CVEs from 2026
Total
13,492
critical
critical 1,178
high
high 4,301
medium
medium 4,183
low
low 449
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41484 | medium | 5.9 | 5.9 | 25d ago | OneCollector exporter reads unbounded HTTP response bodies | |||
| CVE-2026-41483 | medium | 5.9 | 5.9 | 25d ago | OpenTelemetry.Resources.Azure has an unbounded HTTP response body read | |||
| CVE-2026-5119 | medium | 5.9 | 5.9 | 26d ago | RHSA-2026:14087: libsoup security update (Moderate) | |||
| CVE-2026-34956 | medium | 5.9 | 5.9 | 27d ago | A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with a… | |||
| CVE-2026-28510 | medium | 5.9 | 5.9 | 27d ago | eLabFTW is an open source electronic lab notebook. In elabftw versions through 5.4.1, the login flow did not reliably preserve the multi-factor authentication state across authentication steps. Under… | |||
| CVE-2026-32148 | medium | 5.9 | 5.9 | 1mo ago | Insufficient Verification of Data Authenticity vulnerability in hexpm hex (Hex.RemoteConverger module) allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for … | |||
| CVE-2026-5080 | medium | 5.9 | 5.9 | 1mo ago | Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the proce… | |||
| CVE-2026-41016 | medium | 5.9 | 5.9 | 1mo ago | apache-airflow-providers-smtp: No certificate validation on SMTP STARTTLS connections in SMTP provider | |||
| CVE-2026-42643 | medium | 5.9 | 5.9 | 1mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP Image Widget image-widget allows Stored XSS.This issue affects Image Widget: from n/a t… | |||
| CVE-2026-7318 | medium | 5.9 | 5.9 | 1mo ago | A vulnerability was detected in elie mcp-project 0.1.0. The affected element is the function search_papers of the file research_server.py. The manipulation of the argument topic results in path trave… | |||
| CVE-2026-33467 | medium | 5.9 | 5.9 | 1mo ago | Elastic Package Registry has Improper Verification of Cryptographic Signature | |||
| CVE-2026-40966 | medium | 5.9 | 5.9 | 1mo ago | Spring AI's VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration | |||
| CVE-2026-41319 | medium | 5.9 | 5.9 | 1mo ago | MailKit has STARTTLS Response Injection via unflushed stream buffer that enables SASL mechanism downgrade | |||
| CVE-2026-41078 | medium | 5.9 | 5.9 | 1mo ago | OpenTelemetry .NET has potential memory exhaustion via unbounded pooled-list sizing in Jaeger exporter conversion path | |||
| CVE-2026-40182 | medium | 5.9 | 5.9 | 1mo ago | OpenTelemetry dotnet: OTLP exporter reads unbounded HTTP response bodies | |||
| CVE-2026-3621 | medium | 5.9 | 5.9 | 1mo ago | IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deploy… | |||
| CVE-2026-32226 | medium | 5.9 | 5.9 | 2mo ago | Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network. | |||
| CVE-2026-34477 | medium | 5.9 | 5.9 | 2mo ago | Apache Log4j Core: `verifyHostName` attribute silently ignored in TLS configuration | |||
| CVE-2026-21717 | medium | 5.9 | 5.9 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-21713 | medium | 5.9 | 5.9 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-39654 | medium | 5.9 | 5.9 | 2mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani WP Simple HTML Sitemap wp-simple-html-sitemap allows DOM-Based XSS.This issue affect… | |||
| CVE-2026-34219 | medium | 5.9 | 5.9 | 2mo ago | libp2p-gossipsub: Remote crash via unchecked Instant overflow in heartbeat backoff expiry handling | |||
| CVE-2026-4988 | medium | 5.9 | 5.9 | 2mo ago | A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smf_gx_cca_cb/smf_gy_cca_cb/smf_s6b of the component CCA Message Handler. The manipulation results in denial of s… | |||
| CVE-2026-27856 | medium | 5.9 | 5.9 | 2mo ago | Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the credential wi… | |||
| CVE-2026-27855 | medium | 5.9 | 5.9 | 2mo ago | Dovecot OTP authentication is vulnerable to replay attack under specific conditions. If auth cache is enabled, and username is altered in passdb, then OTP credentials can be cached so that same OTP r… | |||
| CVE-2026-32935 | medium | 5.9 | 5.9 | 2mo ago | phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack | |||
| CVE-2026-28044 | medium | 5.9 | 5.9 | 2mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Media WP Rocket allows Stored XSS.This issue affects WP Rocket: from n/a through 3.19.4. | |||
| CVE-2026-27344 | medium | 5.9 | 5.9 | 3mo ago | Missing Authorization vulnerability in inseriswiss inseri core inseri-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects inseri core: from n/a through <= … | |||
| CVE-2026-27601 | medium | 5.9 | 5.9 | 3mo ago | Underscore has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack | |||
| CVE-2026-25004 | medium | 5.9 | 5.9 | 3mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Business Directory cm-business-directory allows Stored XSS.This issue a… | |||
| CVE-2026-1685 | medium | 5.9 | 5.9 | 4mo ago | A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authe… | |||
| CVE-2026-24621 | medium | 5.9 | 5.9 | 4mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vladimir Statsenko Terms descriptions terms-descriptions allows DOM-Based XSS.This issue affects … | |||
| CVE-2026-24594 | medium | 5.9 | 5.9 | 4mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in livemesh Livemesh Addons for WPBakery Page Builder addons-for-visual-composer allows Stored XSS.T… | |||
| CVE-2026-23976 | medium | 5.9 | 5.9 | 4mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Modula Image Gallery modula-best-grid-gallery allows Stored XSS.This issue affects Modul… | |||
| CVE-2026-49129 | medium | 5.8 | 5.8 | 3d ago | Music Player Daemon (MPD) before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPT_FOLLOWLOCATION is set without CURLOPT_REDIR_PROTOCOLS_STR, allow… | |||
| CVE-2026-41009 | medium | 5.8 | 5.8 | 5d ago | When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is consumed by AgentClient. inject_compile_log (line 332-339) reads response['value']['result']['compile_… | |||
| CVE-2026-24201 | medium | 5.8 | 5.8 | 6d ago | NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause an out-of-bound access. A successful exploit of this vulnerability might lead to data tampering… | |||
| CVE-2026-7385 | medium | 5.8 | 5.8 | 12d ago | The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author email addresses and post author email addresses via its REST API endpoint, allowing unauthenticated attack… | |||
| CVE-2026-45557 | medium | 5.8 | 5.8 | 13d ago | Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network tr… | |||
| CVE-2026-41181 | medium | 5.8 | 5.8 | 17d ago | Traefik's errors middleware forwards Authorization and Cookie headers to separate error page service | |||
| CVE-2026-41960 | medium | 5.8 | 5.8 | 17d ago | Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2026-3160 | medium | 5.8 | 5.8 | 18d ago | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jir… | |||
| CVE-2026-44003 | medium | 5.8 | 5.8 | 18d ago | vm2's Transformer Fast-Path Bypass Exposes Internal State Variable | |||
| CVE-2026-44002 | medium | 5.8 | 5.8 | 18d ago | vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak | |||
| CVE-2026-42926 | medium | 5.8 | 5.8 | 19d ago | When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxy_http_version to 2, and also uses proxy_set_body, an attacker may be able to inject frame headers and payload bytes to the… | |||
| CVE-2026-42279 | medium | 5.8 | 5.8 | 24d ago | solidtime is an open-source time-tracking app. In version 0.12.0, the PUT /api/v1/organizations/{organization}/time-entries/{timeEntry} API accepts a route-bound timeEntry from another organization w… | |||
| CVE-2026-44312 | medium | 5.8 | 5.8 | 25d ago | CSS Parser: Improper Certificate Validation allows MITM injection of remote CSS content | |||
| CVE-2026-44117 | medium | 5.8 | 5.8 | 25d ago | OpenClaw: QQBot direct media upload skipped URL SSRF validation | |||
| CVE-2026-6817 | medium | 5.8 | 5.8 | 1mo ago | The Quiz Maker by AYS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rate_reason' parameter in all versions up to, and including, 6.7.1.29 due to insufficient input saniti… | |||
| CVE-2026-41372 | medium | 5.8 | 5.8 | 1mo ago | OpenClaw: Trailing-dot localhost CDP hosts could bypass remote loopback protections | |||
| CVE-2026-35376 | medium | 5.8 | 5.8 | 1mo ago | A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves recursive targets using a fresh path loo… | |||
| CVE-2026-34318 | medium | 5.8 | 5.8 | 1mo ago | Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vu… | |||
| CVE-2026-41389 | medium | 5.8 | 5.8 | 1mo ago | OpenClaw: Webchat media embedding enforces local-root containment for tool-result files | |||
| CVE-2026-20073 | medium | 5.8 | 5.8 | 3mo ago | A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send tra… | |||
| CVE-2026-48189 | medium | 5.7 | 5.7 | 1h ago | An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled a… | |||
| CVE-2026-48187 | medium | 5.7 | 5.7 | 1h ago | An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS… | |||
| CVE-2026-48210 | medium | 5.7 | 5.7 | 7h ago | An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the “Is visible for customer” flag by default and prevent users from disabling it via the UI. Th… | |||
| CVE-2026-40425 | medium | 5.7 | 5.7 | 2d ago | The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password. | |||
| CVE-2026-48066 | medium | 5.7 | 5.7 | 4d ago | pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the ad… | |||
| CVE-2026-48999 | medium | 5.7 | 5.7 | 5d ago | Attackers carefully craft malicious scripts, such as JavaScript, and inject them into target systems; when other users access pages containing such malicious content, the scripts are automatically lo… | |||
| CVE-2026-8174 | medium | 5.7 | 5.7 | 6d ago | Zohocorp Zoho Mail wordpress plugin is vulnerable to Cross-Site request forgery (CSRF). This issue affects Zoho Mail wordpress plugin versions before 1.6.2. | |||
| CVE-2026-44409 | medium | 5.7 | 5.7 | 10d ago | There is an an information disclosure vulnerability in ZTE MU5250. Due to improper configuration of the access control mechanism, attackers can obtain information without authorization, causing the r… | |||
| CVE-2026-1815 | medium | 5.7 | 5.7 | 11d ago | Insufficient session expiration vulnerability in Turkiye Electricity Transmission Corporation (TEİAŞ) Mobile Application allows Session Hijacking. This issue affects Mobile Application: from 1.6.2 b… | |||
| CVE-2026-34600 | medium | 5.7 | 5.7 | 12d ago | Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients … | |||
| CVE-2026-45610 | medium | 5.7 | 5.7 | 16d ago | WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a cross-site request forgery vulnerability on the 2FA toggle. plugin/LoginControl/set.json.php accepts POST type=set2FA val… | |||
| CVE-2026-44520 | medium | 5.7 | 5.7 | 17d ago | docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler | |||
| CVE-2026-44440 | medium | 5.7 | 5.7 | 18d ago | ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.101.1 and 16.10.0, an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability on … | |||
| CVE-2026-33570 | medium | 5.7 | 5.7 | 19d ago | PowerSYSTEM Center REST API endpoint for devices allows a low privilege authenticated user to access information normally limited by operational permissions. | |||
| CVE-2026-41250 | medium | 5.7 | 5.7 | 20d ago | Taiga is a project management platform for startups and agile developers. Prior 6.9.1, Taiga front is vulnerable to stored XSS. This vulnerability is fixed in 6.9.1. | |||
| CVE-2026-31252 | medium | 5.7 | 5.7 | 21d ago | CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in its model loading component. The framework uses torch.load(… | |||
| CVE-2026-42267 | medium | 5.7 | 5.7 | 26d ago | Kimai vulnerable to formula Injection via tag names in XLSX export | |||
| CVE-2026-31205 | medium | 5.7 | 5.7 | 28d ago | Cross Site Scripting vulnerability in Pluck CMS before v.4.7.21dev allows a remote attacker to escalate privileges via the editpage.php and the sanitizePageContent function | |||
| CVE-2026-21712 | medium | 5.7 | 5.7 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-30817 | medium | 5.7 | 5.7 | 2mo ago | An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is pro… | |||
| CVE-2026-30816 | medium | 5.7 | 5.7 | 2mo ago | An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is p… | |||
| CVE-2026-20024 | medium | 5.7 | 5.7 | 3mo ago | A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpect… | |||
| CVE-2026-20020 | medium | 5.7 | 5.7 | 3mo ago | A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpe… | |||
| CVE-2026-24198 | medium | 5.6 | 5.6 | 6d ago | NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive informati… | |||
| CVE-2026-48134 | medium | 5.6 | 5.6 | 6d ago | When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to… | |||
| CVE-2026-9371 | medium | 5.6 | 5.6 | 8d ago | A security vulnerability has been detected in ItzCrazyKns Vane up to 1.12.1. Affected by this issue is some unknown functionality of the file route.ts of the component API. The manipulation leads to … | |||
| CVE-2026-9365 | medium | 5.6 | 5.6 | 8d ago | A vulnerability has been found in Ettercap up to 0.8.3. The affected element is the function FUNC_DECODER of the file src/dissectors/ec_gg.c of the component GG Dissector. The manipulation of the arg… | |||
| CVE-2026-41966 | medium | 5.6 | 5.6 | 17d ago | Permission control vulnerability in the smart sensing service. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2026-41965 | medium | 5.6 | 5.6 | 17d ago | Use-After-Free (UAF) vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2026-7669 | medium | 5.6 | 5.6 | 29d ago | SGLang has an Improper Input Validation/Injection Issue | |||
| CVE-2026-7306 | medium | 5.6 | 5.6 | 1mo ago | A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/Open… | |||
| CVE-2026-7292 | medium | 5.6 | 5.6 | 1mo ago | A security vulnerability has been detected in o2oa up to 10.0. This impacts the function syncFile of the file NodeAgent.java of the component NodeAgent. The manipulation leads to improper authorizati… | |||
| CVE-2026-7141 | medium | 5.6 | 5.6 | 1mo ago | vLLM makes Use of Uninitialized Resource | |||
| CVE-2026-7113 | medium | 5.6 | 5.6 | 1mo ago | A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The man… | |||
| CVE-2026-7112 | medium | 5.6 | 5.6 | 1mo ago | A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function _check_auth of the file gateway/platforms/api_server.py of the component API_SERVER_K… | |||
| CVE-2026-7018 | medium | 5.6 | 5.6 | 1mo ago | A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/… | |||
| CVE-2026-6878 | medium | 5.6 | 5.6 | 1mo ago | verl's math_equal() Vulnerable to Arbitrary Code Execution via Unsafe eval() | |||
| CVE-2026-6578 | medium | 5.6 | 5.6 | 1mo ago | A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of… | |||
| CVE-2026-6572 | medium | 5.6 | 5.6 | 1mo ago | A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileU… | |||
| CVE-2026-40602 | medium | 5.6 | 5.6 | 2mo ago | The Home Assistant Command-line interface (hass-cli) is a command-line tool for Home Assistant. Up to 1.0.0 of home-assitant-cli an unrestricted environment was used to handle Jninja2 templates inste… | |||
| CVE-2026-40190 | medium | 5.6 | 5.6 | 2mo ago | LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.5.18, the LangSmith JavaScript/TypeScript SDK (langsmith) contains an incomplete prototype pollution fix in… | |||
| CVE-2026-5618 | medium | 5.6 | 5.6 | 2mo ago | A vulnerability was detected in kalcaddle kodbox up to 1.64. This affects an unknown function of the component shareMake/shareCheck. Performing a manipulation of the argument siteFrom/siteTo results … | |||
| CVE-2026-4830 | medium | 5.6 | 5.6 | 2mo ago | A vulnerability was identified in kalcaddle kodbox 1.64. This issue affects the function Add of the file app/controller/explorer/userShare.class.php of the component Public Share Handler. Such manipu… | |||
| CVE-2026-4592 | medium | 5.6 | 5.6 | 2mo ago | A security vulnerability has been detected in kalcaddle kodbox 1.64. This impacts the function loginAfter/tfaVerify of the file /workspace/source-code/plugins/client/controller/tfa/index.class.php of… | |||
| CVE-2026-2711 | medium | 5.6 | 5.6 | 3mo ago | A vulnerability has been found in zhutoutoutousan worldquant-miner up to 1.0.9. The impacted element is an unknown function of the file worldquant-miner-master/agent-dify-api/core/helper/ssrf_proxy.p… | |||
| CVE-2026-47335 | medium | 5.5 | 5.5 | 3d ago | Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a … |