CVEs from 2026
Total
13,535
critical
critical 1,179
high
high 4,321
medium
medium 4,214
low
low 455
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 418
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44379 | medium | 5.3 | 5.3 | 19d ago | MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, MISP Collections did not enforce RFC 4122 UUID validation on the uuid field. As a result, a user able to create or mo… | |||
| CVE-2026-44373 | medium | 5.3 | 5.3 | 19d ago | Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could bypass a proxy route rule by sending percent-encoded path traversal (..%2f) in the URL, causing Nitro to forward… | |||
| CVE-2026-33584 | medium | 5.3 | 5.3 | 19d ago | Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables unauthorized access to sensitive debug information such as metrics and health data. This issue affects Sym… | |||
| CVE-2026-44457 | medium | 5.3 | 5.3 | 19d ago | Hono's Cache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage | |||
| CVE-2026-44431 | medium | 5.3 | 5.3 | 19d ago | urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=Fa… | |||
| CVE-2026-44294 | medium | 5.3 | 5.3 | 19d ago | protobuf.js: Denial of service from crafted field names in generated code | |||
| CVE-2026-44292 | medium | 5.3 | 5.3 | 19d ago | protobuf.js: Prototype injection in generated message constructors | |||
| CVE-2026-44288 | medium | 5.3 | 5.3 | 19d ago | protobufjs has overlong UTF-8 decoding | |||
| CVE-2026-40435 | medium | 5.3 | 5.3 | 19d ago | When configured, IP-based access restrictions for httpd do not cover all endpoints, which may allow connections from blocked addresses. Note: Software versions which have reached End of Technical Su… | |||
| CVE-2026-34019 | medium | 5.3 | 5.3 | 19d ago | When Bidirectional Forwarding Detection (BFD) is configured in Static and Dynamic routing protocols, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to stop processing BFD pack… | |||
| CVE-2026-8463 | medium | 5.3 | 5.3 | 19d ago | Crypt::Argon2 versions from 0.017 before 0.031 for Perl perform a heap out-of-bounds read in argon2_verify on empty encoded input. The auto-detect form of argon2_verify passes encoded_len - 1 as the… | |||
| CVE-2026-7168 | medium | 5.3 | 5.3 | 19d ago | Successfully using libcurl to do a transfer over a specific HTTP proxy (`proxyA`) with **Digest** authentication and then changing the proxy host to a second one (`proxyB`) for a second transfer, reu… | |||
| CVE-2026-7009 | medium | 5.3 | 5.3 | 19d ago | When curl is told to use the Certificate Status Request TLS extension, often referred to as *OCSP stapling*, to verify that the server certificate is valid, it fails to detect OCSP problems and inste… | |||
| CVE-2026-6429 | medium | 5.3 | 5.3 | 19d ago | When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances. | |||
| CVE-2026-2515 | medium | 5.3 | 5.3 | 19d ago | The Hostinger Reach – AI-Powered Email Marketing for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handle_ajax_action' fu… | |||
| CVE-2026-6965 | medium | 5.3 | 5.3 | 19d ago | The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.9.9. This is due to the `get_course_id_by… | |||
| CVE-2026-8200 | medium | 5.3 | 5.3 | 19d ago | When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This is… | |||
| CVE-2026-44341 | medium | 5.3 | 5.3 | 20d ago | GoJobs is a REST API for a Job Board platform. The application exposes a job retrieval endpoint that allows unauthenticated users to access job details by directly manipulating object identifiers. Th… | |||
| CVE-2026-34654 | medium | 5.3 | 5.3 | 20d ago | Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i… | |||
| CVE-2026-23822 | medium | 5.3 | 5.3 | 20d ago | A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an at… | |||
| CVE-2026-42177 | medium | 5.3 | 5.3 | 20d ago | linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter i… | |||
| CVE-2026-31245 | medium | 5.3 | 5.3 | 20d ago | mem0 server lacks authentication and authorization controls for its memory creation API endpoint | |||
| CVE-2026-25431 | medium | 5.3 | 5.3 | 20d ago | Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1. | |||
| CVE-2026-33603 | medium | 5.3 | 5.3 | 20d ago | Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the c… | |||
| CVE-2026-45215 | medium | 5.3 | 5.3 | 20d ago | Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Retrieve Embedded Sensitive Data.This issue affects WP EasyPay: from n/a through <= 4.3.0. | |||
| CVE-2026-45212 | medium | 5.3 | 5.3 | 20d ago | Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset … | |||
| CVE-2026-7626 | medium | 5.3 | 5.3 | 20d ago | The Slek Gateway for WooCommerce plugin for WordPress is vulnerable to Information Exposure in version 1.0. This is due to the wsb_handle_slek_payment_redirect() function placing the merchant's slek_… | |||
| CVE-2026-6708 | medium | 5.3 | 5.3 | 20d ago | The HEL Online Classroom: AI-powered Online Classrooms plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.3. This is due to a missing capability che… | |||
| CVE-2026-5693 | medium | 5.3 | 5.3 | 20d ago | The Smart Appointment & Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and a nonce validation logic flaw in the saab_cancel_booking(… | |||
| CVE-2026-8319 | medium | 5.3 | 5.3 | 21d ago | aiwaves-cn agents is vulnerable to resource consumption in the recall_relevant_memories_to_working_memory function | |||
| CVE-2026-6146 | medium | 5.3 | 5.3 | 21d ago | Amazon::Credentials versions through 1.2.0 for Perl uses rand to generate encryption keys. Amazon::Credentials stores credentials in an obfuscated form to prevent access to the secrets from a data d… | |||
| CVE-2026-8318 | medium | 5.3 | 5.3 | 21d ago | A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toc_transformer of the file pageindex/page_in… | |||
| CVE-2026-45002 | medium | 5.3 | 5.3 | 21d ago | OpenClaw: Hook mapping templates could bypass hook session-key opt-in | |||
| CVE-2026-44999 | medium | 5.3 | 5.3 | 21d ago | OpenClaw: Isolated cron awareness events were recorded as trusted system events | |||
| CVE-2026-44994 | medium | 5.3 | 5.3 | 21d ago | OpenClaw before 2026.4.22 contains an authentication bypass vulnerability in the Control UI bootstrap config endpoint that allows unauthenticated attackers to read sensitive configuration fields. Att… | |||
| CVE-2026-44226 | medium | 5.3 | 5.3 | 21d ago | PyLoad vulnerable to unauthenticated traceback disclosure via global exception handler in WebUI | |||
| CVE-2026-34093 | medium | 5.3 | 5.3 | 21d ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Specials/SpecialUserRights.P… | |||
| CVE-2026-44201 | medium | 5.3 | 5.3 | 21d ago | Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, the Documents and Images API incorrectly listed items in private collections. A user with access t… | |||
| CVE-2026-1677 | medium | 5.3 | 5.3 | 21d ago | Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to … | |||
| CVE-2026-8274 | medium | 5.3 | 5.3 | 21d ago | A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function do_directory of the file cramfsck.c of the component Directory Handler. Such manipulation leads t… | |||
| CVE-2026-8258 | medium | 5.3 | 5.3 | 21d ago | A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The at… | |||
| CVE-2026-28994 | medium | 5.3 | 5.3 | 22d ago | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS T… | |||
| CVE-2026-45179 | medium | 5.3 | 5.3 | 22d ago | Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host o… | |||
| CVE-2026-8244 | medium | 5.3 | 5.3 | 22d ago | A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVe… | |||
| CVE-2026-8243 | medium | 5.3 | 5.3 | 22d ago | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to… | |||
| CVE-2026-8241 | medium | 5.3 | 5.3 | 22d ago | A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component RMI Interface. Such manipulation lea… | |||
| CVE-2026-8215 | medium | 5.3 | 5.3 | 23d ago | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Interface. This manipulation of… | |||
| CVE-2026-8214 | medium | 5.3 | 5.3 | 23d ago | A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results… | |||
| CVE-2026-8210 | medium | 5.3 | 5.3 | 23d ago | A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of the file helper.go of the component Update H… | |||
| CVE-2026-8198 | medium | 5.3 | 5.3 | 23d ago | The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including… | |||
| CVE-2026-32683 | medium | 5.3 | 5.3 | 23d ago | Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to… | |||
| CVE-2026-7652 | medium | 5.3 | 5.3 | 23d ago | The LatePoint plugin for WordPress is vulnerable to Account Takeover via Weak Password Recovery Mechanism in the unauthenticated guest booking flow in versions up to, and including, 5.5.0 This is due… | |||
| CVE-2026-44656 | medium | 5.3 | 5.3 | 24d ago | Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick… | |||
| CVE-2026-42190 | medium | 5.3 | 5.3 | 24d ago | RedwoodSDK has Same-site CSRF through lack of origin validation in its server actions | |||
| CVE-2026-41495 | medium | 5.3 | 5.3 | 24d ago | n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests | |||
| CVE-2026-42028 | medium | 5.3 | 5.3 | 24d ago | novaGallery is a php image gallery. Prior to version 2.1.1, a path traversal vulnerability has been identified in novaGallery. This allows unauthenticated users to read image files outside the intend… | |||
| CVE-2026-44500 | medium | 5.3 | 5.3 | 24d ago | Zebra Vulnerable to Allocation Amplification in Inbound Network Deserializers | |||
| CVE-2026-41423 | medium | 5.3 | 5.3 | 24d ago | Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server | |||
| CVE-2026-41161 | medium | 5.3 | 5.3 | 24d ago | Sync-in Server has Username Enumeration via Timing Attack | |||
| CVE-2026-44928 | medium | 5.3 | 5.3 | 24d ago | In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal. | |||
| CVE-2026-44927 | medium | 5.3 | 5.3 | 24d ago | In uriparser before 1.0.2, there is pointer difference truncation to int in various places. | |||
| CVE-2026-41645 | medium | 5.3 | 5.3 | 24d ago | Nuclei: Environment variable disclosure via Response-Derived DSL Expressions | |||
| CVE-2026-8115 | medium | 5.3 | 5.3 | 25d ago | short-video-maker has a path traversal vulnerability | |||
| CVE-2026-41928 | medium | 5.3 | 5.3 | 25d ago | Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the application's secret cron key. Attackers can access … | |||
| CVE-2026-42241 | medium | 5.3 | 5.3 | 25d ago | ParquetSharp: Possible Stack Overflow When Reading a ParquetFile with Large Decimal Type Width | |||
| CVE-2026-39825 | medium | 5.3 | 5.3 | 25d ago | ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitize… | |||
| CVE-2026-39819 | medium | 5.3 | 5.3 | 25d ago | The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one… | |||
| CVE-2026-42878 | medium | 5.3 | 5.3 | 25d ago | FacturaScripts is an open source accounting and invoicing software. Prior to v2026, an unauthenticated information disclosure vulnerability in the Installer controller allows any remote attacker to t… | |||
| CVE-2026-27416 | medium | 5.3 | 5.3 | 25d ago | Missing Authorization vulnerability in bPlugins PDF Poster allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF Poster: from n/a through 2.4.1. | |||
| CVE-2026-27329 | medium | 5.3 | 5.3 | 25d ago | Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooC… | |||
| CVE-2026-25468 | medium | 5.3 | 5.3 | 25d ago | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Happy Addons… | |||
| CVE-2026-25436 | medium | 5.3 | 5.3 | 25d ago | Missing Authorization vulnerability in WProyal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal Elementor Addons: from n/a bef… | |||
| CVE-2026-44600 | medium | 5.3 | 5.3 | 25d ago | Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010. | |||
| CVE-2026-44599 | medium | 5.3 | 5.3 | 25d ago | Tor before 0.4.9.7 can attempt or accept BEGIN_DIR via conflux legs, aka TROVE-2026-008. | |||
| CVE-2026-6222 | medium | 5.3 | 5.3 | 25d ago | The Forminator Forms plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.51.1. This is due to the `processRequest()` method in `Forminator_Admin_Module_Edit_… | |||
| CVE-2026-41417 | medium | 5.3 | 5.3 | 26d ago | Netty: Start-Line Injection in DefaultHttpRequest.setUri() Allows HTTP Request Smuggling and RTSP Request Injection | |||
| CVE-2026-41310 | medium | 5.3 | 5.3 | 26d ago | OpenTelemetry's Zipkin remote endpoint cache could grow without bounds and increase memory pressure | |||
| CVE-2026-44306 | medium | 5.3 | 5.3 | 26d ago | Statamic CMS vulnerable to email enumeration via forgot password endpoint | |||
| CVE-2026-8033 | medium | 5.3 | 5.3 | 26d ago | A vulnerability has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. This affects an unknown function of the file /cdemos/echs/api/v2/ of the component Response Header Handler. Such man… | |||
| CVE-2026-8031 | medium | 5.3 | 5.3 | 26d ago | A vulnerability was detected in PicoTronica e-Clinic Healthcare System ECHS 5.7. The affected element is an unknown function of the file /cdemos/echs/api/v2/patient-records of the component API Endpo… | |||
| CVE-2026-8020 | medium | 5.3 | 5.3 | 26d ago | Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process… | |||
| CVE-2026-7960 | medium | 5.3 | 5.3 | 26d ago | Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted… | |||
| CVE-2026-7955 | medium | 5.3 | 5.3 | 26d ago | Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via… | |||
| CVE-2026-41931 | medium | 5.3 | 5.3 | 26d ago | Vvveb before version 1.0.8.2 contains an information disclosure vulnerability that allows unauthenticated attackers to obtain sensitive server information by triggering unhandled exceptions in the pa… | |||
| CVE-2026-20195 | medium | 5.3 | 5.3 | 26d ago | A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device. This vulnerability exist… | |||
| CVE-2026-8026 | medium | 5.3 | 5.3 | 26d ago | Flowise: Bcrypt Password Hash Exposure | |||
| CVE-2026-6860 | medium | 5.3 | 5.3 | 26d ago | Vert.x has a DoS via unbounded server-side SNI SslContext cache growth | |||
| CVE-2026-3208 | medium | 5.3 | 5.3 | 26d ago | The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mp_pix_image' WooCommerce API endpoint in all ver… | |||
| CVE-2026-43881 | medium | 5.3 | 5.3 | 27d ago | AVideo: Unauthenticated User Enumeration in objects/users.json.php via isCompany Parameter Allows Bypass of the Admin-Only Listing Restriction | |||
| CVE-2026-43880 | medium | 5.3 | 5.3 | 27d ago | AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Enables Phishing from the Site’s Legitimate From Address | |||
| CVE-2026-34527 | medium | 5.3 | 5.3 | 27d ago | Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high… | |||
| CVE-2026-33420 | medium | 5.3 | 5.3 | 27d ago | Vaultwarden is a Bitwarden-compatible server written in Rust. In version 1.35.4 and earlier, the get_org_collections_details endpoint (GET /api/organizations/{org_id}/collections/details) is missing … | |||
| CVE-2026-6907 | medium | 5.3 | 5.3 | 27d ago | An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. `django.middleware.cache.UpdateCacheMiddleware` erroneously caches requests where the `Vary` header contained an asterisk (`'*'`). T… | |||
| CVE-2026-43002 | medium | 5.3 | 5.3 | 27d ago | OpenStack Horizon has Incorrect Behavior Order | |||
| CVE-2026-5766 | medium | 5.3 | 5.3 | 27d ago | An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated `Content-Length` header can bypass the `FILE_UPLOAD_MAX_MEMORY_SIZE` limit, potentially … | |||
| CVE-2026-43572 | medium | 5.3 | 5.3 | 27d ago | OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks | |||
| CVE-2026-43868 | medium | 5.3 | 5.3 | 27d ago | Apache Thrift has a Memory Allocation with Excessive Size Value Vulnerability | |||
| CVE-2026-2729 | medium | 5.3 | 5.3 | 27d ago | The Forminator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.52.0. This is due to the plugin not properly verifying that a user is authorized to p… | |||
| CVE-2026-44029 | medium | 5.3 | 5.3 | 28d ago | An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.… | |||
| CVE-2026-41572 | medium | 5.3 | 5.3 | 28d ago | Note Mark: Unauthenticated read of notes and assets in soft-deleted public books |