CVEs from 2026
Total
13,613
critical
critical 1,176
high
high 4,271
medium
medium 4,150
low
low 441
% Critical
8.6%
% with KEV
0.4%
% with exploit
0.7%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-28044 | medium | 5.9 | 5.9 | 2mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Media WP Rocket allows Stored XSS.This issue affects WP Rocket: from n/a through 3.19.4. | |||
| CVE-2026-27344 | medium | 5.9 | 5.9 | 3mo ago | Missing Authorization vulnerability in inseriswiss inseri core inseri-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects inseri core: from n/a through <= … | |||
| CVE-2026-27601 | medium | 5.9 | 5.9 | 3mo ago | Underscore has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack | |||
| CVE-2026-25004 | medium | 5.9 | 5.9 | 3mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Business Directory cm-business-directory allows Stored XSS.This issue a… | |||
| CVE-2026-1685 | medium | 5.9 | 5.9 | 4mo ago | A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authe… | |||
| CVE-2026-24621 | medium | 5.9 | 5.9 | 4mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vladimir Statsenko Terms descriptions terms-descriptions allows DOM-Based XSS.This issue affects … | |||
| CVE-2026-24594 | medium | 5.9 | 5.9 | 4mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in livemesh Livemesh Addons for WPBakery Page Builder addons-for-visual-composer allows Stored XSS.T… | |||
| CVE-2026-23976 | medium | 5.9 | 5.9 | 4mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Modula Image Gallery modula-best-grid-gallery allows Stored XSS.This issue affects Modul… | |||
| CVE-2026-49129 | medium | 5.8 | 5.8 | 2d ago | Music Player Daemon (MPD) before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPT_FOLLOWLOCATION is set without CURLOPT_REDIR_PROTOCOLS_STR, allow… | |||
| CVE-2026-41009 | medium | 5.8 | 5.8 | 4d ago | When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is consumed by AgentClient. inject_compile_log (line 332-339) reads response['value']['result']['compile_… | |||
| CVE-2026-24201 | medium | 5.8 | 5.8 | 4d ago | NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause an out-of-bound access. A successful exploit of this vulnerability might lead to data tampering… | |||
| CVE-2026-7385 | medium | 5.8 | 5.8 | 11d ago | The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author email addresses and post author email addresses via its REST API endpoint, allowing unauthenticated attack… | |||
| CVE-2026-45557 | medium | 5.8 | 5.8 | 11d ago | Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network tr… | |||
| CVE-2026-41181 | medium | 5.8 | 5.8 | 15d ago | Traefik's errors middleware forwards Authorization and Cookie headers to separate error page service | |||
| CVE-2026-41960 | medium | 5.8 | 5.8 | 16d ago | Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2026-3160 | medium | 5.8 | 5.8 | 17d ago | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jir… | |||
| CVE-2026-44003 | medium | 5.8 | 5.8 | 17d ago | vm2's Transformer Fast-Path Bypass Exposes Internal State Variable | |||
| CVE-2026-44002 | medium | 5.8 | 5.8 | 17d ago | vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak | |||
| CVE-2026-42926 | medium | 5.8 | 5.8 | 17d ago | When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxy_http_version to 2, and also uses proxy_set_body, an attacker may be able to inject frame headers and payload bytes to the… | |||
| CVE-2026-42279 | medium | 5.8 | 5.8 | 23d ago | solidtime is an open-source time-tracking app. In version 0.12.0, the PUT /api/v1/organizations/{organization}/time-entries/{timeEntry} API accepts a route-bound timeEntry from another organization w… | |||
| CVE-2026-44312 | medium | 5.8 | 5.8 | 24d ago | CSS Parser: Improper Certificate Validation allows MITM injection of remote CSS content | |||
| CVE-2026-44117 | medium | 5.8 | 5.8 | 24d ago | OpenClaw: QQBot direct media upload skipped URL SSRF validation | |||
| CVE-2026-6817 | medium | 5.8 | 5.8 | 29d ago | The Quiz Maker by AYS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rate_reason' parameter in all versions up to, and including, 6.7.1.29 due to insufficient input saniti… | |||
| CVE-2026-41372 | medium | 5.8 | 5.8 | 1mo ago | OpenClaw: Trailing-dot localhost CDP hosts could bypass remote loopback protections | |||
| CVE-2026-35376 | medium | 5.8 | 5.8 | 1mo ago | A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves recursive targets using a fresh path loo… | |||
| CVE-2026-34318 | medium | 5.8 | 5.8 | 1mo ago | Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vu… | |||
| CVE-2026-41389 | medium | 5.8 | 5.8 | 1mo ago | OpenClaw: Webchat media embedding enforces local-root containment for tool-result files | |||
| CVE-2026-20073 | medium | 5.8 | 5.8 | 3mo ago | A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send tra… | |||
| CVE-2026-40425 | medium | 5.7 | 5.7 | 1d ago | The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password. | |||
| CVE-2026-48066 | medium | 5.7 | 5.7 | 3d ago | pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the ad… | |||
| CVE-2026-48999 | medium | 5.7 | 5.7 | 4d ago | Attackers carefully craft malicious scripts, such as JavaScript, and inject them into target systems; when other users access pages containing such malicious content, the scripts are automatically lo… | |||
| CVE-2026-8174 | medium | 5.7 | 5.7 | 5d ago | Zohocorp Zoho Mail wordpress plugin is vulnerable to Cross-Site request forgery (CSRF). This issue affects Zoho Mail wordpress plugin versions before 1.6.2. | |||
| CVE-2026-44409 | medium | 5.7 | 5.7 | 9d ago | There is an an information disclosure vulnerability in ZTE MU5250. Due to improper configuration of the access control mechanism, attackers can obtain information without authorization, causing the r… | |||
| CVE-2026-1815 | medium | 5.7 | 5.7 | 9d ago | Insufficient session expiration vulnerability in Turkiye Electricity Transmission Corporation (TEİAŞ) Mobile Application allows Session Hijacking. This issue affects Mobile Application: from 1.6.2 b… | |||
| CVE-2026-34600 | medium | 5.7 | 5.7 | 11d ago | Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients … | |||
| CVE-2026-45610 | medium | 5.7 | 5.7 | 15d ago | WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a cross-site request forgery vulnerability on the 2FA toggle. plugin/LoginControl/set.json.php accepts POST type=set2FA val… | |||
| CVE-2026-44520 | medium | 5.7 | 5.7 | 16d ago | docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler | |||
| CVE-2026-44440 | medium | 5.7 | 5.7 | 17d ago | ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.101.1 and 16.10.0, an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability on … | |||
| CVE-2026-33570 | medium | 5.7 | 5.7 | 18d ago | PowerSYSTEM Center REST API endpoint for devices allows a low privilege authenticated user to access information normally limited by operational permissions. | |||
| CVE-2026-41250 | medium | 5.7 | 5.7 | 19d ago | Taiga is a project management platform for startups and agile developers. Prior 6.9.1, Taiga front is vulnerable to stored XSS. This vulnerability is fixed in 6.9.1. | |||
| CVE-2026-31252 | medium | 5.7 | 5.7 | 19d ago | CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in its model loading component. The framework uses torch.load(… | |||
| CVE-2026-42267 | medium | 5.7 | 5.7 | 25d ago | Kimai vulnerable to formula Injection via tag names in XLSX export | |||
| CVE-2026-31205 | medium | 5.7 | 5.7 | 27d ago | Cross Site Scripting vulnerability in Pluck CMS before v.4.7.21dev allows a remote attacker to escalate privileges via the editpage.php and the sanitizePageContent function | |||
| CVE-2026-21712 | medium | 5.7 | 5.7 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-30817 | medium | 5.7 | 5.7 | 2mo ago | An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is pro… | |||
| CVE-2026-30816 | medium | 5.7 | 5.7 | 2mo ago | An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is p… | |||
| CVE-2026-20024 | medium | 5.7 | 5.7 | 3mo ago | A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpect… | |||
| CVE-2026-20020 | medium | 5.7 | 5.7 | 3mo ago | A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpe… | |||
| CVE-2026-24198 | medium | 5.6 | 5.6 | 4d ago | NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive informati… | |||
| CVE-2026-48134 | medium | 5.6 | 5.6 | 5d ago | When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to… | |||
| CVE-2026-9371 | medium | 5.6 | 5.6 | 7d ago | A security vulnerability has been detected in ItzCrazyKns Vane up to 1.12.1. Affected by this issue is some unknown functionality of the file route.ts of the component API. The manipulation leads to … | |||
| CVE-2026-9365 | medium | 5.6 | 5.6 | 7d ago | A vulnerability has been found in Ettercap up to 0.8.3. The affected element is the function FUNC_DECODER of the file src/dissectors/ec_gg.c of the component GG Dissector. The manipulation of the arg… | |||
| CVE-2026-41966 | medium | 5.6 | 5.6 | 16d ago | Permission control vulnerability in the smart sensing service. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2026-41965 | medium | 5.6 | 5.6 | 16d ago | Use-After-Free (UAF) vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2026-7669 | medium | 5.6 | 5.6 | 28d ago | SGLang has an Improper Input Validation/Injection Issue | |||
| CVE-2026-7306 | medium | 5.6 | 5.6 | 1mo ago | A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/Open… | |||
| CVE-2026-7292 | medium | 5.6 | 5.6 | 1mo ago | A security vulnerability has been detected in o2oa up to 10.0. This impacts the function syncFile of the file NodeAgent.java of the component NodeAgent. The manipulation leads to improper authorizati… | |||
| CVE-2026-7141 | medium | 5.6 | 5.6 | 1mo ago | vLLM makes Use of Uninitialized Resource | |||
| CVE-2026-7113 | medium | 5.6 | 5.6 | 1mo ago | A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The man… | |||
| CVE-2026-7112 | medium | 5.6 | 5.6 | 1mo ago | A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function _check_auth of the file gateway/platforms/api_server.py of the component API_SERVER_K… | |||
| CVE-2026-7018 | medium | 5.6 | 5.6 | 1mo ago | A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/… | |||
| CVE-2026-6878 | medium | 5.6 | 5.6 | 1mo ago | verl's math_equal() Vulnerable to Arbitrary Code Execution via Unsafe eval() | |||
| CVE-2026-6578 | medium | 5.6 | 5.6 | 1mo ago | A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of… | |||
| CVE-2026-6572 | medium | 5.6 | 5.6 | 1mo ago | A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileU… | |||
| CVE-2026-40602 | medium | 5.6 | 5.6 | 1mo ago | The Home Assistant Command-line interface (hass-cli) is a command-line tool for Home Assistant. Up to 1.0.0 of home-assitant-cli an unrestricted environment was used to handle Jninja2 templates inste… | |||
| CVE-2026-40190 | medium | 5.6 | 5.6 | 2mo ago | LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.5.18, the LangSmith JavaScript/TypeScript SDK (langsmith) contains an incomplete prototype pollution fix in… | |||
| CVE-2026-5618 | medium | 5.6 | 5.6 | 2mo ago | A vulnerability was detected in kalcaddle kodbox up to 1.64. This affects an unknown function of the component shareMake/shareCheck. Performing a manipulation of the argument siteFrom/siteTo results … | |||
| CVE-2026-4830 | medium | 5.6 | 5.6 | 2mo ago | A vulnerability was identified in kalcaddle kodbox 1.64. This issue affects the function Add of the file app/controller/explorer/userShare.class.php of the component Public Share Handler. Such manipu… | |||
| CVE-2026-4592 | medium | 5.6 | 5.6 | 2mo ago | A security vulnerability has been detected in kalcaddle kodbox 1.64. This impacts the function loginAfter/tfaVerify of the file /workspace/source-code/plugins/client/controller/tfa/index.class.php of… | |||
| CVE-2026-2711 | medium | 5.6 | 5.6 | 3mo ago | A vulnerability has been found in zhutoutoutousan worldquant-miner up to 1.0.9. The impacted element is an unknown function of the file worldquant-miner-master/agent-dify-api/core/helper/ssrf_proxy.p… | |||
| CVE-2026-47335 | medium | 5.5 | 5.5 | 2d ago | Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a … | |||
| CVE-2026-47334 | medium | 5.5 | 5.5 | 2d ago | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user an… | |||
| CVE-2026-47332 | medium | 5.5 | 5.5 | 2d ago | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can… | |||
| CVE-2026-47326 | medium | 5.5 | 5.5 | 2d ago | Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory … | |||
| CVE-2026-48735 | medium | 5.5 | 5.5 | 2d ago | pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP me… | |||
| CVE-2026-48155 | medium | 5.5 | 5.5 | 2d ago | pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in l… | |||
| CVE-2026-45703 | medium | — | 5.5 | 3d ago | Pimcore has a WordExport Authorization Bypass for Unauthorized Document Export | |||
| CVE-2026-45309 | medium | — | 5.5 | 3d ago | AsyncSSH `AuthorizedKeysFile %u` path traversal allows attacker-selected authorized keys to authenticate a traversal username | |||
| CVE-2026-44981 | medium | — | 5.5 | 3d ago | CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression | |||
| CVE-2026-9759 | medium | 5.5 | 5.5 | 3d ago | ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of service | |||
| CVE-2026-45046 | medium | 5.5 | 5.5 | 3d ago | Gryph Agents Payload Filter Fails to Strip Tool Payload for Sensitive Content | |||
| CVE-2026-45334 | medium | — | 5.5 | 3d ago | Kirby CMS's content locks disclose IDs and emails of inaccessible users from `users.access/list` permissions | |||
| CVE-2026-42184 | medium | — | 5.5 | 4d ago | Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's is_local_url() function causes it to incorrectly classify remote URLs as trusted loca… | |||
| CVE-2026-48927 | medium | 5.5 | 5.5 | 4d ago | Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs or views. | |||
| CVE-2026-47104 | medium | 5.5 | 5.5 | 4d ago | libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parse_iad_array() in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed US… | |||
| CVE-2026-6053 | medium | 5.5 | 5.5 | 4d ago | IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables. | |||
| CVE-2026-5515 | medium | 5.5 | 5.5 | 4d ago | IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user. | |||
| CVE-2026-40830 | medium | 5.5 | 5.5 | 4d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the admin.mbnetj.php files UpdateParam function due to improper neutralization of special elements in a… | |||
| CVE-2026-40829 | medium | 5.5 | 5.5 | 4d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQ… | |||
| CVE-2026-40828 | medium | 5.5 | 5.5 | 4d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DeleteSysLogEntry function due to improper neutralization of special elements in a SQL DELETE comma… | |||
| CVE-2026-40827 | medium | 5.5 | 5.5 | 4d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _RemoveRequest function due to improper neutralization of special elements in a SQL DELETE command … | |||
| CVE-2026-40825 | medium | 5.5 | 5.5 | 4d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UP… | |||
| CVE-2026-40824 | medium | 5.5 | 5.5 | 4d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPD… | |||
| CVE-2026-40823 | medium | 5.5 | 5.5 | 4d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL UPDATE command … | |||
| CVE-2026-44979 | medium | — | 5.5 | 4d ago | @hapi/wreck leaks sensitive `Proxy-Authorization` header across cross-hostname redirects | |||
| CVE-2026-44646 | medium | — | 5.5 | 4d ago | LiquidJS's `{% render %}` tag silently bypasses per-render `ownPropertyOnly:true` via `Context.spawn()` | |||
| CVE-2026-44645 | medium | — | 5.5 | 4d ago | LiquidJS has a renderLimit DoS guard bypass via empty `{% for %}` body | |||
| CVE-2026-44644 | medium | — | 5.5 | 4d ago | LiquidJS's strip_html filter bypass via newline characters in HTML tags enables XSS | |||
| CVE-2026-44596 | medium | — | 5.5 | 4d ago | Yamcs has No Rate Limiting on Authentication Endpoint | |||
| CVE-2026-44595 | medium | — | 5.5 | 4d ago | Yamcs vulnerable to unauthorized user enumeration via IAM API endpoints |