CVEs from 2026
Total
13,464
critical
critical 1,177
high
high 4,294
medium
medium 4,166
low
low 442
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-9064 | high | 7.5 | 7.5 | 12d ago | A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated a… | |||
| CVE-2026-42959 | high | 7.5 | 7.5 | 12d ago | NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs … | |||
| CVE-2026-42944 | high | 7.5 | 7.5 | 12d ago | NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the re… | |||
| CVE-2026-41292 | high | 7.5 | 7.5 | 12d ago | NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too ma… | |||
| CVE-2026-40622 | high | 7.5 | 7.5 | 12d ago | NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL config… | |||
| CVE-2026-9010 | high | 7.5 | 7.5 | 12d ago | The Boost plugin for WordPress is vulnerable to time-based SQL Injection via the 'current_url' and 'user_name' parameters in versions up to, and including, 2.0.3 due to insufficient escaping on the u… | |||
| CVE-2026-9003 | high | 7.5 | 7.5 | 12d ago | E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. | |||
| CVE-2026-24215 | high | 7.5 | 7.5 | 12d ago | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend, where an attacker could cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to … | |||
| CVE-2026-24210 | high | 7.5 | 7.5 | 12d ago | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to denial of service. | |||
| CVE-2026-24209 | high | 7.5 | 7.5 | 12d ago | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service. | |||
| CVE-2026-24208 | high | 7.5 | 7.5 | 12d ago | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service. | |||
| CVE-2026-24160 | high | 7.5 | 7.5 | 12d ago | NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead … | |||
| CVE-2026-3985 | high | 7.5 | 7.5 | 12d ago | The Creative Mail – Easier WordPress & WooCommerce Email Marketing plugin for WordPress is vulnerable to SQL Injection via the 'checkout_uuid' parameter in all versions up to, and including, 1.6.9. T… | |||
| CVE-2026-37555 | high | 7.5 | 7.5 | 12d ago | RHSA-2026:19559: libsndfile security update (Important) | |||
| CVE-2026-8073 | high | 7.5 | 7.5 | 12d ago | The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation and missing capability check in … | |||
| CVE-2026-47100 | high | 7.5 | 7.5 | 12d ago | Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to invoke internal metho… | |||
| CVE-2026-43634 | high | 7.5 | 7.5 | 12d ago | HestiaCP versions 1.2.0 through 1.9.4 contain an IP spoofing vulnerability that allows unauthenticated remote attackers to bypass authentication security controls by supplying an arbitrary IP address… | |||
| CVE-2026-8967 | high | 7.5 | 7.5 | 12d ago | Information disclosure in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. | |||
| CVE-2026-8966 | high | 7.5 | 7.5 | 12d ago | Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. | |||
| CVE-2026-8965 | high | 7.5 | 7.5 | 12d ago | Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. | |||
| CVE-2026-8964 | high | 7.5 | 7.5 | 12d ago | Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. | |||
| CVE-2026-8963 | high | 7.5 | 7.5 | 12d ago | Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. | |||
| CVE-2026-8960 | high | 7.5 | 7.5 | 12d ago | Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151 and Thunderbird 151. | |||
| CVE-2026-8949 | high | 7.5 | 7.5 | 12d ago | Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. | |||
| CVE-2026-8945 | high | 7.5 | 7.5 | 12d ago | Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151. | |||
| CVE-2026-8912 | high | 7.5 | 7.5 | 12d ago | The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input' parameter in versions up to, and including, 28.1.6. This is due to insufficient escaping on the user suppl… | |||
| CVE-2026-7507 | high | 7.5 | 7.5 | 12d ago | A session fixation vulnerability was found in Keycloak's login-actions endpoints. An unauthenticated attacker could exploit this flaw by pre-creating an authentication session and tricking a victim i… | |||
| CVE-2026-7307 | high | 7.5 | 7.5 | 12d ago | A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language (SAML) endpoint. This malicious input can cause high … | |||
| CVE-2026-31910 | high | 7.5 | 7.5 | 13d ago | Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. | |||
| CVE-2026-31909 | high | 7.5 | 7.5 | 13d ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, whi… | |||
| CVE-2026-8813 | high | 7.5 | 7.5 | 13d ago | ExifReader is vulnerable to denial of service via crafted ICC `mluc` tag | |||
| CVE-2026-33232 | high | 7.5 | 7.5 | 13d ago | AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of… | |||
| CVE-2026-31790 | high | 7.5 | 7.5 | 13d ago | Moderate: openssl security update | |||
| CVE-2026-4890 | high | 7.5 | 7.5 | 13d ago | RHSA-2026:20589: dnsmasq security update (Important) | |||
| CVE-2026-7320 | high | 7.5 | 7.5 | 13d ago | RHSA-2026:20586: thunderbird security update (Important) | |||
| CVE-2026-29963 | high | 7.5 | 7.5 | 13d ago | HSC MailInspector 5.3.3-7 has a Path Traversal vulnerability due to improper validation of user-supplied input in the /tap/dw.php endpoint. The text parameter is used to construct file paths without … | |||
| CVE-2026-29962 | high | 7.5 | 7.5 | 13d ago | HSC MailInspector v5.3.3-7 contains a Local File Inclusion (LFI) vulnerability caused by improper control of user-supplied file paths. The endpoint /vendor/phpunit/phpunit.php processes user-controll… | |||
| CVE-2026-41949 | high | 7.5 | 7.5 | 13d ago | Dify before version 1.14.2 contains an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document acros… | |||
| CVE-2026-39079 | high | 7.5 | 7.5 | 13d ago | An issue in prestashop upsshipping all versions through at least 2.4.0 allows a remote attacker to obtain sensitive information via the /modules/upsshipping/logs/, and /modules/upsshipping/lib/UPSBas… | |||
| CVE-2026-42009 | high | 7.5 | 7.5 | 13d ago | RHSA-2026:20611: gnutls security update (Important) | |||
| CVE-2026-6381 | high | 7.5 | 7.5 | 14d ago | The WP Maps WordPress plugin before 4.9.3 does not properly sanitize a parameter before using it in a file path, allowing authenticated users to perform Local File Inclusion attacks. | |||
| CVE-2026-8767 | high | 7.5 | 7.5 | 14d ago | A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manip… | |||
| CVE-2026-8750 | high | 7.5 | 7.5 | 14d ago | A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFi… | |||
| CVE-2026-46366 | high | 7.5 | 7.5 | 16d ago | phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId() method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted … | |||
| CVE-2026-46359 | high | 7.5 | 7.5 | 16d ago | phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attac… | |||
| CVE-2026-44826 | high | 7.5 | 7.5 | 16d ago | Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-ad… | |||
| CVE-2026-46474 | high | 7.5 | 7.5 | 16d ago | Trog::TOTP versions before 1.006 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage. | |||
| CVE-2026-44714 | high | 7.5 | 7.5 | 16d ago | bitcoinj has a ScriptExecution P2PKH/P2WPKH Verification Bypass | |||
| CVE-2026-45736 | high | 7.5 | 7.5 | 16d ago | ws: Uninitialized memory disclosure | |||
| CVE-2026-38728 | high | 7.5 | 7.5 | 16d ago | An issue in Nodemailer smtp_server before v.3.18.3 allows a remote attacker to cause a denial of service via the SMTPStream._write, lib/smtp-stream.js components | |||
| CVE-2026-41552 | high | 7.5 | 7.5 | 16d ago | PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could incl… | |||
| CVE-2026-6403 | high | 7.5 | 7.5 | 17d ago | The Quick Playground plugin for WordPress is vulnerable to Path Traversal in versions up to and including 1.3.3. This is due to insufficient path validation in the qckply_zip_theme() function, which … | |||
| CVE-2026-44671 | high | 7.5 | 7.5 | 17d ago | ZITADEL has LDAP Filter Injection in Login Flow | |||
| CVE-2026-44673 | high | 7.5 | 7.5 | 17d ago | libyang is a YANG data modeling language library. Prior to SO 5.2.15, lyb_read_string() in src/parser_lyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciou… | |||
| CVE-2026-45398 | high | 7.5 | 7.5 | 17d ago | Open WebUI Vulnerable to IDOR: Retrieval API Bypasses Knowledge Base Access Controls | |||
| CVE-2026-8585 | high | 7.5 | 7.5 | 17d ago | Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a … | |||
| CVE-2026-8557 | high | 7.5 | 7.5 | 17d ago | Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (C… | |||
| CVE-2026-8547 | high | 7.5 | 7.5 | 17d ago | Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via… | |||
| CVE-2026-8521 | high | 7.5 | 7.5 | 17d ago | Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical) | |||
| CVE-2026-8510 | high | 7.5 | 7.5 | 17d ago | Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted … | |||
| CVE-2026-46356 | high | 7.5 | 7.5 | 17d ago | Fleet: IP spoofing allows bypassing API rate limiting | |||
| CVE-2026-24899 | high | 7.5 | 7.5 | 17d ago | Fleet Windows MDM Azure AD JWT Authentication Bypass | |||
| CVE-2026-27886 | high | 7.5 | 7.5 | 17d ago | Strapi may leak sensitive data via relational filtering due to lack of query sanitization | |||
| CVE-2026-23998 | high | 7.5 | 7.5 | 17d ago | Fleet has a Windows MDM management endpoint authentication bypass | |||
| CVE-2026-6332 | high | 7.5 | 7.5 | 17d ago | CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of … | |||
| CVE-2026-42334 | high | 7.5 | 7.5 | 17d ago | Mongoose's Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL Injection | |||
| CVE-2026-42594 | high | 7.5 | 7.5 | 17d ago | Gotenberg has an unauthenticated denial of service via echo.Context pool reuse in webhook async goroutine | |||
| CVE-2026-44375 | high | 7.5 | 7.5 | 17d ago | Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException | |||
| CVE-2026-42186 | high | 7.5 | 7.5 | 17d ago | OpenBao's Namespace Deletion May Not Delete Data Properly | |||
| CVE-2026-6479 | high | 7.5 | 7.5 | 17d ago | Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disable… | |||
| CVE-2026-4031 | high | 7.5 | 7.5 | 17d ago | The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wp_db… | |||
| CVE-2026-4029 | high | 7.5 | 7.5 | 17d ago | The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized database export in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the … | |||
| CVE-2026-6514 | high | 7.5 | 7.5 | 18d ago | The InfusedWoo Pro plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.1.2 via the popup_submit. This makes it possible for unauthenticated attackers to … | |||
| CVE-2026-1659 | high | 7.5 | 7.5 | 18d ago | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause d… | |||
| CVE-2026-1184 | high | 7.5 | 7.5 | 18d ago | GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause den… | |||
| CVE-2026-46419 | high | 7.5 | 7.5 | 18d ago | Yubico webauthn-server-core (aka java-webauthn-server) 2.8.0 before 2.8.2 incorrectly checks a function's return value in the second factor flow, leading to impersonation. | |||
| CVE-2026-44478 | high | 7.5 | 7.5 | 18d ago | hoppscotch is an open source API development ecosystem. The fix for CVE-2026-28215 in version 2026.2.0 addresses the unauthenticated POST /v1/onboarding/config endpoint by checking onboardingComplete… | |||
| CVE-2026-44447 | high | 7.5 | 7.5 | 18d ago | ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.0, some endpoints were vulnerable to SQL injection through specially crafted requests, which would allow a malicious… | |||
| CVE-2026-44446 | high | 7.5 | 7.5 | 18d ago | ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.104.3 and 16.14.0, some endpoints were vulnerable to SQL injection through specially crafted requests, which would all… | |||
| CVE-2026-42561 | high | 7.5 | 7.5 | 18d ago | python-multipart has Denial of Service via unbounded multipart part headers | |||
| CVE-2026-42304 | high | 7.5 | 7.5 | 18d ago | Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service (DoS) attack via resource exha… | |||
| CVE-2026-44248 | high | 7.5 | 7.5 | 18d ago | Netty MQTT: Resource exhaustion in MqttDecoder | |||
| CVE-2026-42587 | high | 7.5 | 7.5 | 18d ago | Netty: HttpContentDecompressor maxAllocation bypass when Content-Encoding set to br/zstd/snappy leads to decompression bomb DoS | |||
| CVE-2026-42585 | high | 7.5 | 7.5 | 18d ago | Netty vulnerable to HTTP Request Smuggling due to malformed Transfer-Encoding | |||
| CVE-2026-42583 | high | 7.5 | 7.5 | 18d ago | Netty Lz4FrameDecoder is vulnerable to resource exhaustion | |||
| CVE-2026-42582 | high | 7.5 | 7.5 | 18d ago | Netty HTTP/3 QPACK literal unbounded allocation | |||
| CVE-2026-42578 | high | 7.5 | 7.5 | 18d ago | Netty has HTTP Header Injection via HttpProxyHandler Disabled Validation (Incomplete Fix CVE-2025-67735) | |||
| CVE-2026-42577 | high | 7.5 | 7.5 | 18d ago | Netty epoll transport denial of service via RST on half-closed TCP connection | |||
| CVE-2026-45109 | high | 7.5 | 7.5 | 18d ago | Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up | |||
| CVE-2026-44579 | high | 7.5 | 7.5 | 18d ago | Next.js vulnerable to Denial of Service via connection exhaustion in applications using Cache Components | |||
| CVE-2026-44004 | high | 7.5 | 7.5 | 18d ago | vm2 Sandbox Access to Host Buffer.alloc Allows timeout Bypass Resulting in Memory Exhaustion | |||
| CVE-2026-44575 | high | 7.5 | 7.5 | 18d ago | Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes | |||
| CVE-2026-44573 | high | 7.5 | 7.5 | 18d ago | Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n | |||
| CVE-2026-45740 | high | 7.5 | 7.5 | 18d ago | protobufjs: Denial of Service via unbounded recursive JSON descriptor expansion | |||
| CVE-2026-44432 | high | 7.5 | 7.5 | 18d ago | urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) c… | |||
| CVE-2026-44290 | high | 7.5 | 7.5 | 18d ago | protobuf.js: Process-wide denial of service through unsafe option paths | |||
| CVE-2026-44289 | high | 7.5 | 7.5 | 18d ago | protobuf.js: Denial of service through unbounded protobuf recursion | |||
| CVE-2026-42920 | high | 7.5 | 7.5 | 18d ago | When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software … | |||
| CVE-2026-42409 | high | 7.5 | 7.5 | 18d ago | When an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) … | |||
| CVE-2026-41956 | high | 7.5 | 7.5 | 18d ago | When a classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached … |