CVEs from 2026
Total
13,610
critical
critical 1,176
high
high 4,272
medium
medium 4,144
low
low 441
% Critical
8.6%
% with KEV
0.4%
% with exploit
0.7%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44665 | medium | 6.1 | 6.1 | 17d ago | fast-xml-builder allows attribute values with unwanted quotes to bypass malicious or unwanted attributes | |||
| CVE-2026-44664 | medium | 6.1 | 6.1 | 17d ago | fast-xml-builder Comment Value regex can be bypassed | |||
| CVE-2026-44455 | medium | 6.1 | 6.1 | 17d ago | hono/jsx has Unvalidated JSX Tag Names that May Allow HTML Injection | |||
| CVE-2026-44245 | medium | 6.1 | 6.1 | 18d ago | Kyverno policy-reporter-ui has XSS via Stored Property Values in PropertyCard Component | |||
| CVE-2026-42338 | medium | 6.1 | 6.1 | 18d ago | ip-address has XSS in Address6 HTML-emitting methods | |||
| CVE-2026-20771 | medium | 6.1 | 6.1 | 18d ago | Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an… | |||
| CVE-2026-33862 | medium | 6.1 | 6.1 | 18d ago | A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All … | |||
| CVE-2026-7561 | medium | 6.1 | 6.1 | 18d ago | The Tm – WordPress Redirection plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on a fu… | |||
| CVE-2026-7464 | medium | 6.1 | 6.1 | 18d ago | The WP Google Maps Integration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `page` parameter in all versions up to, and including, 1.2. This is due to insufficient inp… | |||
| CVE-2026-7437 | medium | 6.1 | 6.1 | 18d ago | The AzonPost plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `editpos_hidden` parameter in all versions up to, and including, 1.3. This is due to insufficient input sanit… | |||
| CVE-2026-6808 | medium | 6.1 | 6.1 | 18d ago | The Pricing Tables for WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.1.0. This is due to insufficient input … | |||
| CVE-2026-1681 | medium | 6.1 | 6.1 | 18d ago | Issuing an ICMP ping via the `net ping` shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the d… | |||
| CVE-2026-40137 | medium | 6.1 | 6.1 | 19d ago | SAP TAF_APPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially e… | |||
| CVE-2026-42554 | medium | 6.1 | 6.1 | 19d ago | Fiber vulnerable to XSS in AutoFormat Content Negotiation | |||
| CVE-2026-42872 | medium | 6.1 | 6.1 | 19d ago | WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a reflected Cross-Site Scripting (XSS) vulnerability exists in lista_arquivos_etapa.php due to improper handling of use… | |||
| CVE-2026-45222 | medium | 6.1 | 6.1 | 19d ago | @steipete/summarize allows local attackers to read bearer tokens and API credentials stored in ~/.summarize/daemon.json | |||
| CVE-2026-34095 | medium | 6.1 | 6.1 | 19d ago | Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/ActionEntryPoint.Php, includes/Request/FauxResponse.Php. This issue affects … | |||
| CVE-2026-36906 | medium | 6.1 | 6.1 | 19d ago | Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function | |||
| CVE-2026-6735 | medium | 6.1 | 6.1 | 21d ago | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause t… | |||
| CVE-2026-42030 | medium | 6.1 | 6.1 | 22d ago | MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker t… | |||
| CVE-2026-42794 | medium | 6.1 | 6.1 | 22d ago | absinthe_plug Has a Cross-site Scripting vulnerability | |||
| CVE-2026-41575 | medium | 6.1 | 6.1 | 22d ago | In th30d4y/IP from version 1.0.1 to before version 2.0.1, a DOM-Based Cross-Site Scripting (XSS) vulnerability was identified in an IP Reputation Checker application. Unsanitized user input was direc… | |||
| CVE-2026-40295 | medium | 6.1 | 6.1 | 23d ago | Devise has an Open Redirect via Unvalidated `request.referrer` in Timeoutable Session Timeout Handler | |||
| CVE-2026-8106 | medium | 6.1 | 6.1 | 23d ago | A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirect_to query parameter on the /setup/… | |||
| CVE-2026-41929 | medium | 6.1 | 6.1 | 23d ago | Vvveb before 1.0.8.2 contains an unauthenticated reflected cross-site scripting vulnerability in the visual editor preview renderer that allows attackers to execute arbitrary JavaScript by manipulati… | |||
| CVE-2026-32207 | medium | 6.1 | 6.1 | 23d ago | <p>Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.</p> | |||
| CVE-2026-39826 | medium | 6.1 | 6.1 | 23d ago | If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape a… | |||
| CVE-2026-39823 | medium | 6.1 | 6.1 | 23d ago | CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune ins… | |||
| CVE-2026-44742 | medium | 6.1 | 6.1 | 23d ago | Postorius is vulnerable to XSS | |||
| CVE-2026-41650 | medium | 6.1 | 6.1 | 23d ago | fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters | |||
| CVE-2026-7953 | medium | 6.1 | 6.1 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-42509 | medium | 6.1 | 6.1 | 24d ago | Apache Wicket has a Cross-site Scripting issue | |||
| CVE-2026-35254 | medium | 6.1 | 6.1 | 24d ago | Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with netw… | |||
| CVE-2026-38947 | medium | 6.1 | 6.1 | 25d ago | FluentCMS 1.2.3 is vulnerable to Cross Site Scripting (XSS) in TextHTML plugin. | |||
| CVE-2026-42207 | medium | 6.1 | 6.1 | 25d ago | Magento LTS Vulnerable to Open Redirect via Unvalidated `uenc` Parameter in `stockAction()` | |||
| CVE-2026-43878 | medium | 6.1 | 6.1 | 25d ago | Video: Reflected XSS in plugin/Meet/iframe.php via Unescaped user and pass Parameters in JavaScript String Literal | |||
| CVE-2026-38432 | medium | 6.1 | 6.1 | 25d ago | ERPNext v15.103.1 and before is vulnerable to Cross Site Scripting (XSS) in the Email Template engine. An attacker with permission to create or edit email templates can inject malicious JavaScript co… | |||
| CVE-2026-34002 | medium | 6.1 | 6.1 | 25d ago | A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit … | |||
| CVE-2026-6704 | medium | 6.1 | 6.1 | 26d ago | The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitizati… | |||
| CVE-2026-6702 | medium | 6.1 | 6.1 | 26d ago | The Publish 2 Ping.fm plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the '/wp-admi… | |||
| CVE-2026-6696 | medium | 6.1 | 6.1 | 26d ago | The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email', 'first_name', 'last_name', and 'phone' parameters on the plugin's sign-up admin page in… | |||
| CVE-2026-42230 | medium | 6.1 | 6.1 | 26d ago | n8n has Open Redirect in MCP OAuth Consent Flow | |||
| CVE-2026-42144 | medium | 6.1 | 6.1 | 26d ago | CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory all… | |||
| CVE-2026-42138 | medium | 6.1 | 6.1 | 26d ago | Dify is an open-source LLM app development platform. Prior to version 1.13.1, using the method POST /api/files/upload, any unauthenticated user can upload an SVG file with XSS. The method POST /v1/fi… | |||
| CVE-2026-38669 | medium | 6.1 | 6.1 | 26d ago | wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog. | |||
| CVE-2026-7371 | medium | 6.1 | 6.1 | 27d ago | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an ar… | |||
| CVE-2026-42366 | medium | 6.1 | 6.1 | 27d ago | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an ar… | |||
| CVE-2026-36763 | medium | 6.1 | 6.1 | 1mo ago | A stored cross-site scripting (XSS) vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted… | |||
| CVE-2026-36761 | medium | 6.1 | 6.1 | 1mo ago | A stored cross-site scripting (XSS) vulnerability in the /msg/msgInner/save endpoint of JeeSite v5.15.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into th… | |||
| CVE-2026-38940 | medium | 6.1 | 6.1 | 1mo ago | Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detail_produk.php component | |||
| CVE-2026-38939 | medium | 6.1 | 6.1 | 1mo ago | Cross Site Scripting vulnerability in andrewtch88 mvc-ecommerce v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the product_catalogue.php component | |||
| CVE-2026-41661 | medium | 6.1 | 6.1 | 1mo ago | Admidio vulnerable to reflected XSS in msg_window.php via Square Bracket to HTML Tag Conversion | |||
| CVE-2026-2902 | medium | 6.1 | 6.1 | 1mo ago | The WP Meteor Website Speed Optimization Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'frontend_rewrite' function's 'WPMETEOR[N]WPMETEOR' placeholder content in all… | |||
| CVE-2026-37750 | medium | 6.1 | 6.1 | 1mo ago | A reflected Cross-Site Scripting (XSS) vulnerability in School Management System by mahmoudai1 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim's browsers via the uns… | |||
| CVE-2026-41915 | medium | 6.1 | 6.1 | 1mo ago | OpenClaw: GIT_DIR and related git plumbing env vars missing from exec env denylist (GHSA-m866-6qv5-p2fg variant) | |||
| CVE-2026-41391 | medium | 6.1 | 6.1 | 1mo ago | OpenClaw: PIP_INDEX_URL and UV_INDEX_URL bypass host exec env sanitization and redirect Python package-index traffic | |||
| CVE-2026-41373 | medium | 6.1 | 6.1 | 1mo ago | OpenClaw: Incomplete host-env-security-policy allows untrusted model to substitute compiler binaries via env overrides | |||
| CVE-2026-40979 | medium | 6.1 | 6.1 | 1mo ago | Spring AI's ONNX model cache defaults to world-writable predictable /tmp directory | |||
| CVE-2026-7233 | medium | 6.1 | 6.1 | 1mo ago | A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulatio… | |||
| CVE-2026-29971 | medium | 6.1 | 6.1 | 1mo ago | A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version before 2.32.0 and fixed in v.2.32.0. User-controlled input is reflected into HTML and JavaScript contexts without pro… | |||
| CVE-2026-41472 | medium | 6.1 | 6.1 | 1mo ago | CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows una… | |||
| CVE-2026-41426 | medium | 6.1 | 6.1 | 1mo ago | pretalx is a conference planning tool. Prior to 2026.1.0, an unauthenticated attacker can send arbitrary HTML-rendered emails from a pretalx instance's configured sender address by embedding malforme… | |||
| CVE-2026-41430 | medium | 6.1 | 6.1 | 1mo ago | Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Redirect parameter on login page is vulnerable to reflected XSS… | |||
| CVE-2026-41240 | medium | 6.1 | 6.1 | 1mo ago | DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions prior to 3.4.0 have an inconsistency between FORBID_TAGS and FORBID_ATTR handling when function-based ADD_TA… | |||
| CVE-2026-6019 | medium | 6.1 | 6.1 | 1mo ago | http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence </script> inside the gen… | |||
| CVE-2026-6835 | medium | 6.1 | 6.1 | 1mo ago | The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including HTML documents, which may result … | |||
| CVE-2026-33812 | medium | 6.1 | 6.1 | 1mo ago | Parsing a malicious font file can cause excessive memory allocation. | |||
| CVE-2026-33436 | medium | 6.1 | 6.1 | 1mo ago | Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. In versions prior to 2.0.0, file upload endpoints render user-supplied filenames directly into HTML … | |||
| CVE-2026-20059 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. T… | |||
| CVE-2026-33822 | medium | 6.1 | 6.1 | 2mo ago | Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |||
| CVE-2026-32196 | medium | 6.1 | 6.1 | 2mo ago | Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2026-35667 | medium | 6.1 | 6.1 | 2mo ago | OpenClaw has incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in `!stop` Chat Command via `shell-utils.ts` | |||
| CVE-2026-35404 | medium | 6.1 | 6.1 | 2mo ago | Open edX Platform enables the authoring and delivery of online learning at any scale. The view_survey endpoint accepts a redirect_url GET parameter that is passed directly to HttpResponseRedirect() w… | |||
| CVE-2026-22675 | medium | 6.1 | 6.1 | 2mo ago | OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript by submitting malicious User… | |||
| CVE-2026-5467 | medium | 6.1 | 6.1 | 2mo ago | Casdoor vulnerable to Open Redirect | |||
| CVE-2026-5332 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cros… | |||
| CVE-2026-30526 | medium | 6.1 | 6.1 | 2mo ago | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Zoo Management System v1.0. The vulnerability is located in the login page, specifically within the msg parameter. The ap… | |||
| CVE-2026-5255 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability was detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /delstaffinfo.php of the component Parameter Handler. The manipulation of the argumen… | |||
| CVE-2026-30567 | medium | 6.1 | 6.1 | 2mo ago | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_product.php file via the "limit" parameter. The application fails to sanitize … | |||
| CVE-2026-29969 | medium | 6.1 | 6.1 | 2mo ago | A cross-site scripting (XSS) vulnerability in the wff_cols_pref.css.aspx endpoint of staffwiki v7.0.1.19219 allows attackers to execute arbitrary Javascript in the context of the user's browser via a… | |||
| CVE-2026-34071 | medium | 6.1 | 6.1 | 2mo ago | Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. In version 2.7.3, the /api/v1/convert/eml/pdf endpoint with parameter downloadHtml=true re… | |||
| CVE-2026-33397 | medium | 6.1 | 6.1 | 2mo ago | Protocol-Relative URL Injection via Single Backslash Bypass in Angular SSR | |||
| CVE-2026-29934 | medium | 6.1 | 6.1 | 2mo ago | A reflected cross-site scripting (XSS) vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying… | |||
| CVE-2026-4849 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability was identified in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file /modify.php of the component Parameter Handler. The manipulation of the argumen… | |||
| CVE-2026-32851 | medium | 6.1 | 6.1 | 2mo ago | MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser b… | |||
| CVE-2026-4474 | medium | 6.1 | 6.1 | 2mo ago | A flaw has been found in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /admin_single_student_update.php. This manipulation of the argument st_name causes … | |||
| CVE-2026-22217 | medium | 6.1 | 6.1 | 2mo ago | OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL | |||
| CVE-2026-20994 | medium | 6.1 | 6.1 | 3mo ago | URL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token. | |||
| CVE-2026-3884 | medium | 6.1 | 6.1 | 3mo ago | Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the spin() function that allows a creation of more than 1 alert for each 'target' element. An attacker wo… | |||
| CVE-2026-23817 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL. | |||
| CVE-2026-22614 | medium | 6.1 | 6.1 | 3mo ago | The encryption mechanism used in Eaton's EasySoft project file was insecure and susceptible to brute force attacks, an attacker with access to this file and the local host machine could potentially r… | |||
| CVE-2026-3812 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manage_employee_allowances.php. This manipulation of the argument ID causes … | |||
| CVE-2026-3763 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. The affected element is an unknown function of the file showhistory.php. The manipulation results in cross site scr… | |||
| CVE-2026-3702 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability was detected in SourceCodester Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /index.php. Performing a manipulation of the argument page … | |||
| CVE-2026-20070 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenti… | |||
| CVE-2026-3455 | medium | 6.1 | 6.1 | 3mo ago | mailparser vulnerable to Cross-site Scripting | |||
| CVE-2026-3412 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability was detected in itsourcecode University Management System 1.0. This affects an unknown part of the file /att_single_view.php. The manipulation of the argument dt results in cross site… | |||
| CVE-2026-3302 | medium | 6.1 | 6.1 | 3mo ago | A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing… | |||
| CVE-2026-3070 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability was detected in SourceCodester Modern Image Gallery App 1.0. Affected by this vulnerability is an unknown functionality of the file upload.php. The manipulation of the argument filena… | |||
| CVE-2026-3054 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotel… |