CVEs from 2026
Total
13,469
critical
critical 1,177
high
high 4,294
medium
medium 4,171
low
low 446
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-31379 | medium | 6.1 | 6.1 | 13d ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Control of Generation of… | |||
| CVE-2026-34000 | medium | 6.1 | 6.1 | 13d ago | A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an at… | |||
| CVE-2026-45243 | medium | 6.1 | 6.1 | 13d ago | Summarize contains a missing authorization vulnerability | |||
| CVE-2026-45231 | medium | 6.1 | 6.1 | 13d ago | DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags that are stored without server-side san… | |||
| CVE-2026-45494 | medium | 6.1 | 6.1 | 13d ago | Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||
| CVE-2026-29965 | medium | 6.1 | 6.1 | 13d ago | HSC MailInspector 5.3.3-7 is vulnerable to Cross Site Scripting (XSS) in the /police/WarningUrlPage.php endpoint due to improper neutralization of user-supplied input that uses alternate or obfuscate… | |||
| CVE-2026-29964 | medium | 6.1 | 6.1 | 13d ago | HSC MailInspector v5.3.3-7 contains a Cross-Site Scripting (XSS) vulnerability in the /tap/tap.php endpoint due to improper neutralization of user-controlled input using alternate or obfuscated JavaS… | |||
| CVE-2026-8656 | medium | 6.1 | 6.1 | 16d ago | Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Cross-site Scripting (XSS) via the annotated formatter due to improper sanitization of JSON values and property names. If an appli… | |||
| CVE-2026-44366 | medium | 6.1 | 6.1 | 16d ago | Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.1, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Vvveb CMS com… | |||
| CVE-2026-45314 | medium | 6.1 | 6.1 | 17d ago | Open WebUI has XSS via SVG in /api/v1/channels/webhooks/{webhook_id}/profile/image | |||
| CVE-2026-44898 | medium | 6.1 | 6.1 | 17d ago | Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, render_toc_ul() builds a <ul> table-of-contents tree from a list of (level, id, text) tuples. Both the id value (used a… | |||
| CVE-2026-41932 | medium | 6.1 | 6.1 | 17d ago | Vvveb before 1.0.8.3 contains a stored cross-site scripting vulnerability in the customer signup flow where the Signup::addUser() controller copies raw POST username values into the display_name fiel… | |||
| CVE-2026-24710 | medium | 6.1 | 6.1 | 17d ago | Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 allows XSS. | |||
| CVE-2026-6417 | medium | 6.1 | 6.1 | 18d ago | The GLS Shipping for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'failed_orders' parameter in all versions up to, and including, 1.4.0 due to insufficient… | |||
| CVE-2026-44437 | medium | 6.1 | 6.1 | 18d ago | The Angular SSR is a server-rise rendering tool for Angular applications. From 19.0.0-next.0 to before 19.2.25, 20.3.25, 21.2.9, and 22.0.0-next.7, a vulnerability exists in the X-Forwarded-Prefix he… | |||
| CVE-2026-44372 | medium | 6.1 | 6.1 | 18d ago | Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could turn a redirect route rule using wildcards rewrite into a cross-host redirect by sliding an extra slash in after… | |||
| CVE-2026-8496 | medium | 6.1 | 6.1 | 18d ago | A cross-site scripting (XSS) vulnerability exists in Alinto SOGo, version 5.12.7. A maliciously crafted ICS calendar invitation files allows arbitrary JavaScript execution within the authenticated S… | |||
| CVE-2026-41255 | medium | 6.1 | 6.1 | 18d ago | CKAN has CSRF exemption primed by anonymous requests | |||
| CVE-2026-44580 | medium | 6.1 | 6.1 | 18d ago | Next.js has cross-site scripting in beforeInteractive scripts with untrusted input | |||
| CVE-2026-45028 | medium | 6.1 | 6.1 | 18d ago | Astro: Server island encrypted parameters vulnerable to cross-component replay | |||
| CVE-2026-44665 | medium | 6.1 | 6.1 | 18d ago | fast-xml-builder allows attribute values with unwanted quotes to bypass malicious or unwanted attributes | |||
| CVE-2026-44664 | medium | 6.1 | 6.1 | 18d ago | fast-xml-builder Comment Value regex can be bypassed | |||
| CVE-2026-44455 | medium | 6.1 | 6.1 | 18d ago | hono/jsx has Unvalidated JSX Tag Names that May Allow HTML Injection | |||
| CVE-2026-44245 | medium | 6.1 | 6.1 | 19d ago | Kyverno policy-reporter-ui has XSS via Stored Property Values in PropertyCard Component | |||
| CVE-2026-42338 | medium | 6.1 | 6.1 | 19d ago | ip-address has XSS in Address6 HTML-emitting methods | |||
| CVE-2026-20771 | medium | 6.1 | 6.1 | 19d ago | Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an… | |||
| CVE-2026-33862 | medium | 6.1 | 6.1 | 20d ago | A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All … | |||
| CVE-2026-7561 | medium | 6.1 | 6.1 | 20d ago | The Tm – WordPress Redirection plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on a fu… | |||
| CVE-2026-7464 | medium | 6.1 | 6.1 | 20d ago | The WP Google Maps Integration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `page` parameter in all versions up to, and including, 1.2. This is due to insufficient inp… | |||
| CVE-2026-7437 | medium | 6.1 | 6.1 | 20d ago | The AzonPost plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `editpos_hidden` parameter in all versions up to, and including, 1.3. This is due to insufficient input sanit… | |||
| CVE-2026-6808 | medium | 6.1 | 6.1 | 20d ago | The Pricing Tables for WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.1.0. This is due to insufficient input … | |||
| CVE-2026-1681 | medium | 6.1 | 6.1 | 20d ago | Issuing an ICMP ping via the `net ping` shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the d… | |||
| CVE-2026-40137 | medium | 6.1 | 6.1 | 20d ago | SAP TAF_APPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially e… | |||
| CVE-2026-42554 | medium | 6.1 | 6.1 | 20d ago | Fiber vulnerable to XSS in AutoFormat Content Negotiation | |||
| CVE-2026-42872 | medium | 6.1 | 6.1 | 20d ago | WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a reflected Cross-Site Scripting (XSS) vulnerability exists in lista_arquivos_etapa.php due to improper handling of use… | |||
| CVE-2026-45222 | medium | 6.1 | 6.1 | 20d ago | @steipete/summarize allows local attackers to read bearer tokens and API credentials stored in ~/.summarize/daemon.json | |||
| CVE-2026-34095 | medium | 6.1 | 6.1 | 20d ago | Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/ActionEntryPoint.Php, includes/Request/FauxResponse.Php. This issue affects … | |||
| CVE-2026-36906 | medium | 6.1 | 6.1 | 20d ago | Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function | |||
| CVE-2026-6735 | medium | 6.1 | 6.1 | 22d ago | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause t… | |||
| CVE-2026-42030 | medium | 6.1 | 6.1 | 23d ago | MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker t… | |||
| CVE-2026-42794 | medium | 6.1 | 6.1 | 23d ago | absinthe_plug Has a Cross-site Scripting vulnerability | |||
| CVE-2026-41575 | medium | 6.1 | 6.1 | 23d ago | In th30d4y/IP from version 1.0.1 to before version 2.0.1, a DOM-Based Cross-Site Scripting (XSS) vulnerability was identified in an IP Reputation Checker application. Unsanitized user input was direc… | |||
| CVE-2026-40295 | medium | 6.1 | 6.1 | 24d ago | Devise has an Open Redirect via Unvalidated `request.referrer` in Timeoutable Session Timeout Handler | |||
| CVE-2026-8106 | medium | 6.1 | 6.1 | 24d ago | A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirect_to query parameter on the /setup/… | |||
| CVE-2026-41929 | medium | 6.1 | 6.1 | 24d ago | Vvveb before 1.0.8.2 contains an unauthenticated reflected cross-site scripting vulnerability in the visual editor preview renderer that allows attackers to execute arbitrary JavaScript by manipulati… | |||
| CVE-2026-32207 | medium | 6.1 | 6.1 | 24d ago | <p>Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.</p> | |||
| CVE-2026-39826 | medium | 6.1 | 6.1 | 24d ago | If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape a… | |||
| CVE-2026-39823 | medium | 6.1 | 6.1 | 24d ago | CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune ins… | |||
| CVE-2026-44742 | medium | 6.1 | 6.1 | 24d ago | Postorius is vulnerable to XSS | |||
| CVE-2026-41650 | medium | 6.1 | 6.1 | 24d ago | fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters | |||
| CVE-2026-7953 | medium | 6.1 | 6.1 | 25d ago | Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chro… | |||
| CVE-2026-42509 | medium | 6.1 | 6.1 | 26d ago | Apache Wicket has a Cross-site Scripting issue | |||
| CVE-2026-35254 | medium | 6.1 | 6.1 | 26d ago | Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with netw… | |||
| CVE-2026-38947 | medium | 6.1 | 6.1 | 26d ago | FluentCMS 1.2.3 is vulnerable to Cross Site Scripting (XSS) in TextHTML plugin. | |||
| CVE-2026-42207 | medium | 6.1 | 6.1 | 26d ago | Magento LTS Vulnerable to Open Redirect via Unvalidated `uenc` Parameter in `stockAction()` | |||
| CVE-2026-43878 | medium | 6.1 | 6.1 | 26d ago | Video: Reflected XSS in plugin/Meet/iframe.php via Unescaped user and pass Parameters in JavaScript String Literal | |||
| CVE-2026-38432 | medium | 6.1 | 6.1 | 26d ago | ERPNext v15.103.1 and before is vulnerable to Cross Site Scripting (XSS) in the Email Template engine. An attacker with permission to create or edit email templates can inject malicious JavaScript co… | |||
| CVE-2026-34002 | medium | 6.1 | 6.1 | 26d ago | A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit … | |||
| CVE-2026-6704 | medium | 6.1 | 6.1 | 27d ago | The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitizati… | |||
| CVE-2026-6702 | medium | 6.1 | 6.1 | 27d ago | The Publish 2 Ping.fm plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the '/wp-admi… | |||
| CVE-2026-6696 | medium | 6.1 | 6.1 | 27d ago | The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email', 'first_name', 'last_name', and 'phone' parameters on the plugin's sign-up admin page in… | |||
| CVE-2026-42230 | medium | 6.1 | 6.1 | 27d ago | n8n has Open Redirect in MCP OAuth Consent Flow | |||
| CVE-2026-42144 | medium | 6.1 | 6.1 | 27d ago | CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory all… | |||
| CVE-2026-42138 | medium | 6.1 | 6.1 | 27d ago | Dify is an open-source LLM app development platform. Prior to version 1.13.1, using the method POST /api/files/upload, any unauthenticated user can upload an SVG file with XSS. The method POST /v1/fi… | |||
| CVE-2026-38669 | medium | 6.1 | 6.1 | 27d ago | wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog. | |||
| CVE-2026-7371 | medium | 6.1 | 6.1 | 28d ago | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an ar… | |||
| CVE-2026-42366 | medium | 6.1 | 6.1 | 28d ago | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an ar… | |||
| CVE-2026-36763 | medium | 6.1 | 6.1 | 1mo ago | A stored cross-site scripting (XSS) vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted… | |||
| CVE-2026-36761 | medium | 6.1 | 6.1 | 1mo ago | A stored cross-site scripting (XSS) vulnerability in the /msg/msgInner/save endpoint of JeeSite v5.15.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into th… | |||
| CVE-2026-38940 | medium | 6.1 | 6.1 | 1mo ago | Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detail_produk.php component | |||
| CVE-2026-38939 | medium | 6.1 | 6.1 | 1mo ago | Cross Site Scripting vulnerability in andrewtch88 mvc-ecommerce v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the product_catalogue.php component | |||
| CVE-2026-41661 | medium | 6.1 | 6.1 | 1mo ago | Admidio vulnerable to reflected XSS in msg_window.php via Square Bracket to HTML Tag Conversion | |||
| CVE-2026-2902 | medium | 6.1 | 6.1 | 1mo ago | The WP Meteor Website Speed Optimization Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'frontend_rewrite' function's 'WPMETEOR[N]WPMETEOR' placeholder content in all… | |||
| CVE-2026-37750 | medium | 6.1 | 6.1 | 1mo ago | A reflected Cross-Site Scripting (XSS) vulnerability in School Management System by mahmoudai1 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim's browsers via the uns… | |||
| CVE-2026-41915 | medium | 6.1 | 6.1 | 1mo ago | OpenClaw: GIT_DIR and related git plumbing env vars missing from exec env denylist (GHSA-m866-6qv5-p2fg variant) | |||
| CVE-2026-41391 | medium | 6.1 | 6.1 | 1mo ago | OpenClaw: PIP_INDEX_URL and UV_INDEX_URL bypass host exec env sanitization and redirect Python package-index traffic | |||
| CVE-2026-41373 | medium | 6.1 | 6.1 | 1mo ago | OpenClaw: Incomplete host-env-security-policy allows untrusted model to substitute compiler binaries via env overrides | |||
| CVE-2026-40979 | medium | 6.1 | 6.1 | 1mo ago | Spring AI's ONNX model cache defaults to world-writable predictable /tmp directory | |||
| CVE-2026-7233 | medium | 6.1 | 6.1 | 1mo ago | A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulatio… | |||
| CVE-2026-29971 | medium | 6.1 | 6.1 | 1mo ago | A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version before 2.32.0 and fixed in v.2.32.0. User-controlled input is reflected into HTML and JavaScript contexts without pro… | |||
| CVE-2026-41472 | medium | 6.1 | 6.1 | 1mo ago | CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows una… | |||
| CVE-2026-41426 | medium | 6.1 | 6.1 | 1mo ago | pretalx is a conference planning tool. Prior to 2026.1.0, an unauthenticated attacker can send arbitrary HTML-rendered emails from a pretalx instance's configured sender address by embedding malforme… | |||
| CVE-2026-41430 | medium | 6.1 | 6.1 | 1mo ago | Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Redirect parameter on login page is vulnerable to reflected XSS… | |||
| CVE-2026-41240 | medium | 6.1 | 6.1 | 1mo ago | DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions prior to 3.4.0 have an inconsistency between FORBID_TAGS and FORBID_ATTR handling when function-based ADD_TA… | |||
| CVE-2026-6019 | medium | 6.1 | 6.1 | 1mo ago | http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence </script> inside the gen… | |||
| CVE-2026-6835 | medium | 6.1 | 6.1 | 1mo ago | The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including HTML documents, which may result … | |||
| CVE-2026-33812 | medium | 6.1 | 6.1 | 1mo ago | Parsing a malicious font file can cause excessive memory allocation. | |||
| CVE-2026-33436 | medium | 6.1 | 6.1 | 1mo ago | Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. In versions prior to 2.0.0, file upload endpoints render user-supplied filenames directly into HTML … | |||
| CVE-2026-20059 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. T… | |||
| CVE-2026-33822 | medium | 6.1 | 6.1 | 2mo ago | Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |||
| CVE-2026-32196 | medium | 6.1 | 6.1 | 2mo ago | Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2026-35667 | medium | 6.1 | 6.1 | 2mo ago | OpenClaw has incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in `!stop` Chat Command via `shell-utils.ts` | |||
| CVE-2026-35404 | medium | 6.1 | 6.1 | 2mo ago | Open edX Platform enables the authoring and delivery of online learning at any scale. The view_survey endpoint accepts a redirect_url GET parameter that is passed directly to HttpResponseRedirect() w… | |||
| CVE-2026-22675 | medium | 6.1 | 6.1 | 2mo ago | OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript by submitting malicious User… | |||
| CVE-2026-5467 | medium | 6.1 | 6.1 | 2mo ago | Casdoor vulnerable to Open Redirect | |||
| CVE-2026-5332 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cros… | |||
| CVE-2026-30526 | medium | 6.1 | 6.1 | 2mo ago | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Zoo Management System v1.0. The vulnerability is located in the login page, specifically within the msg parameter. The ap… | |||
| CVE-2026-5255 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability was detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /delstaffinfo.php of the component Parameter Handler. The manipulation of the argumen… | |||
| CVE-2026-30567 | medium | 6.1 | 6.1 | 2mo ago | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_product.php file via the "limit" parameter. The application fails to sanitize … | |||
| CVE-2026-29969 | medium | 6.1 | 6.1 | 2mo ago | A cross-site scripting (XSS) vulnerability in the wff_cols_pref.css.aspx endpoint of staffwiki v7.0.1.19219 allows attackers to execute arbitrary Javascript in the context of the user's browser via a… |