CVEs from 2026
Total
14,003
critical
critical 1,216
high
high 4,577
medium
medium 4,408
low
low 483
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 503
- firepower_threat_defense_software 300
- firepower_threat_defense 298
- gcp 229
- openclaw 172
- commerce 104
- commerce_b2b 89
- saml_sso_-_service_provider 77
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-1340 | unknown | — | 2.5 | 2mo ago | Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution. | |||
| CVE-2026-34197 | unknown | — | 2.5 | 2mo ago | Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection. | |||
| CVE-2026-5420 | low | 2.5 | 2.5 | 2mo ago | A security flaw has been discovered in Shinrays Games Goods Triple App up to 1.200. The affected element is an unknown function of the file jRwTX.java of the component cats.goods.sort.sorting.games. … | |||
| CVE-2026-5310 | low | 2.5 | 2.5 | 2mo ago | A vulnerability was identified in Enter Software Iperius Backup up to 8.7.2. This impacts an unknown function of the file IperiusAccounts.ini. Such manipulation leads to use of hard-coded cryptograph… | |||
| CVE-2026-3055 | unknown | — | 2.5 | 2mo ago | Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configured as a SAML IDP lea… | |||
| CVE-2026-4823 | low | 2.5 | 2.5 | 2mo ago | A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this vulnerability is an unknown functionality of the component NTLM2 Handler. Executing a manipulation can lead to inf… | |||
| CVE-2026-33168 | low | — | 2.5 | 2mo ago | Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in… | |||
| CVE-2026-33167 | low | — | 2.5 | 2mo ago | Rails has a possible XSS vulnerability in its Action Pack debug exceptions | |||
| CVE-2026-4541 | low | 2.5 | 2.5 | 2mo ago | A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/crypto_sign_ed25519_tinyssh.c of the component Ed25519 Signature Handler. This manipulat… | |||
| CVE-2026-4251 | low | 2.5 | 2.5 | 3mo ago | A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this vulnerability is an unknown functionality of the file resources/assets/flutter_assets/assets/credentials.… | |||
| CVE-2026-4250 | low | 2.5 | 2.5 | 3mo ago | A vulnerability was found in Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android. Affected is an unknown function of the file resources/assets/service-account.json of the compone… | |||
| CVE-2026-4243 | low | 2.5 | 2.5 | 3mo ago | A weakness has been identified in La Nacion App 10.2.25 on Android. This impacts an unknown function of the file source/app/lanacion/clublanacion/BuildConfig.java of the component app.lanacion.activi… | |||
| CVE-2026-4242 | low | 2.5 | 2.5 | 3mo ago | A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up to 5.4.3.0 on Android. This affects an unknown function of the file file app/babychakra/babychakra/Configuration.java of… | |||
| CVE-2026-4218 | low | 2.5 | 2.5 | 3mo ago | A vulnerability was detected in myAEDES App up to 1.18.4 on Android. Affected is an unknown function of the file aedes/me/beta/utils/EngageBayUtils.java of the component aedes.me.beta. Performing a m… | |||
| CVE-2026-4217 | low | 2.5 | 2.5 | 3mo ago | A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the com… | |||
| CVE-2026-20127 | unknown | — | 2.5 | 3mo ago | Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, re… | |||
| CVE-2026-2974 | low | 2.5 | 2.5 | 3mo ago | A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file shared_prefs/aliasvault.xml of the component Backup Handler. The mani… | |||
| CVE-2026-2656 | low | 2.5 | 2.5 | 3mo ago | A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::Type_Info::bare_equal of the file include/chaiscript/dispatchkit/type_info.hpp. This manipulation causes use aft… | |||
| CVE-2026-2655 | low | 2.5 | 2.5 | 3mo ago | A vulnerability was detected in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::str_less::operator of the file include/chaiscript/chaiscript_defines.hpp. The manipulation res… | |||
| CVE-2026-2441 | unknown | — | 2.5 | 4mo ago | Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple… | |||
| CVE-2026-1731 | unknown | — | 2.5 | 4mo ago | BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Successful exploitation could allow an unauthenticated remote attacker to execute oper… | |||
| CVE-2026-1281 | unknown | — | 2.5 | 4mo ago | Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution. | |||
| CVE-2026-24061 | unknown | — | 2.5 | 4mo ago | GNU InetUtils contains an argument injection vulnerability in telnetd that could allow for remote authentication bypass via a "-f root" value for the USER environment variable. | |||
| CVE-2026-10529 | low | 2.4 | 2.4 | 15h ago | A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown function of the file src/main/java/com/zhiliao/module/web/system/ScheduleJo… | |||
| CVE-2026-10514 | low | 2.4 | 2.4 | 17h ago | A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestParamTrimConfig.java. The mani… | |||
| CVE-2026-10112 | low | 2.4 | 2.4 | 3d ago | A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site s… | |||
| CVE-2026-49318 | low | 2.4 | 2.4 | 4d ago | Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. T… | |||
| CVE-2026-49317 | low | 2.4 | 2.4 | 4d ago | Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. T… | |||
| CVE-2026-9608 | low | 2.4 | 2.4 | 7d ago | A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can le… | |||
| CVE-2026-9564 | low | 2.4 | 2.4 | 7d ago | A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/view_patient. Perf… | |||
| CVE-2026-9377 | low | 2.4 | 2.4 | 9d ago | A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName … | |||
| CVE-2026-9247 | low | 2.4 | 2.4 | 11d ago | Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry without triggering the unseal notification to admi… | |||
| CVE-2026-42188 | low | 2.4 | 2.4 | 22d ago | Geyser Vulnerable to Server-Side Request Forgery (SSRF) via Player Head Texture URL in Geyser | |||
| CVE-2026-44658 | low | 2.4 | 2.4 | 22d ago | Zen is a firefox-based browser. Prior to 1.19.12b, RSS feed URLs entered by the user are validated to http: or https: in promptForFeedUrl, but item links inside the feed are not subject to the same r… | |||
| CVE-2026-8262 | low | 2.4 | 2.4 | 23d ago | A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /accounts/chart-save. Such manipulation leads to cross site scripting. The attack ma… | |||
| CVE-2026-8256 | low | 2.4 | 2.4 | 23d ago | A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. This vulnerability affects unknown code of the file /accounts/mr-save. Such manipulation leads to cross site scriptin… | |||
| CVE-2026-8255 | low | 2.4 | 2.4 | 23d ago | A weakness has been identified in Devs Palace ERP Online up to 4.0.0. This affects an unknown part of the file /inventory/add_new_customer. This manipulation causes cross site scripting. The attack c… | |||
| CVE-2026-8254 | low | 2.4 | 2.4 | 23d ago | A security flaw has been discovered in Devs Palace ERP Online up to 4.0.0. Affected by this issue is some unknown functionality of the file /inventory/sales_save. The manipulation results in cross si… | |||
| CVE-2026-8253 | low | 2.4 | 2.4 | 23d ago | A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. Affected by this vulnerability is an unknown functionality of the file /inventory/purchase_save. The manipulation leads to cross … | |||
| CVE-2026-8221 | low | 2.4 | 2.4 | 24d ago | A flaw has been found in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /inventory/item-save. This manipulation causes cross site scripting. The attack is possible t… | |||
| CVE-2026-8220 | low | 2.4 | 2.4 | 24d ago | A vulnerability was detected in Devs Palace ERP Online up to 4.0.0. This affects an unknown function of the file /inventory/customer-save. The manipulation results in cross site scripting. The attack… | |||
| CVE-2026-8219 | low | 2.4 | 2.4 | 24d ago | A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. The impacted element is an unknown function of the file /inventory/supplier-save. The manipulation leads to cross sit… | |||
| CVE-2026-8218 | low | 2.4 | 2.4 | 24d ago | A weakness has been identified in Devs Palace ERP Online up to 4.0.0. The affected element is an unknown function of the file /inventory/purchase_return_save. Executing a manipulation can lead to cro… | |||
| CVE-2026-8136 | low | 2.4 | 2.4 | 26d ago | A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead… | |||
| CVE-2026-7297 | low | 2.4 | 2.4 | 1mo ago | A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation… | |||
| CVE-2026-7296 | low | 2.4 | 2.4 | 1mo ago | A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_order of the file /admin/ajax.php?action=save_order. Performing a manipulation of the argument… | |||
| CVE-2026-7295 | low | 2.4 | 2.4 | 1mo ago | A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Such manipulation of the … | |||
| CVE-2026-7294 | low | 2.4 | 2.4 | 1mo ago | A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file /admin/index.php?page=save_settings. This manipulation o… | |||
| CVE-2026-7281 | low | 2.4 | 2.4 | 1mo ago | A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation … | |||
| CVE-2026-7269 | low | 2.4 | 2.4 | 1mo ago | A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID … | |||
| CVE-2026-7090 | low | 2.4 | 2.4 | 1mo ago | A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send_message.php of the component Chat Interface. The manipulation of the argument m… | |||
| CVE-2026-7016 | low | 2.4 | 2.4 | 1mo ago | A vulnerability was found in MaxSite CMS up to 109.3. Impacted is an unknown function of the component ushki Plugin. Performing a manipulation of the argument f_ushka_new/f_ushk results in cross site… | |||
| CVE-2026-7015 | low | 2.4 | 2.4 | 1mo ago | A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of the argument f_text/f_slug/f_limit/f_emai… | |||
| CVE-2026-7014 | low | 2.4 | 2.4 | 1mo ago | A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component down_count Plugin. This manipulation of the argument f_file/f_prefix causes cross site scrip… | |||
| CVE-2026-7013 | low | 2.4 | 2.4 | 1mo ago | A security vulnerability has been detected in MaxSite CMS up to 109.3. Affected by this issue is some unknown functionality of the component mail_send Plugin. The manipulation of the argument f_subje… | |||
| CVE-2026-7012 | low | 2.4 | 2.4 | 1mo ago | A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument f_all/f_all404 results in cross site scripting… | |||
| CVE-2026-7011 | low | 2.4 | 2.4 | 1mo ago | A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/plugin_antispam of the component Antispam Plugin. Executing a … | |||
| CVE-2026-7001 | low | 2.4 | 2.4 | 1mo ago | A vulnerability was found in Datacom DM4100 1.3.6.1.4.1.3709. This affects an unknown part of the component Ethernet Configuration Page. Performing a manipulation of the argument Name results in cros… | |||
| CVE-2026-7000 | low | 2.4 | 2.4 | 1mo ago | A vulnerability has been found in Datacom DM4100 1.3.6.1.4.1.3709. Affected by this issue is some unknown functionality of the component VLAN Page. Such manipulation of the argument VLAN Name leads t… | |||
| CVE-2026-6999 | low | 2.4 | 2.4 | 1mo ago | A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID cau… | |||
| CVE-2026-6998 | low | 2.4 | 2.4 | 1mo ago | A vulnerability was detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. Affected is an unknown function of the component New RMON Statistics Page. The manipulation of the argument Owner results in cr… | |||
| CVE-2026-6997 | low | 2.4 | 2.4 | 1mo ago | A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This impacts an unknown function of the component New RMON History Page. The manipulation of the argument Owner l… | |||
| CVE-2026-6996 | low | 2.4 | 2.4 | 1mo ago | A weakness has been identified in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This affects an unknown function of the component rmon event Tab. Executing a manipulation of the argument Description can le… | |||
| CVE-2026-6995 | low | 2.4 | 2.4 | 1mo ago | A security flaw has been discovered in BDCOM P3310D 0.4.2 10.1.0F Build 86345. The impacted element is an unknown function of the file /index.asp of the component New User Page. Performing a manipula… | |||
| CVE-2026-6651 | low | 2.4 | 2.4 | 1mo ago | A security flaw has been discovered in erponline.xyz ERP Online up to 4.0.0. This vulnerability affects unknown code of the component Inventory Edit Item Page. The manipulation of the argument Item N… | |||
| CVE-2026-6624 | low | 2.4 | 2.4 | 1mo ago | A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\_route=pool/add of the component Pool List Interface. Executing a manipula… | |||
| CVE-2026-6622 | low | 2.4 | 2.4 | 1mo ago | A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\_route=customers/edit/ of the component Customer Handler. Such manipulati… | |||
| CVE-2026-6184 | low | 2.4 | 2.4 | 2mo ago | A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Ti… | |||
| CVE-2026-6003 | low | 2.4 | 2.4 | 2mo ago | A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This issue affects some unknown processing of the file /admin/user.php. Such manipulation of the argument f… | |||
| CVE-2026-5836 | low | 2.4 | 2.4 | 2mo ago | A vulnerability has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_product.php. The manipulation of the argument prod… | |||
| CVE-2026-5835 | low | 2.4 | 2.4 | 2mo ago | A flaw has been found in code-projects Online Shoe Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_football.php. Executing a manipulation of the argumen… | |||
| CVE-2026-5834 | low | 2.4 | 2.4 | 2mo ago | A vulnerability was detected in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/admin_running.php. Performing a manipulation of the argument product_name resul… | |||
| CVE-2026-5668 | low | 2.4 | 2.4 | 2mo ago | A flaw has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown part of the file /admin/Add%20notice/add%20notice.php. This manipu… | |||
| CVE-2026-5647 | low | 2.4 | 2.4 | 2mo ago | A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/admin_feature.php of the component Add Product Page. The manipulation of the argum… | |||
| CVE-2026-5644 | low | 2.4 | 2.4 | 2mo ago | A security flaw has been discovered in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. Affected is an unknown function of the file /admin/Add%20notice/batch-notice… | |||
| CVE-2026-5643 | low | 2.4 | 2.4 | 2mo ago | A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of th… | |||
| CVE-2026-5209 | low | 2.4 | 2.4 | 2mo ago | A security vulnerability has been detected in SourceCodester Leave Application System 1.0. Affected by this issue is some unknown functionality of the component User Management Handler. Such manipula… | |||
| CVE-2026-4972 | low | 2.4 | 2.4 | 2mo ago | A security vulnerability has been detected in code-projects Online Reviewer System up to 1.0. Affected is an unknown function of the file /system/system/students/assessments/databank/btn_functions.ph… | |||
| CVE-2026-4909 | low | 2.4 | 2.4 | 2mo ago | A weakness has been identified in code-projects Exam Form Submission 1.0. This impacts an unknown function of the file /admin/update_s7.php. This manipulation of the argument sname causes cross site … | |||
| CVE-2026-4899 | low | 2.4 | 2.4 | 2mo ago | A security flaw has been discovered in code-projects Online Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /dbfood/food.php. The manipulation of the argume… | |||
| CVE-2026-4616 | low | 2.4 | 2.4 | 2mo ago | A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulati… | |||
| CVE-2026-4595 | low | 2.4 | 2.4 | 2mo ago | A vulnerability was determined in code-projects Exam Form Submission 1.0. This vulnerability affects unknown code of the file /admin/update_s6.php. Executing a manipulation of the argument sname can … | |||
| CVE-2026-4578 | low | 2.4 | 2.4 | 2mo ago | A vulnerability was determined in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/update_s3.php. Executing a manipulation of the argument sname … | |||
| CVE-2026-4577 | low | 2.4 | 2.4 | 2mo ago | A vulnerability was found in code-projects Exam Form Submission 1.0. The affected element is an unknown function of the file /admin/update_s4.php. Performing a manipulation of the argument sname resu… | |||
| CVE-2026-4576 | low | 2.4 | 2.4 | 2mo ago | A vulnerability has been found in code-projects Exam Form Submission 1.0. Impacted is an unknown function of the file /admin/update_s5.php. Such manipulation of the argument sname leads to cross site… | |||
| CVE-2026-4575 | low | 2.4 | 2.4 | 2mo ago | A flaw has been found in code-projects Exam Form Submission 1.0. This issue affects some unknown processing of the file /admin/update_s2.php. This manipulation of the argument sname causes cross site… | |||
| CVE-2026-4356 | low | 2.4 | 2.4 | 3mo ago | A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add_result.php. Executing a manipulation of the argument vr can lead to cross site… | |||
| CVE-2026-4225 | low | 2.4 | 2.4 | 3mo ago | A security flaw has been discovered in CMS Made Simple up to 2.2.21. Impacted is an unknown function of the file admin/listusers.php of the component User Management Module. Performing a manipulation… | |||
| CVE-2026-4168 | low | 2.4 | 2.4 | 3mo ago | A vulnerability was identified in Tecnick TCExam 16.5.0. This impacts an unknown function of the file /admin/code/tce_edit_group.php of the component Group Handler. Such manipulation of the argument … | |||
| CVE-2026-4165 | low | 2.4 | 2.4 | 3mo ago | A vulnerability has been found in Worksuite HR, CRM and Project Management up to 5.5.25. The affected element is an unknown function of the file /account/orders/create. The manipulation of the argume… | |||
| CVE-2026-3041 | low | 2.4 | 2.4 | 3mo ago | A security vulnerability has been detected in xingfuggz BaykeShop up to 1.3.20. Impacted is an unknown function of the file src/baykeshop/contrib/article/templates/baykeshop/sidebar/custom.html of th… | |||
| CVE-2026-2965 | low | 2.4 | 2.4 | 3mo ago | A security flaw has been discovered in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.9. The affected element is an unknown function of the file /admin/SysModule/edit.html of the component System Extensi… | |||
| CVE-2026-1705 | low | 2.4 | 2.4 | 4mo ago | A vulnerability was detected in D-Link DSL-6641K N8.TR069.20131126. Affected by this issue is the function ad_virtual_server_vdsl of the component Web Interface. Performing a manipulation of the argu… | |||
| CVE-2026-1520 | low | 2.4 | 2.4 | 4mo ago | A vulnerability was identified in rethinkdb up to 2.4.3. Affected by this issue is some unknown functionality of the component Secondary Index Handler. Such manipulation leads to cross site scripting… | |||
| CVE-2026-1444 | low | 2.4 | 2.4 | 4mo ago | A vulnerability has been found in iJason-Liu Books_Manager up to 298ba736387ca37810466349af13a0fdf828e99c. This affects an unknown part of the file controllers/books_center/add_book_check.php. Such m… | |||
| CVE-2026-45182 | low | 2.2 | 2.2 | 24d ago | GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosePayload optimization, because an application can let syste… | |||
| CVE-2026-47713 | low | 2.0 | 2.0 | 5d ago | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mod… | |||
| CVE-2026-21725 | low | 2.0 | 2.0 | 3mo ago | A time-of-create-to-time-of-use (TOCTOU) vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to… | |||
| CVE-2026-30904 | low | 1.8 | 1.8 | 20d ago | Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access. | |||
| CVE-2026-20128 | unknown | — | 1.5 | 1mo ago | Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential fil… |