026-44243 Gitpython — GitPython is a python library used to interact with Git repo HIGH 7.1 NVD May 07, 2026
CVE-2026-42284 Gitpython — GitPython is a python library used to interact with Git repo HIGH 8.1 NVD May 07, 2026
CVE-2026-42215 GitPython is a python library used to interact with Git repositories HIGH 8.8 NVD May 07, 2026
CVE-2026-42214 Notepad Next is a cross-platform, reimplementation of Notepad++ HIGH 7.8 NVD May 07, 2026
CVE-2026-41906 FreeScout is a free help desk and shared inbox built with PHP's Laravel framewor HIGH 7.1 NVD May 07, 2026
CVE-2026-41905 FreeScout is a free help desk and shared inbox built with PHP's Laravel framewor HIGH 7.7 NVD May 07, 2026
CVE-2026-41904 FreeScout is a free help desk and shared inbox built with PHP's Laravel framewor HIGH 7.6 NVD May 07, 2026
CVE-2026-41902 FreeScout is a free help desk and shared inbox built with PHP's Laravel framewor CRITICAL 9.1 NVD May 07, 2026
CVE-2026-8081 A vulnerability has been found in router-for-me CLIProxyAPI 6 MEDIUM 6.3 NVD May 07, 2026
CVE-2026-37709 Insecure Permissions vulnerability in grokability snipe-it v CRITICAL 9.8 NVD May 07, 2026
CVE-2026-7415 The MQTT broker embedded in Yarbo firmware v2 CRITICAL 9.8 NVD May 07, 2026
CVE-2026-7414 Yarbo firmware v2 CRITICAL 9.8 NVD May 07, 2026
CVE-2026-7413 A hidden, persistent backdoor was found in Yarbo firmware v2 HIGH 7.2 NVD May 07, 2026
CVE-2026-8093 Memory safety bugs present in Thunderbird 150 HIGH 8.1 NVD May 07, 2026
CVE-2026-8092 Memory safety bugs present in Thunderbird ESR 140 HIGH 8.1 NVD May 07, 2026
CVE-2026-8091 Incorrect boundary conditions in the Audio/Video: Playback component CRITICAL 9.8 NVD May 07, 2026
CVE-2026-8090 Firefox — Use-after-free in the DOM: Networking component HIGH 7.3 NVD May 07, 2026
CVE-2026-6002 Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vu HIGH 8.8 NVD May 07, 2026
CVE-2026-5791 Cross-Site request forgery (CSRF) vulnerability in DivvyDrive Information Techno CRITICAL 9.6 NVD May 07, 2026
CVE-2026-5784 Improper neutralization of input during web page generation ('cross-site scripti HIGH 8.8 NVD May 07, 2026
CVE-2026-6508 Origin Validation Error vulnerability in TUBITAK BILGEM Software Technologies Re CRITICAL 9.8 NVD May 07, 2026
CVE-2026-42285 GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go P HIGH 7.5 NVD May 07, 2026
CVE-2026-42010 A flaw was found in gnutls HIGH 7.1 NVD May 07, 2026
CVE-2026-41643 Gobgp — GoBGP is an open source Border Gateway Protocol (BGP) implem HIGH 7.5 NVD May 07, 2026
CVE-2026-41642 Gobgp — GoBGP is an open source Border Gateway Protocol (BGP) implem HIGH 7.5 NVD May 07, 2026
CVE-2026-3953 Improper neutralization of input during web page generation ('cross-site scripti HIGH 8.8 NVD May 07, 2026
CVE-2026-33589 Open-Notebook — Lack of user input validation in the file upload functionali MEDIUM 6.5 NVD May 07, 2026
CVE-2026-33588 Open-Notebook — Lack of user input validation in the file upload functionali HIGH 8.1 NVD May 07, 2026
CVE-2026-33587 Open-Notebook — Lack of user input sanitisation in Open Notebook v1 CRITICAL 10.0 NVD May 07, 2026
CVE-2026-28201 Open-Notebook — An improper input validation, together with an overly permis HIGH 7.8 NVD May 07, 2026
CVE-2025-68060 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti HIGH 7.6 NVD May 07, 2026
CVE-2025-1978 Remote Code Execution Vulnerability in Hitachi Storage Navigator and the mainten HIGH 8.3 NVD May 07, 2026
CVE-2024-43384 A low privileged remote attacker can gain the root password due to improper remo HIGH 8.0 NVD May 07, 2026
CVE-2026-4430 Libreoffice — Out-of-bounds write vulnerability in The Document Foundation HIGH 7.8 NVD May 07, 2026
CVE-2025-9661 Virtual Storage One Block — OS command injection vulneravility in the management gui (ma HIGH 8.1 NVD May 07, 2026
CVE-2026-8063 An authenticated user can crash mongod when running $rankFusion or $scoreFusion MEDIUM 6.5 NVD May 07, 2026
CVE-2026-7252 The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page HIGH 8.1 NVD May 07, 2026
CVE-2026-6692 The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Uploa HIGH 8.8 NVD May 07, 2026
CVE-2026-4348 The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the ` HIGH 7.5 NVD May 07, 2026
CVE-2026-41641 Nocobase — NocoBase is an AI-powered no-code/low-code platform for buil HIGH 7.2 NVD May 07, 2026
CVE-2026-41143 YesWiki is a wiki system written in PHP HIGH 8.8 NVD May 07, 2026
CVE-2026-41655 Admidio is an open-source user management solution MEDIUM 6.5 NVD May 07, 2026
CVE-2026-41640 NocoBase is an AI-powered no-code/low-code platform for building business applic HIGH 7.5 NVD May 07, 2026
CVE-2026-41201 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, mo CRITICAL 9.1 NVD May 07, 2026
CVE-2026-41142 Openexr — OpenEXR provides the specification and reference implementat HIGH 8.8 NVD May 07, 2026
CVE-2026-41002 The base directory (`spring HIGH 7.2 NVD May 07, 2026
CVE-2026-40982 Spring Cloud Config allows applications to serve arbitrary text and binary files CRITICAL 9.1 NVD May 07, 2026
CVE-2026-40981 When using Google Secrets Manager as a backend for the Spring Cloud Config serve HIGH 7.5 NVD May 07, 2026
CVE-2026-4807 The Appointment Booking Calendar plugin for WordPress is vulnerable to Missing A MEDIUM 6.5 NVD May 07, 2026
EDB-52552 [local] NocoBase 2.0.27 - VM Sandbox Escape HIGH N/A EXPLOIT-DB May 07, 2026
EDB-52553 [webapps] Bludit CMS 3.18.4 - RCE HIGH N/A EXPLOIT-DB May 07, 2026
EDB-52554 [webapps] LuaJIT 2.1.1774638290 - Arbitrary Code Execution HIGH N/A EXPLOIT-DB May 07, 2026
EDB-52555 [webapps] Ghost CMS 6.19.0 - SQLi HIGH N/A EXPLOIT-DB May 07, 2026
EDB-52556 [remote] telnetd 2.7 - Buffer Overflow HIGH N/A EXPLOIT-DB May 07, 2026
CVE-2026-6973 Ivanti - Endpoint Manager Mobile (EPMM) CRITICAL N/A CISA May 07, 2026
EDB-52551 [webapps] ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF) HIGH N/A EXPLOIT-DB May 07, 2026
CVE-2024-30151 Bigfix Service Management — HCL BigFix Service Management (SX) is affected by a Broken HIGH 8.3 NVD May 06, 2026
CVE-2026-7875 NanoClaw version 1 HIGH 8.8 NVD May 06, 2026
CVE-2026-42503 gopls by default communicates via pipe HIGH 8.8 NVD May 06, 2026
CVE-2026-23870 A denial of service vulnerability could be triggered by sending specially crafte HIGH 7.5 NVD May 06, 2026
CVE-2026-20188 A vulnerability in the connection-handling mechanism of Cisco Crosswork Network HIGH 7.5 NVD May 06, 2026
CVE-2026-20185 A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of&nb HIGH 7.7 NVD May 06, 2026
CVE-2026-20169 A vulnerability in the web-based management interface of Cisco IoT Field Network MEDIUM 6.4 NVD May 06, 2026
CVE-2026-20168 A vulnerability in the web-based management interface of Cisco IoT Field Network MEDIUM 6.5 NVD May 06, 2026
CVE-2026-20167 A vulnerability in the web-based management interface of Cisco IoT Field Network HIGH 7.7 NVD May 06, 2026
CVE-2026-20035 A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an HIGH 7.2 NVD May 06, 2026
CVE-2026-20034 A vulnerability in the web-based management interface of Cisco Unity Connection HIGH 8.8 NVD May 06, 2026
CVE-2025-31951 HCL BigFix RunBookAI is affected by a Unvalidated Command Input / Potential Comm HIGH 8.8 NVD May 06, 2026
CVE-2026-6420 A flaw was found in Keylime MEDIUM 6.3 NVD May 06, 2026
CVE-2026-42509 Wicket — Improper Neutralization of Input During Web Page Generation MEDIUM 6.1 NVD May 06, 2026
CVE-2026-40010 Wicket — Missing invocation of Servlet http web request method change CRITICAL 9.1 NVD May 06, 2026
CVE-2026-35255 Cloud Native Environment Command Line Interface — Vulnerability in the Oracle Cloud Native Environment Command MEDIUM 6.6 NVD May 06, 2026
CVE-2026-1719 The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection HIGH 7.5 NVD May 06, 2026
CVE-2026-7841 A remote code execution vulnerability exists in Notification Settings on GeoVisi HIGH 8.8 NVD May 06, 2026
CVE-2026-7457 The LatePoint plugin for WordPress is vulnerable to Stored Cross-Site Scripting MEDIUM 6.4 NVD May 06, 2026
CVE-2026-7448 The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for W HIGH 7.2 NVD May 06, 2026
CVE-2026-7332 The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for W HIGH 7.2 NVD May 06, 2026
CVE-2026-6672 The Affiliate Program Suite — SliceWP Affiliates plugin for WordPress is vulnera MEDIUM 6.4 NVD May 06, 2026
CVE-2026-35254 Cloud Infrastructure Cli — Vulnerability in the Oracle OCI CLI product of Oracle Open S MEDIUM 6.1 NVD May 06, 2026
CVE-2026-5753 The All-in-One WP Migration Unlimited Extension plugin for WordPress is vulnerab MEDIUM 6.5 NVD May 06, 2026
CVE-2025-71256 In nr modem, there is a possible improper input validation HIGH 7.5 NVD May 06, 2026
CVE-2025-71255 In Modem IMS, there is a possible improper input validation HIGH 7.5 NVD May 06, 2026
CVE-2025-71254 In Modem IMS, there is a possible improper input validation HIGH 7.5 NVD May 06, 2026
CVE-2025-71253 In Modem IMS, there is a possible improper input validation HIGH 7.5 NVD May 06, 2026
CVE-2025-71252 In Modem IMS, there is a possible improper input validation HIGH 7.5 NVD May 06, 2026
CVE-2025-71251 In IMS, there is a possible system crash due to improper input validation HIGH 7.5 NVD May 06, 2026
CVE-2026-0300 Palo Alto Networks - PAN-OS CRITICAL N/A CISA May 06, 2026
CVE-2024-52911 Bitcoin Core through 28 HIGH 7.5 NVD May 05, 2026
CVE-2026-44331 Proftpd — In ProFTPD through 1.3.9a before 7666224, a SQL injection vulnerability in sqlta HIGH 8.1 CVE.ORG May 05, 2026
CVE-2026-42997 An issue was discovered in idrac in OpenStack Ironic before 35 HIGH 7.7 NVD May 05, 2026
CVE-2026-38428 Kestra v1 CRITICAL 9.8 NVD May 05, 2026
CVE-2026-30923 Modsecurity — ModSecurity is an open source, cross platform web applicatio HIGH 7.5 NVD May 05, 2026
CVE-2026-7857 D-Link DI-8100 CGI user_group.asp sprintf buffer overflow HIGH 7.2 CVE.ORG May 05, 2026
CVE-2026-7856 D-Link DI-8100 Web Management url_member.asp buffer overflow HIGH 7.2 CVE.ORG May 05, 2026
CVE-2026-27960 OpenCTI privilege escalation and unauthenticated access via default admin account CRITICAL 9.8 CVE.ORG May 05, 2026
CVE-2026-7855 D-Link DI-8100 HTTP Request tggl.asp tggl_asp buffer overflow HIGH 8.8 CVE.ORG May 05, 2026
CVE-2026-7854 D-Link DI-8100 POST Parameter url_rule.asp url_rule_asp buffer overflow CRITICAL 9.8 CVE.ORG May 05, 2026
CVE-2026-7853 D-Link DI-8100 HTTP auto_reboot.asp sprintf buffer overflow CRITICAL 9.8 CVE.ORG May 05, 2026
CVE-2026-7851 D-Link DI-8100 yyxz.asp sprintf stack-based overflow HIGH 7.2 CVE.ORG May 05, 2026
CVE-2026-38432 ERPNext v15 MEDIUM 6.1 NVD May 05, 2026
CVE-2026-38431 ERPNext v15 CRITICAL 9.8 NVD May 05, 2026
CVE-2026-38429 OpenCMS v20 and before is vulnerable to XML External Entity (XXE) in the Admin I CRITICAL 9.8 NVD May 05, 2026
CVE-2026-25589 Redisbloom — RedisBloom is a probabilistic data structures module for Red HIGH 8.8 NVD May 05, 2026
CVE-2026-25588 Redistimeseries — RedisTimeSeries is a time-series module for Redis HIGH 8.8 NVD May 05, 2026
CVE-2026-25243 Redis — Redis is an in-memory data structure store HIGH 8.8 NVD May 05, 2026
CVE-2026-23631 Redis — Redis is an in-memory data structure store HIGH 8.1 NVD May 05, 2026
CVE-2026-23479 Redis — Redis is an in-memory data structure store HIGH 8.8 NVD May 05, 2026
CVE-2026-7412 Eclipse Basyx — In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Opera HIGH 8.6 CVE.ORG May 05, 2026
CVE-2026-7411 Eclipse Basyx — In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequat CRITICAL 10.0 CVE.ORG May 05, 2026
CVE-2026-7834 EFM ipTIME NAS1dual misc_main.cgi get_csrf_whites stack-based overflow CRITICAL 9.8 CVE.ORG May 05, 2026
CVE-2026-4304 WeePie Cookie Allow <= 3.4.11 - Unauthenticated SQL Injection via 'consent' Parameter HIGH 7.5 CVE.ORG May 05, 2026
CVE-2026-7833 EFM ipTIME C200 ApplyRestore Endpoint iux_set.cgi sub_408F90 command injection HIGH 7.2 CVE.ORG May 05, 2026
CVE-2026-43528 Openclaw — OpenClaw before 2026 MEDIUM 6.5 NVD May 05, 2026
CVE-2026-43527 Openclaw — OpenClaw before 2026 HIGH 7.7 NVD May 05, 2026
CVE-2026-43526 Openclaw — OpenClaw before 2026 HIGH 8.2 NVD May 05, 2026
CVE-2026-42439 Openclaw — OpenClaw before 2026 HIGH 8.5 NVD May 05, 2026
CVE-2026-42438 Openclaw — OpenClaw versions 2026 HIGH 7.7 NVD May 05, 2026
CVE-2026-42437 OpenClaw versions 2026 HIGH 7.5 NVD May 05, 2026
CVE-2026-42436 OpenClaw before 2026 HIGH 7.7 NVD May 05, 2026
CVE-2026-42435 OpenClaw versions from 2026 HIGH 8.8 NVD May 05, 2026
CVE-2026-42434 OpenClaw versions 2026 HIGH 8.8 NVD May 05, 2026
CVE-2026-42433 OpenClaw before 2026 MEDIUM 6.5 NVD May 05, 2026
CVE-2023-54349 AmazCart CMS 3 MEDIUM 6.1 NVD May 05, 2026
CVE-2023-54348 ERPGo SaaS 3 HIGH 8.8 NVD May 05, 2026
CVE-2023-54347 Openemr — OpenEMR 7 HIGH 7.5 NVD May 05, 2026
CVE-2023-54346 WordPress Plugin Backup Migration 1 HIGH 7.5 NVD May 05, 2026
CVE-2023-54345 Erpnext — Frappe Framework ERPNext 13 HIGH 8.8 NVD May 05, 2026
CVE-2023-54344 Eclipse Equinox OSGi 3 CRITICAL 9.8 NVD May 05, 2026
CVE-2023-54342 Eclipse Equinox OSGi versions 3 CRITICAL 9.8 NVD May 05, 2026
CVE-2026-7832 IObit Advanced SystemCare Service ASC.exe symlink HIGH 7.0 CVE.ORG May 05, 2026
CVE-2026-43573 OpenClaw < 2026.4.10 - SSRF Policy Bypass in Existing-Session Browser Interaction Routes HIGH 7.7 CVE.ORG May 05, 2026
CVE-2026-43571 OpenClaw < 2026.4.10 - Untrusted Workspace Plugin Shadow Resolution in Channel Setup HIGH 8.8 CVE.ORG May 05, 2026
CVE-2026-43569 OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth HIGH 8.8 CVE.ORG May 05, 2026
CVE-2026-43566 OpenClaw 2026.4.7 < 2026.4.14 - Privilege Escalation via Untrusted Webhook Wake Events CRITICAL 9.1 CVE.ORG May 05, 2026
CVE-2026-43534 OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events CRITICAL 9.1 CVE.ORG May 05, 2026
CVE-2026-43533 OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags HIGH 8.6 CVE.ORG May 05, 2026
CVE-2026-6322 fast-uri normalize() decoded percent-encoded authority delimiters inside the hos HIGH 7.5 NVD May 05, 2026
CVE-2025-42611 RouterOS provides various services that rely on correct verification of client a MEDIUM 6.5 NVD May 05, 2026
CVE-2026-43870 Thrift — Origin Validation Error, Improper Limitation of a Pathname t HIGH 7.3 NVD May 05, 2026
CVE-2026-3359 The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugi HIGH 7.5 NVD May 05, 2026
CVE-2026-43869 Thrift — Improper Validation of Certificate with Host Mismatch vulner HIGH 7.3 NVD May 05, 2026
CVE-2026-5192 The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin f HIGH 7.5 NVD May 05, 2026
CVE-2026-40797 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti CRITICAL 9.3 NVD May 05, 2026
CVE-2026-3454 The GenerateBlocks plugin for WordPress is vulnerable to Insecure Direct Object MEDIUM 6.5 NVD May 05, 2026
CVE-2026-7823 A security flaw has been discovered in Totolink A8000RU 7 CRITICAL 9.8 NVD May 05, 2026
CVE-2026-7822 A vulnerability was identified in itsourcecode Courier Management System 1 MEDIUM 6.3 NVD May 05, 2026
CVE-2026-7812 A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391 HIGH 7.3 NVD May 05, 2026
CVE-2026-7811 A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d9363 HIGH 7.3 NVD May 05, 2026
CVE-2026-4362 The ElementsKit Elementor Addons plugin for WordPress is vulnerable to unauthori MEDIUM 6.5 NVD May 05, 2026
CVE-2026-6696 The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross- MEDIUM 6.1 NVD May 05, 2026
CVE-2026-6255 The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Sit MEDIUM 6.4 NVD May 05, 2026
CVE-2026-5505 The WP-Clippy plugin for WordPress is vulnerable to Stored Cross-Site Scripting MEDIUM 6.4 NVD May 05, 2026
CVE-2026-5100 The AWP Classifieds plugin for WordPress is vulnerable to SQL Injection via the HIGH 7.5 NVD May 05, 2026
CVE-2026-4730 The Charts Ninja: Create Beautiful Graphs & Charts and Easily Add Them to Your W MEDIUM 6.4 NVD May 05, 2026
CVE-2026-4409 The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unautho MEDIUM 6.5 NVD May 05, 2026
CVE-2026-2868 The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for Wor MEDIUM 6.4 NVD May 05, 2026
CVE-2025-13618 The Mentoring plugin for WordPress is vulnerable to privilege escalation in all CRITICAL 9.8 NVD May 05, 2026
CVE-2026-5722 The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass CRITICAL 9.8 NVD May 05, 2026
CVE-2026-44028 An issue was discovered in Nix before 2 HIGH 7.5 NVD May 05, 2026
CVE-2026-7788 A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028 HIGH 7.3 NVD May 05, 2026
CVE-2026-7785 A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94 HIGH 7.3 NVD May 05, 2026
CVE-2026-7784 A vulnerability has been found in RTGS2017 NagaAgent up to 5 HIGH 7.3 NVD May 05, 2026
CVE-2026-7783 A flaw has been found in CodeCanyon Perfex CRM up to 3 MEDIUM 6.3 NVD May 05, 2026
CVE-2026-7782 A vulnerability was detected in CodeCanyon Perfex CRM up to 3 MEDIUM 6.3 NVD May 04, 2026
CVE-2026-42027 Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoad CRITICAL 9.8 NVD May 04, 2026
CVE-2026-40682 XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP D CRITICAL 9.1 NVD May 04, 2026
CVE-2026-38669 wCMS v MEDIUM 6.1 NVD May 04, 2026
CVE-2026-37461 An out-of-bounds read in the ParseIP6Extended function (/bgp/bgp HIGH 7.5 NVD May 04, 2026
CVE-2026-29514 NetBox versions 4 HIGH 8.8 NVD May 04, 2026
CVE-2026-26956 vm2 is an open source vm/sandbox for Node CRITICAL 9.8 NVD May 04, 2026
CVE-2026-26332 Vm2 — vm2 is an open source vm/sandbox for Node CRITICAL 9.8 NVD May 04, 2026
CVE-2026-25293 Buffer overflow due to incorrect authorization in PLC FW CRITICAL 9.6 NVD May 04, 2026
CVE-2026-24781 vm2 is an open source vm/sandbox for Node CRITICAL 9.8 NVD May 04, 2026
CVE-2026-24120 vm2 is an open source vm/sandbox for Node CRITICAL 9.8 NVD May 04, 2026
CVE-2026-24118 vm2 is an open source vm/sandbox for Node CRITICAL 9.8 NVD May 04, 2026
CVE-2026-24082 Memory Corruption when copying data from a freed source while executing performa HIGH 7.8 NVD May 04, 2026
CVE-2025-47408 Memory corruption when another driver calls an IOCTL with invalid input/output b HIGH 7.8 NVD May 04, 2026
CVE-2025-47407 Memory corruption while creating a process on the digital signal processor due t HIGH 7.8 NVD May 04, 2026
CVE-2025-47406 Information Disclosure while processing IOCTL handler callbacks without verifyin MEDIUM 6.1 NVD May 04, 2026
CVE-2025-47405 Memory corruption when processing camera sensor input/output control codes with HIGH 7.8 NVD May 04, 2026
CVE-2025-47404 Memory corruption when dynamically changing the size of a previously allocated b MEDIUM 6.5 NVD May 04, 2026
CVE-2025-47403 Transient DOS when processing a malformed Fast Transition response frame with an MEDIUM 6.5 NVD May 04, 2026
CVE-2025-47401 Transient DOS when processing target power rate tables during channel configurat MEDIUM 6.5 NVD May 04, 2026
CVE-2026-29169 Http Server — A NULL pointer dereference in mod_dav_lock in Apache HTTP Se HIGH 7.5 NVD May 04, 2026
CVE-2026-23918 Http Server — Double Free and possible RCE vulnerability in Apache HTTP Se HIGH 8.8 NVD May 04, 2026
CVE-2025-70072 An issue in Assimp v MEDIUM 6.5 NVD May 04, 2026
CVE-2025-70070 An issue in Assimp v MEDIUM 6.5 NVD May 04, 2026
CVE-2026-6266 A flaw was found in the AAP gateway HIGH 8.3 NVD May 04, 2026
CVE-2025-70069 An issue in Assimp v HIGH 7.5 NVD May 04, 2026
CVE-2025-70067 Buffer Overflow vulnerability exists in Assimp versions up to 6 CRITICAL 9.8 NVD May 04, 2026
CVE-2025-58074 A privilege escalation vulnerability exists during the installation of Norton Se HIGH 8.8 NVD May 04, 2026
CVE-2026-7482 Ollama before 0 CRITICAL 9.1 NVD May 04, 2026
CVE-2026-34059 Http Server — Buffer Over-read vulnerability in Apache HTTP Server HIGH 7.5 NVD May 04, 2026
CVE-2026-24072 Http Server — An escalation of privilege bug in various modules in Apache HIGH 8.8 NVD May 04, 2026
CVE-2026-3120 Improper Control of Generation of Code ('Code Injection') vulnerability in Profe HIGH 7.2 NVD May 04, 2026
CVE-2026-29199 phpBB before 3 HIGH 8.1 NVD May 04, 2026
CVE-2026-20451 In slbc, there is a possible out of bounds write due to type confusion MEDIUM 6.7 NVD May 04, 2026
CVE-2026-20450 In Modem, there is a possible system crash due to incorrect error handling MEDIUM 6.5 NVD May 04, 2026
CVE-2026-20449 In Modem, there is a possible system crash due to a heap buffer overflow MEDIUM 6.5 NVD May 04, 2026
CVE-2026-20448 In geniezone, there is a possible escalation of privilege due to a missing permi MEDIUM 6.7 NVD May 04, 2026
CVE-2026-20447 In geniezone, there is a possible escalation of privilege due to a missing bound MEDIUM 6.7 NVD May 04, 2026
CVE-2026-7735 A vulnerability was found in osrg GoBGP up to 4 HIGH 7.3 NVD May 04, 2026
CVE-2026-7733 A flaw has been found in funadmin up to 7 HIGH 7.3 NVD May 04, 2026
CVE-2026-7732 A vulnerability was detected in code-projects BloodBank Managing System 1 MEDIUM 6.3 NVD May 04, 2026
CVE-2026-7731 A security vulnerability has been detected in code-projects BloodBank Managing S MEDIUM 6.3 NVD May 04, 2026
CVE-2026-7730 A weakness has been identified in privsim mcp-test-runner 0 MEDIUM 6.3 NVD May 04, 2026
CVE-2026-7729 A security flaw has been discovered in pixelsock directus-mcp 1 MEDIUM 6.3 NVD May 04, 2026
CVE-2026-7728 A vulnerability was identified in ryanjoachim mcp-rtfm 0 MEDIUM 6.3 NVD May 04, 2026
CVE-2026-7727 A vulnerability was determined in Shandong Hoteam Software PDM Product Data Mana HIGH 7.3 NVD May 04, 2026
CVE-2026-7725 A vulnerability was found in PrefectHQ prefect up to 3 MEDIUM 6.3 NVD May 04, 2026
CVE-2026-7372 Gv-Vms Firmware — A stack overflow vulnerability exists in the WebCam Server L CRITICAL 9.0 NVD May 04, 2026
CVE-2026-7371 Gv-Lpc2011 Firmware — Multiple reflected cross-site scripting (xss) vulnerabilitie HIGH 7.4 NVD May 04, 2026
CVE-2026-7161 Gv-Ip Device Utility — An insufficient encryption vulnerability exists in the Devic CRITICAL 9.3 NVD May 04, 2026
CVE-2026-42370 Gv-Vms Firmware — A stack overflow vulnerability exists in the WebCam Server L CRITICAL 9.0 NVD May 04, 2026
CVE-2026-42369 GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surve CRITICAL 10.0 NVD May 04, 2026
CVE-2026-42368 Gv-Lpc2011 Firmware — A privilege escalation vulnerability exists in the Web Inter CRITICAL 9.9 NVD May 04, 2026
CVE-2026-42367 Gv-Lpc2011 Firmware — A privilege escalation vulnerability exists in the Web Inter MEDIUM 6.5 NVD May 04, 2026
CVE-2026-42366 Gv-Lpc2011 Firmware — Multiple reflected cross-site scripting (xss) vulnerabilitie HIGH 7.4 NVD May 04, 2026
CVE-2026-42365 Gv-Lpc2011 Firmware — A guessable session cookie vulnerability exists in the Web I HIGH 8.6 NVD May 04, 2026
CVE-2026-42364 Gv-Lpc2011 Firmware — An os command injection vulnerability exists in the DdnsSett CRITICAL 9.9 NVD May 04, 2026
CVE-2026-7713 A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4 MEDIUM 6.3 NVD May 04, 2026
CVE-2026-7712 A security vulnerability has been detected in MindsDB up to 26 MEDIUM 6.3 NVD May 04, 2026
CVE-2026-7711 A weakness has been identified in MindsDB up to 26 HIGH 7.3 NVD May 04, 2026
CVE-2026-7710 A security flaw has been discovered in YunaiV yudao-cloud up to 3 HIGH 7.3 NVD May 04, 2026
EDB-52547 [webapps] MindsDB 25.9.1.1 - Path Traversal HIGH N/A EXPLOIT-DB May 04, 2026
EDB-52550 [local] Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation HIGH N/A EXPLOIT-DB May 04, 2026
EDB-52549 [local] Linux nf_tables 6.19.3 - Local Privilege Escalation HIGH N/A EXPLOIT-DB May 04, 2026
EDB-52548 [hardware] Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE) HIGH N/A EXPLOIT-DB May 04, 2026
EDB-52545 [webapps] Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH) HIGH N/A EXPLOIT-DB May 04, 2026
EDB-52546 [local] Windows 11 24H2 - Local Privilege Escalation HIGH N/A EXPLOIT-DB May 04, 2026
CVE-2026-7709 A vulnerability was identified in janeczku Calibre-Web up to 0 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7705 A flaw has been found in JD Cloud JDCOS 4 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7703 A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25 HIGH 7.3 NVD May 03, 2026
CVE-2026-7700 A weakness has been identified in langflow-ai langflow up to 1 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7699 A security flaw has been discovered in Dromara MaxKey up to 3 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7698 A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7 HIGH 7.3 NVD May 03, 2026
CVE-2026-7696 A vulnerability was found in Acrel Electrical EEMS Enterprise Power Operation an MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7695 A vulnerability has been found in Acrel Electrical EEMS Enterprise Power Operati HIGH 7.3 NVD May 03, 2026
CVE-2026-7694 A flaw has been found in Acrel Electrical ECEMS Enterprise Microgrid Energy Effi HIGH 7.3 NVD May 03, 2026
CVE-2026-7692 A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410_221110 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7691 A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410_2 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7690 A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410_221110 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7687 A vulnerability was determined in langflow-ai langflow up to 1 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7685 A vulnerability was detected in Edimax BR-6208AC up to 1 HIGH 8.8 NVD May 03, 2026
CVE-2026-7684 A security vulnerability has been detected in Edimax BR-6428nC up to 1 HIGH 8.8 NVD May 03, 2026
CVE-2026-7683 A weakness has been identified in Edimax BR-6428nC up to 1 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7682 A security flaw has been discovered in Edimax BR-6208AC 1 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-5337 During the analysis, it was identified that authenticated attackers with Subscri MEDIUM 6.5 NVD May 03, 2026
CVE-2026-7681 A security vulnerability has been detected in jsbroks COCO Annotator up to 0 MEDIUM 6.5 NVD May 03, 2026
CVE-2026-5063 The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vuln HIGH 7.2 NVD May 03, 2026
CVE-2026-7679 A security flaw has been discovered in YunaiV yudao-cloud up to 2026 HIGH 7.3 NVD May 03, 2026
CVE-2026-7678 A vulnerability was identified in YunaiV yudao-cloud up to 2026 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7675 A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to HIGH 8.8 NVD May 03, 2026
CVE-2026-7674 A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1 HIGH 8.8 NVD May 03, 2026
CVE-2026-7672 A security vulnerability has been detected in youlaitech youlai-boot up to 2 MEDIUM 6.3 NVD May 03, 2026
CVE-2026-7670 A flaw has been found in Jinher OA 1 HIGH 7.3 NVD May 02, 2026
CVE-2026-7668 A vulnerability was identified in MikroTik RouterOS 6 HIGH 7.3 NVD May 02, 2026
CVE-2026-7642 A vulnerability was detected in pskill9 website-downloader up to 0 MEDIUM 6.3 NVD May 02, 2026
CVE-2026-7633 A vulnerability was identified in Totolink N300RH 6 MEDIUM 6.5 NVD May 02, 2026
CVE-2026-7632 A vulnerability was determined in code-projects Online Hospital Management Syste HIGH 7.3 NVD May 02, 2026
CVE-2026-7630 A vulnerability has been found in innocommerce InnoShop up to 0 HIGH 7.3 NVD May 02, 2026
CVE-2026-7629 A flaw has been found in kleneway awesome-cursor-mpc-server up to 2 MEDIUM 6.3 NVD May 02, 2026
CVE-2026-2554 The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Lis HIGH 8.1 NVD May 02, 2026
CVE-2026-0703 The NextMove Lite – Thank You Page for WooCommerce plugin for WordPress is vulne MEDIUM 6.4 NVD May 02, 2026
CVE-2026-7628 A vulnerability was detected in crazyrabbitLTC mcp-code-review-server up to 0 MEDIUM 6.3 NVD May 02, 2026
CVE-2026-6320 The Salon Booking System – Free Version plugin for WordPress is vulnerable to Ar HIGH 7.5 NVD May 02, 2026
CVE-2026-4100 The Paid Memberships Pro plugin for WordPress is vulnerable to unauthorized modi HIGH 7.1 NVD May 02, 2026
CVE-2026-4062 The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection vi HIGH 7.5 NVD May 02, 2026
CVE-2026-4061 The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection vi HIGH 7.5 NVD May 02, 2026
CVE-2026-4060 The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection vi HIGH 7.5 NVD May 02, 2026
CVE-2026-7627 A security vulnerability has been detected in 8nite metatrader-4-mcp 1 MEDIUM 6.3 NVD May 02, 2026
CVE-2026-7647 The Profile Builder Pro plugin for WordPress is vulnerable to PHP Object Injecti HIGH 8.1 NVD May 02, 2026
CVE-2026-7049 The PixelYourSite Pro – Your smart PIXEL (TAG) Manager plugin for WordPress is v HIGH 7.2 NVD May 02, 2026
CVE-2026-6916 The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates f MEDIUM 6.4 NVD May 02, 2026
CVE-2026-5113 The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Script HIGH 7.2 NVD May 02, 2026
CVE-2026-5112 The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored C HIGH 7.2 NVD May 02, 2026
CVE-2026-5111 The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Script HIGH 7.2 NVD May 02, 2026
CVE-2026-5110 The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored C HIGH 7.2 NVD May 02, 2026
CVE-2026-5109 The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Script HIGH 7.2 NVD May 02, 2026
CVE-2026-7641 The Import and export users and customers plugin for WordPress is vulnerable to HIGH 8.8 NVD May 02, 2026
CVE-2026-7604 A vulnerability was identified in JeecgBoot up to 3 MEDIUM 6.3 NVD May 02, 2026
CVE-2026-7603 A vulnerability was determined in JeecgBoot up to 3 MEDIUM 6.3 NVD May 02, 2026
CVE-2026-7458 The User Verification by PickPlugins plugin for WordPress is vulnerable to authe CRITICAL 9.8 NVD May 02, 2026
CVE-2026-6963 The WP Mail Gateway plugin for WordPress is vulnerable to unauthorized access du HIGH 8.8 NVD May 02, 2026
CVE-2026-4882 The User Registration Advanced Fields plugin for WordPress is vulnerable to arbi CRITICAL 9.8 NVD May 02, 2026
CVE-2026-4658 The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugi MEDIUM 6.4 NVD May 02, 2026
CVE-2025-14726 The Widgets for Social Photo Feed plugin for WordPress is vulnerable to unauthor MEDIUM 6.5 NVD May 02, 2026
CVE-2026-7602 A vulnerability was found in JeecgBoot up to 3 MEDIUM 6.3 NVD May 02, 2026
CVE-2026-7209 The Simple Link Directory plugin for WordPress is vulnerable to Stored Cross-Sit MEDIUM 6.4 NVD May 02, 2026
CVE-2026-6378 The Maxi Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scriptin MEDIUM 6.4 NVD May 02, 2026
CVE-2026-43824 In Argo CD 3 HIGH 7.7 NVD May 02, 2026
CVE-2026-7600 A flaw has been found in ArtMin96 yii2-mcp-server 1 MEDIUM 6.3 NVD May 02, 2026
CVE-2026-7599 A vulnerability was detected in Dayoooun hwpx-mcp 0 MEDIUM 6.3 NVD May 01, 2026
CVE-2026-7598 A security vulnerability has been detected in libssh2 up to 1 HIGH 7.3 NVD May 01, 2026
CVE-2026-7597 A vulnerability was found in mem0ai mem0 up to 1 MEDIUM 6.3 NVD May 01, 2026
CVE-2026-7592 A weakness has been identified in itsourcecode Courier Management System 1 HIGH 7.3 NVD May 01, 2026
CVE-2026-7591 A security flaw has been discovered in TimBroddin astro-mcp-server up to 1 MEDIUM 6.3 NVD May 01, 2026
CVE-2026-7590 A vulnerability was identified in eyal-gor p_69_branch_monkey_mcp up to 69bc7187 HIGH 7.3 NVD May 01, 2026
CVE-2026-30363 flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in HIGH 8.4 NVD May 01, 2026
CVE-2025-52347 An issue in the component DirectIo64 HIGH 7.8 NVD May 01, 2026
CVE-2026-37457 An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() HIGH 7.5 NVD May 01, 2026
CVE-2026-26461 A Command Injection vulnerability in the web management interface in Aver PTC320 MEDIUM 6.5 NVD May 01, 2026
CVE-2025-69606 Cross-Site Scripting (XSS) vulnerability was discovered in the GSVoIP web panel MEDIUM 6.1 NVD May 01, 2026
CVE-2025-63548 Eprosima Micro-XREC-DDS Agent — Denial of service via malformed packet HIGH 7.5 NVD May 01, 2026
CVE-2025-63547 Eprosima Micro-XREC-DDS Agent — MTU field denial of service HIGH 7.5 NVD May 01, 2026
CVE-2026-42485 AGL agl-service-can-low-level — Stack buffer overflow in UDS library HIGH 7.5 NVD May 01, 2026
CVE-2026-42469 Open Vehicle Monitoring System 3 — Buffer overflow in CAN parser HIGH 8.6 NVD May 01, 2026
CVE-2026-42468 Open Vehicle Monitoring System 3 — Buffer overflow in PCAP parser HIGH 8.8 NVD May 01, 2026
CVE-2026-42467 Open-SAE-J1939 — Denial of service via crafted CAN frame HIGH 7.5 NVD May 01, 2026
CVE-2026-37541 Open Vehicle Monitoring System 3 — Buffer overflow in GVRET frames CRITICAL 10.0 NVD May 01, 2026
CVE-2026-37540 OpenAMP — Integer overflow in ELF loader parsing HIGH 8.4 NVD May 01, 2026
CVE-2026-37539 Cannelloni — Buffer overflow in CAN frame parsing CRITICAL 9.8 NVD May 01, 2026
CVE-2026-37538 socketcand — Buffer overflow in main function HIGH 7.5 NVD May 01, 2026
CVE-2026-37537 Open-SAE-J1939 — Integer underflow out-of-bounds write HIGH 8.1 NVD May 01, 2026
CVE-2026-37536 UDS-C — Stack buffer overflow in diagnostic request HIGH 8.8 NVD May 01, 2026
CVE-2026-37535 isotp-c — Out-of-bounds read in frame handler HIGH 7.1 NVD May 01, 2026
CVE-2026-37534 Open-SAE-J1939 — Integer underflow arbitrary memory write CRITICAL 9.8 NVD May 01, 2026
CVE-2026-37532 AGL agl-service-can-low-level — Heap buffer over-read in isotp-c HIGH 7.1 NVD May 01, 2026
CVE-2026-37531 AGL app-framework-main — Zip Slip path traversal vulnerability CRITICAL 9.8 NVD May 01, 2026
CVE-2026-37530 AGL agl-service-can-low-level — Stack buffer overflow in UDS HIGH 7.5 NVD May 01, 2026
CVE-2026-37526 AGL app-framework-binder — Unauthenticated privileged command execution HIGH 7.8 NVD May 01, 2026
CVE-2026-37525 AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The on_supervision HIGH 7.8 NVD May 01, 2026
CVE-2026-42475 SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted `on` array to the joinOn function in BuildHelper.php. MEDIUM 6.5 NVD May 01, 2026
CVE-2026-42474 SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted `data` array to the data function in BuildHelper.php. MEDIUM 6.5 NVD May 01, 2026
CVE-2026-42473 Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from the filesystem CRITICAL 9.8 NVD May 01, 2026
CVE-2026-42472 Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from Redis in the R CRITICAL 9.8 NVD May 01, 2026
CVE-2026-42471 Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke client (Connection.php:76) calls unserialize() on data recei HIGH 8.1 NVD May 01, 2026
CVE-2026-37554 An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the Geo HIGH 7.5 NVD May 01, 2026
CVE-2026-37552 Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke TCP server (Server.php:87) receives data from a TCP socket, HIGH 8.4 NVD May 01, 2026
CVE-2026-37503 Cross-Site Scripting (XSS) in V2Board thru 1.7.4. The custom_html field in theme configuration is rendered using Blade unescaped output in public/them MEDIUM 6.9 NVD May 01, 2026
CVE-2026-23863 An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedd MEDIUM 6.5 NVD May 01, 2026
CVE-2026-22167 Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. HIGH 7.8 NVD May 01, 2026
CVE-2026-22166 A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space sha HIGH 8.1 NVD May 01, 2026
CVE-2026-22165 A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space s HIGH 8.1 NVD May 01, 2026
CVE-2026-31739 In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - Add missing CRYPTO_ALG_ASYNC The tegra crypto driver failed to s HIGH 8.8 NVD May 01, 2026
CVE-2026-31735 In the Linux kernel, the following vulnerability has been resolved: iommupt: Fix short gather if the unmap goes into a large mapping unmap has the o HIGH 8.8 NVD May 01, 2026
CVE-2026-31712 ksmbd — Insufficient ACE size validation in DACL HIGH 8.3 NVD May 01, 2026
CVE-2026-31711 Ksmbd — Active connection counter leak on failure HIGH 7.5 NVD May 01, 2026
CVE-2026-31709 Linux Kernel — SMB client DACL validation vulnerability HIGH 8.8 NVD May 01, 2026
CVE-2026-31708 Linux Kernel — SMB client out-of-bounds read vulnerability HIGH 8.1 NVD May 01, 2026
CVE-2026-31707 Linux Kernel — KSMBD integer overflow in response validation HIGH 7.1 NVD May 01, 2026
CVE-2026-31706 Linux Kernel — SMB DACL heap allocation validation flaw HIGH 8.8 NVD May 01, 2026
CVE-2026-31705 Linux Kernel — Out-of-bounds write in SMB2 EA handling CRITICAL 9.8 NVD May 01, 2026
CVE-2026-31703 Linux Kernel — Use after free in inode writeback HIGH 7.8 NVD May 01, 2026
CVE-2026-31700 Linux Kernel — TOCTOU race in packet mmap vnet_hdr HIGH 7.8 NVD May 01, 2026
CVE-2026-31699 Linux Kernel — CCP crypto userspace buffer overflow HIGH 7.1 NVD May 01, 2026
CVE-2026-31698 Linux Kernel — PDH cert copy after failed PSP command HIGH 7.1 NVD May 01, 2026
CVE-2026-31697 Linux Kernel — Information disclosure in crypto CCP driver HIGH 7.1 NVD May 01, 2026
CVE-2026-31695 Linux Kernel — Use-after-free in virt_wifi device unregistration HIGH 7.8 NVD May 01, 2026
CVE-2026-31694 FUSE — Oversized dirents page cache rejection HIGH 7.8 NVD May 01, 2026
CVE-2026-31431 Linux - Kernel CRITICAL N/A CISA May 01, 2026
CVE-2026-41940 WebPros - cPanel & WHM and WP2 (WordPress Squared) CRITICAL N/A CISA Apr 30, 2026
EDB-52537 [local] Windows 11 25H2 - Heap Overflow HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52536 [webapps] JUNG Smart Visu Server 1.1.1050 - Dos HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52535 [webapps] SumatraPDF 3.5.2 - Remote Code Execution HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52534 [webapps] NiceGUI 3.6.1 - Path Traversal HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52533 [webapps] Frigate NVR 0.16.3 - Remote Code Execution HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52532 [webapps] Js2Py 0.74 - RCE HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52531 [webapps] Camaleon CMS v2.9.0 - Path Traversal HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52530 [webapps] Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52529 [webapps] Erugo 0.2.14 - Remote Code Execution (RCE) HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52528 [webapps] deephas 1.0.7 - Prototype Pollution HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52527 [webapps] SUSE Manager 4.3.15 - Code Execution HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52544 [webapps] FUXA 1.2.8 - Authentication Bypass + RCE Exploit HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52543 [webapps] Python-Multipart 0.0.22 - Path Traversal HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52542 [local] Google Chrome 145.0.7632.75 - CSSFontFeatureValuesMap HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52541 [local] Windows 11 23H2 - Denial of Service (DoS) HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52540 [webapps] Repetier-Server 1.4.10 - Path Traversal HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52539 [webapps] HUSTOJ Zip-Slip v26.01.24 - RCE HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52538 [webapps] BusyBox 1.37.0 - Path Traversal HIGH N/A EXPLOIT-DB Apr 30, 2026
EDB-52525 [webapps] Craft CMS 5.6.16 - RCE HIGH N/A EXPLOIT-DB Apr 29, 2026
EDB-52526 [webapps] HAX CMS 24.x - Stored Cross-Site Scripting (XSS) HIGH N/A EXPLOIT-DB Apr 29, 2026
CVE-2024-1708 ConnectWise - ScreenConnect CRITICAL N/A CISA Apr 28, 2026
CVE-2026-32202 Microsoft - Windows CRITICAL N/A CISA Apr 28, 2026
CVE-2024-7399 Samsung - MagicINFO 9 Server CRITICAL N/A CISA Apr 24, 2026
CVE-2025-29635 D-Link - DIR-823X CRITICAL N/A CISA Apr 24, 2026
CVE-2024-57726 SimpleHelp - SimpleHelp CRITICAL N/A CISA Apr 24, 2026
CVE-2024-57728 SimpleHelp - SimpleHelp CRITICAL N/A CISA Apr 24, 2026
CVE-2026-39987 Marimo - Marimo CRITICAL N/A CISA Apr 23, 2026
ANSSI- [ANSSI AVIS] Multiples vulnérabilités dans Mattermost Server (23 avril 2026) HIGH N/A ANSSI Apr 23, 2026
CVE-2026-33825 Microsoft - Defender CRITICAL N/A CISA Apr 22, 2026
CVE-2026-20122 Cisco - Catalyst SD-WAN Manger CRITICAL N/A CISA Apr 20, 2026
CVE-2025-48700 Synacor - Zimbra Collaboration Suite (ZCS) CRITICAL N/A CISA Apr 20, 2026
CVE-2023-27351 PaperCut - NG/MF CRITICAL N/A CISA Apr 20, 2026
CVE-2025-2749 Kentico - Kentico Xperience CRITICAL N/A CISA Apr 20, 2026
CVE-2025-32975 Quest - KACE Systems Management Appliance (SMA) CRITICAL N/A CISA Apr 20, 2026
CVE-2024-27199 JetBrains - TeamCity CRITICAL N/A CISA Apr 20, 2026
CVE-2026-20133 Cisco - Catalyst SD-WAN Manager CRITICAL N/A CISA Apr 20, 2026
CVE-2026-20128 Cisco - Catalyst SD-WAN Manager CRITICAL N/A CISA Apr 20, 2026
CVE-2026-34197 Apache - ActiveMQ CRITICAL N/A CISA Apr 16, 2026
CVE-2009-0238 Microsoft - Office CRITICAL N/A CISA Apr 14, 2026
2054 results