CVEs from 2026
Total
13,521
critical
critical 1,179
high
high 4,311
medium
medium 4,198
low
low 452
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-6965 | medium | 5.3 | 5.3 | 19d ago | The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.9.9. This is due to the `get_course_id_by… | |||
| CVE-2026-8200 | medium | 5.3 | 5.3 | 19d ago | When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This is… | |||
| CVE-2026-44341 | medium | 5.3 | 5.3 | 20d ago | GoJobs is a REST API for a Job Board platform. The application exposes a job retrieval endpoint that allows unauthenticated users to access job details by directly manipulating object identifiers. Th… | |||
| CVE-2026-34654 | medium | 5.3 | 5.3 | 20d ago | Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i… | |||
| CVE-2026-23822 | medium | 5.3 | 5.3 | 20d ago | A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an at… | |||
| CVE-2026-42177 | medium | 5.3 | 5.3 | 20d ago | linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter i… | |||
| CVE-2026-31245 | medium | 5.3 | 5.3 | 20d ago | mem0 server lacks authentication and authorization controls for its memory creation API endpoint | |||
| CVE-2026-25431 | medium | 5.3 | 5.3 | 20d ago | Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1. | |||
| CVE-2026-33603 | medium | 5.3 | 5.3 | 20d ago | Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the c… | |||
| CVE-2026-45215 | medium | 5.3 | 5.3 | 20d ago | Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Retrieve Embedded Sensitive Data.This issue affects WP EasyPay: from n/a through <= 4.3.0. | |||
| CVE-2026-45212 | medium | 5.3 | 5.3 | 20d ago | Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset … | |||
| CVE-2026-7626 | medium | 5.3 | 5.3 | 20d ago | The Slek Gateway for WooCommerce plugin for WordPress is vulnerable to Information Exposure in version 1.0. This is due to the wsb_handle_slek_payment_redirect() function placing the merchant's slek_… | |||
| CVE-2026-6708 | medium | 5.3 | 5.3 | 20d ago | The HEL Online Classroom: AI-powered Online Classrooms plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.3. This is due to a missing capability che… | |||
| CVE-2026-5693 | medium | 5.3 | 5.3 | 20d ago | The Smart Appointment & Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and a nonce validation logic flaw in the saab_cancel_booking(… | |||
| CVE-2026-8319 | medium | 5.3 | 5.3 | 21d ago | aiwaves-cn agents is vulnerable to resource consumption in the recall_relevant_memories_to_working_memory function | |||
| CVE-2026-6146 | medium | 5.3 | 5.3 | 21d ago | Amazon::Credentials versions through 1.2.0 for Perl uses rand to generate encryption keys. Amazon::Credentials stores credentials in an obfuscated form to prevent access to the secrets from a data d… | |||
| CVE-2026-8318 | medium | 5.3 | 5.3 | 21d ago | A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toc_transformer of the file pageindex/page_in… | |||
| CVE-2026-45002 | medium | 5.3 | 5.3 | 21d ago | OpenClaw: Hook mapping templates could bypass hook session-key opt-in | |||
| CVE-2026-44999 | medium | 5.3 | 5.3 | 21d ago | OpenClaw: Isolated cron awareness events were recorded as trusted system events | |||
| CVE-2026-44994 | medium | 5.3 | 5.3 | 21d ago | OpenClaw before 2026.4.22 contains an authentication bypass vulnerability in the Control UI bootstrap config endpoint that allows unauthenticated attackers to read sensitive configuration fields. Att… | |||
| CVE-2026-44226 | medium | 5.3 | 5.3 | 21d ago | PyLoad vulnerable to unauthenticated traceback disclosure via global exception handler in WebUI | |||
| CVE-2026-34093 | medium | 5.3 | 5.3 | 21d ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Specials/SpecialUserRights.P… | |||
| CVE-2026-44201 | medium | 5.3 | 5.3 | 21d ago | Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, the Documents and Images API incorrectly listed items in private collections. A user with access t… | |||
| CVE-2026-1677 | medium | 5.3 | 5.3 | 21d ago | Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to … | |||
| CVE-2026-8274 | medium | 5.3 | 5.3 | 21d ago | A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function do_directory of the file cramfsck.c of the component Directory Handler. Such manipulation leads t… | |||
| CVE-2026-8258 | medium | 5.3 | 5.3 | 21d ago | A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The at… | |||
| CVE-2026-28994 | medium | 5.3 | 5.3 | 21d ago | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS T… | |||
| CVE-2026-45179 | medium | 5.3 | 5.3 | 22d ago | Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host o… | |||
| CVE-2026-8244 | medium | 5.3 | 5.3 | 22d ago | A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVe… | |||
| CVE-2026-8243 | medium | 5.3 | 5.3 | 22d ago | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to… | |||
| CVE-2026-8241 | medium | 5.3 | 5.3 | 22d ago | A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component RMI Interface. Such manipulation lea… | |||
| CVE-2026-8215 | medium | 5.3 | 5.3 | 22d ago | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Interface. This manipulation of… | |||
| CVE-2026-8214 | medium | 5.3 | 5.3 | 22d ago | A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results… | |||
| CVE-2026-8210 | medium | 5.3 | 5.3 | 23d ago | A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of the file helper.go of the component Update H… | |||
| CVE-2026-8198 | medium | 5.3 | 5.3 | 23d ago | The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including… | |||
| CVE-2026-32683 | medium | 5.3 | 5.3 | 23d ago | Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to… | |||
| CVE-2026-7652 | medium | 5.3 | 5.3 | 23d ago | The LatePoint plugin for WordPress is vulnerable to Account Takeover via Weak Password Recovery Mechanism in the unauthenticated guest booking flow in versions up to, and including, 5.5.0 This is due… | |||
| CVE-2026-44656 | medium | 5.3 | 5.3 | 24d ago | Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick… | |||
| CVE-2026-42190 | medium | 5.3 | 5.3 | 24d ago | RedwoodSDK has Same-site CSRF through lack of origin validation in its server actions | |||
| CVE-2026-41495 | medium | 5.3 | 5.3 | 24d ago | n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests | |||
| CVE-2026-42028 | medium | 5.3 | 5.3 | 24d ago | novaGallery is a php image gallery. Prior to version 2.1.1, a path traversal vulnerability has been identified in novaGallery. This allows unauthenticated users to read image files outside the intend… | |||
| CVE-2026-44500 | medium | 5.3 | 5.3 | 24d ago | Zebra Vulnerable to Allocation Amplification in Inbound Network Deserializers | |||
| CVE-2026-41423 | medium | 5.3 | 5.3 | 24d ago | Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server | |||
| CVE-2026-41161 | medium | 5.3 | 5.3 | 24d ago | Sync-in Server has Username Enumeration via Timing Attack | |||
| CVE-2026-44928 | medium | 5.3 | 5.3 | 24d ago | In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal. | |||
| CVE-2026-44927 | medium | 5.3 | 5.3 | 24d ago | In uriparser before 1.0.2, there is pointer difference truncation to int in various places. | |||
| CVE-2026-41645 | medium | 5.3 | 5.3 | 24d ago | Nuclei: Environment variable disclosure via Response-Derived DSL Expressions | |||
| CVE-2026-8115 | medium | 5.3 | 5.3 | 25d ago | short-video-maker has a path traversal vulnerability | |||
| CVE-2026-41928 | medium | 5.3 | 5.3 | 25d ago | Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the application's secret cron key. Attackers can access … | |||
| CVE-2026-42241 | medium | 5.3 | 5.3 | 25d ago | ParquetSharp: Possible Stack Overflow When Reading a ParquetFile with Large Decimal Type Width | |||
| CVE-2026-39825 | medium | 5.3 | 5.3 | 25d ago | ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitize… | |||
| CVE-2026-39819 | medium | 5.3 | 5.3 | 25d ago | The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one… | |||
| CVE-2026-42878 | medium | 5.3 | 5.3 | 25d ago | FacturaScripts is an open source accounting and invoicing software. Prior to v2026, an unauthenticated information disclosure vulnerability in the Installer controller allows any remote attacker to t… | |||
| CVE-2026-27416 | medium | 5.3 | 5.3 | 25d ago | Missing Authorization vulnerability in bPlugins PDF Poster allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF Poster: from n/a through 2.4.1. | |||
| CVE-2026-27329 | medium | 5.3 | 5.3 | 25d ago | Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooC… | |||
| CVE-2026-25468 | medium | 5.3 | 5.3 | 25d ago | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Happy Addons… | |||
| CVE-2026-25436 | medium | 5.3 | 5.3 | 25d ago | Missing Authorization vulnerability in WProyal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal Elementor Addons: from n/a bef… | |||
| CVE-2026-44600 | medium | 5.3 | 5.3 | 25d ago | Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010. | |||
| CVE-2026-44599 | medium | 5.3 | 5.3 | 25d ago | Tor before 0.4.9.7 can attempt or accept BEGIN_DIR via conflux legs, aka TROVE-2026-008. | |||
| CVE-2026-6222 | medium | 5.3 | 5.3 | 25d ago | The Forminator Forms plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.51.1. This is due to the `processRequest()` method in `Forminator_Admin_Module_Edit_… | |||
| CVE-2026-41417 | medium | 5.3 | 5.3 | 26d ago | Netty: Start-Line Injection in DefaultHttpRequest.setUri() Allows HTTP Request Smuggling and RTSP Request Injection | |||
| CVE-2026-41310 | medium | 5.3 | 5.3 | 26d ago | OpenTelemetry's Zipkin remote endpoint cache could grow without bounds and increase memory pressure | |||
| CVE-2026-44306 | medium | 5.3 | 5.3 | 26d ago | Statamic CMS vulnerable to email enumeration via forgot password endpoint | |||
| CVE-2026-8033 | medium | 5.3 | 5.3 | 26d ago | A vulnerability has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. This affects an unknown function of the file /cdemos/echs/api/v2/ of the component Response Header Handler. Such man… | |||
| CVE-2026-8031 | medium | 5.3 | 5.3 | 26d ago | A vulnerability was detected in PicoTronica e-Clinic Healthcare System ECHS 5.7. The affected element is an unknown function of the file /cdemos/echs/api/v2/patient-records of the component API Endpo… | |||
| CVE-2026-8020 | medium | 5.3 | 5.3 | 26d ago | Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process… | |||
| CVE-2026-7960 | medium | 5.3 | 5.3 | 26d ago | Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted… | |||
| CVE-2026-7955 | medium | 5.3 | 5.3 | 26d ago | Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via… | |||
| CVE-2026-41931 | medium | 5.3 | 5.3 | 26d ago | Vvveb before version 1.0.8.2 contains an information disclosure vulnerability that allows unauthenticated attackers to obtain sensitive server information by triggering unhandled exceptions in the pa… | |||
| CVE-2026-20195 | medium | 5.3 | 5.3 | 26d ago | A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device. This vulnerability exist… | |||
| CVE-2026-8026 | medium | 5.3 | 5.3 | 26d ago | Flowise: Bcrypt Password Hash Exposure | |||
| CVE-2026-6860 | medium | 5.3 | 5.3 | 26d ago | Vert.x has a DoS via unbounded server-side SNI SslContext cache growth | |||
| CVE-2026-3208 | medium | 5.3 | 5.3 | 26d ago | The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mp_pix_image' WooCommerce API endpoint in all ver… | |||
| CVE-2026-43881 | medium | 5.3 | 5.3 | 27d ago | AVideo: Unauthenticated User Enumeration in objects/users.json.php via isCompany Parameter Allows Bypass of the Admin-Only Listing Restriction | |||
| CVE-2026-43880 | medium | 5.3 | 5.3 | 27d ago | AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Enables Phishing from the Site’s Legitimate From Address | |||
| CVE-2026-34527 | medium | 5.3 | 5.3 | 27d ago | Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high… | |||
| CVE-2026-33420 | medium | 5.3 | 5.3 | 27d ago | Vaultwarden is a Bitwarden-compatible server written in Rust. In version 1.35.4 and earlier, the get_org_collections_details endpoint (GET /api/organizations/{org_id}/collections/details) is missing … | |||
| CVE-2026-6907 | medium | 5.3 | 5.3 | 27d ago | An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. `django.middleware.cache.UpdateCacheMiddleware` erroneously caches requests where the `Vary` header contained an asterisk (`'*'`). T… | |||
| CVE-2026-43002 | medium | 5.3 | 5.3 | 27d ago | OpenStack Horizon has Incorrect Behavior Order | |||
| CVE-2026-5766 | medium | 5.3 | 5.3 | 27d ago | An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated `Content-Length` header can bypass the `FILE_UPLOAD_MAX_MEMORY_SIZE` limit, potentially … | |||
| CVE-2026-43572 | medium | 5.3 | 5.3 | 27d ago | OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks | |||
| CVE-2026-43868 | medium | 5.3 | 5.3 | 27d ago | Apache Thrift has a Memory Allocation with Excessive Size Value Vulnerability | |||
| CVE-2026-2729 | medium | 5.3 | 5.3 | 27d ago | The Forminator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.52.0. This is due to the plugin not properly verifying that a user is authorized to p… | |||
| CVE-2026-44029 | medium | 5.3 | 5.3 | 27d ago | An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.… | |||
| CVE-2026-41572 | medium | 5.3 | 5.3 | 28d ago | Note Mark: Unauthenticated read of notes and assets in soft-deleted public books | |||
| CVE-2026-33007 | medium | 5.3 | 5.3 | 28d ago | Important: httpd security update | |||
| CVE-2026-34032 | medium | 5.3 | 5.3 | 28d ago | Important: httpd security update | |||
| CVE-2026-33857 | medium | 5.3 | 5.3 | 28d ago | Important: httpd security update | |||
| CVE-2026-5335 | medium | 5.3 | 5.3 | 28d ago | The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information. | |||
| CVE-2026-7722 | medium | 5.3 | 5.3 | 28d ago | Prefect Auth Bypass via endswith() Health Check Exemption | |||
| CVE-2026-7702 | medium | 5.3 | 5.3 | 29d ago | A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview E… | |||
| CVE-2026-7686 | medium | 5.3 | 5.3 | 29d ago | A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activa… | |||
| CVE-2026-40561 | medium | 5.3 | 5.3 | 29d ago | Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both head… | |||
| CVE-2026-3504 | medium | 5.3 | 5.3 | 1mo ago | The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/… | |||
| CVE-2026-4024 | medium | 5.3 | 5.3 | 1mo ago | The Royal Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `wpr_update_form_action_meta` AJAX action in all versio… | |||
| CVE-2026-6449 | medium | 5.3 | 5.3 | 1mo ago | The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circ… | |||
| CVE-2026-4650 | medium | 5.3 | 5.3 | 1mo ago | The FundPress – WordPress Donation Plugin for WordPress is vulnerable to authorization bypass in versions up to and including 2.0.8. This is due to missing authorization and nonce verification in the… | |||
| CVE-2026-7638 | medium | 5.3 | 5.3 | 1mo ago | The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to miss… | |||
| CVE-2026-7589 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was determined in ghantakiran splunk-mcp-integration up to 0b86b09d5e5adf0433acd43c975951224613a1a6. Impacted is the function create_csv_export of the file services/csv-export-service… | |||
| CVE-2026-7588 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get_style_guide/get_best_practices of the file server.py. The manipulation of the argument Language results i… |