CVEs from 2026
Total
13,511
critical
critical 1,163
high
high 4,146
medium
medium 4,136
low
low 440
% Critical
8.6%
% with KEV
0.4%
% with exploit
0.5%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-2075 | high | 8.8 | 8.8 | 4mo ago | A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\c… | |||
| CVE-2026-2065 | high | 8.8 | 8.8 | 4mo ago | A security flaw has been discovered in Flycatcher Toys smART Pixelator 2.0. Affected by this issue is some unknown functionality of the component Bluetooth Low Energy Interface. Performing a manipula… | |||
| CVE-2026-2015 | high | 8.8 | 8.8 | 4mo ago | A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulati… | |||
| CVE-2026-2008 | high | 8.8 | 8.8 | 4mo ago | A vulnerability was detected in abhiphile fermat-mcp up to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a. This vulnerability affects the function eqn_chart of the file fmcp/mpl_mcp/core/eqn_chart.py. Perf… | |||
| CVE-2026-1811 | high | 8.8 | 8.8 | 4mo ago | A flaw has been found in bolo-blog bolo-solo up to 2.6.4. This affects the function importFromMarkdown of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename … | |||
| CVE-2026-1810 | high | 8.8 | 8.8 | 4mo ago | A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4. The impacted element is the function unpackFilteredZip of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the co… | |||
| CVE-2026-22550 | high | 8.8 | 8.8 | 4mo ago | OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution. | |||
| CVE-2026-24070 | high | 8.8 | 8.8 | 4mo ago | During the installation of the Native Access application, a privileged helper `com.native-instruments.NativeAccess.Helper2`, which is used by Native Access to trigger functions via XPC communication … | |||
| CVE-2026-1746 | high | 8.8 | 8.8 | 4mo ago | A vulnerability was identified in JeecgBoot 3.9.0. This vulnerability affects unknown code of the file /JeecgBoot/sys/api/loadDictItemByKeyword of the component Online Report API. Such manipulation o… | |||
| CVE-2026-1702 | high | 8.8 | 8.8 | 4mo ago | A vulnerability was detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/operation/user.php of the component User Management. Performing… | |||
| CVE-2026-1691 | high | 8.8 | 8.8 | 4mo ago | A vulnerability has been found in bolo-solo up to 2.6.4. This impacts the function importMarkdownsSync of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component SnakeYAML… | |||
| CVE-2026-1638 | high | 8.8 | 8.8 | 4mo ago | A security flaw has been discovered in Tenda AC21 1.1.1.1/1.dmzip/16.03.08.16. The impacted element is the function mDMZSetCfg of the file /goform/mDMZSetCfg. The manipulation of the argument dmzIp r… | |||
| CVE-2026-1625 | high | 8.8 | 8.8 | 4mo ago | A vulnerability was detected in D-Link DWR-M961 1.1.47. The impacted element is the function sub_4250E0 of the file /boafrm/formSmsManage of the component SMS Message. Performing a manipulation of th… | |||
| CVE-2026-1624 | high | 8.8 | 8.8 | 4mo ago | A security vulnerability has been detected in D-Link DWR-M961 1.1.47. The affected element is an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fota… | |||
| CVE-2026-1597 | high | 8.8 | 8.8 | 4mo ago | A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument ci_session lea… | |||
| CVE-2026-1596 | high | 8.8 | 8.8 | 4mo ago | A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fota_url causes co… | |||
| CVE-2026-1551 | high | 8.8 | 8.8 | 4mo ago | A weakness has been identified in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/course/controller.php. Executing a manipulation of the argument ID can … | |||
| CVE-2026-1550 | high | 8.8 | 8.8 | 4mo ago | A security flaw has been discovered in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/hospital/docappsystem/adminviews.py of the comp… | |||
| CVE-2026-1548 | high | 8.8 | 8.8 | 4mo ago | A flaw has been found in Totolink A7000R 4.1cu.4154. This impacts the function CloudACMunualUpdateUserdata of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument url causes command injec… | |||
| CVE-2026-1544 | high | 8.8 | 8.8 | 4mo ago | A security flaw has been discovered in D-Link DIR-823X 250416. Impacted is the function sub_41E2A0 of the file /goform/set_mode. Performing a manipulation of the argument lan_gateway results in os co… | |||
| CVE-2026-1327 | high | 8.8 | 8.8 | 4mo ago | A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request H… | |||
| CVE-2026-1326 | high | 8.8 | 8.8 | 4mo ago | A weakness has been identified in Totolink NR1800X 9.1.0u.6279_B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Thi… | |||
| CVE-2026-0834 | high | 8.8 | 8.8 | 4mo ago | Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 (TDDP module) allows unauthenticated adjacent attackers to execute administrative commands including factory rese… | |||
| CVE-2026-1193 | high | 8.8 | 8.8 | 4mo ago | MineAdmin has Incorrect Privilege Assignment | |||
| CVE-2026-1169 | high | 8.8 | 8.8 | 4mo ago | A security vulnerability has been detected in birkir prime up to 0.4.0.beta.0. This vulnerability affects unknown code. Such manipulation leads to cross-site request forgery. The attack can be launch… | |||
| CVE-2026-22031 | high | 8.8 | 8.8 | 4mo ago | Fastify Middie Middleware Path Bypass | |||
| CVE-2026-1150 | high | 8.8 | 8.8 | 4mo ago | A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The mani… | |||
| CVE-2026-1149 | high | 8.8 | 8.8 | 4mo ago | A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The man… | |||
| CVE-2026-1145 | high | 8.8 | 8.8 | 4mo ago | A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function js_typed_array_constructor_ta of the file quickjs.c. This manipulation causes heap-based buffe… | |||
| CVE-2026-1144 | high | 8.8 | 8.8 | 4mo ago | A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free… | |||
| CVE-2026-1141 | high | 8.8 | 8.8 | 4mo ago | A vulnerability was identified in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /admin/add-subadmins.php of the component Add Sub-Admin Page. Such manipulation l… | |||
| CVE-2026-1066 | high | 8.8 | 8.8 | 4mo ago | A vulnerability was detected in kalcaddle kodbox up to 1.61.10. This issue affects some unknown processing of the file /?explorer/index/zip of the component Compression Handler. The manipulation resu… | |||
| CVE-2026-23622 | high | 8.8 | 8.8 | 4mo ago | alextselegidis/easyappointments is Vulnerable to CSRF Protection Bypass | |||
| CVE-2026-0822 | high | 8.8 | 8.8 | 5mo ago | A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Rem… | |||
| CVE-2026-0803 | high | 8.8 | 8.8 | 5mo ago | A vulnerability was found in PHPGurukul Online Course Registration System up to 3.1. This affects an unknown part of the file /enroll.php. The manipulation of the argument studentregno/Pincode/sessio… | |||
| CVE-2026-0733 | high | 8.8 | 8.8 | 5mo ago | A vulnerability was determined in PHPGurukul Online Course Registration System up to 3.1. This impacts an unknown function of the file /onlinecourse/admin/manage-students.php. This manipulation of th… | |||
| CVE-2026-0641 | high | 8.8 | 8.8 | 5mo ago | A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112_B20190227. This vulnerability affects the function sub_401510 of the file cstecgi.cgi. The manipulation of the argument UPLOAD_… | |||
| CVE-2026-0574 | high | 8.8 | 8.8 | 5mo ago | A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function saveUserRole of the file warehouse\src\main\java\com\yeqifu\sys\controller… | |||
| CVE-2026-0547 | high | 8.8 | 8.8 | 5mo ago | A vulnerability was found in PHPGurukul Online Course Registration up to 3.1. This issue affects some unknown processing of the file /admin/edit-student-profile.php of the component Student Registrat… | |||
| CVE-2026-49368 | high | 8.7 | 8.7 | 5h ago | In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible | |||
| CVE-2026-48527 | high | 8.7 | 8.7 | 11h ago | HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up to and including 26.0.0 are affected by a stored cross-site scripting (XSS) vulnerability in the `/system/api/saveNode… | |||
| CVE-2026-47762 | high | 8.7 | 8.7 | 1d ago | TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability via forged mce:protected comments. Allows attackers to bypass sanitization and injec… | |||
| CVE-2026-42197 | high | 8.7 | 8.7 | 2d ago | RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execut… | |||
| CVE-2026-44669 | high | 8.7 | 8.7 | 3d ago | FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachment filenames in assessment file preview f… | |||
| CVE-2026-44667 | high | 8.7 | 8.7 | 3d ago | FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachment filenames in remediation verification … | |||
| CVE-2026-44729 | high | 8.7 | 8.7 | 3d ago | Twenty is an open source CRM. In 1.18.0 and earlier, the file serving endpoints in Twenty CRM at /files/* and /file/:fileFolder/:id serve uploaded files using fileStream.pipe(res) without setting any… | |||
| CVE-2026-28445 | high | 8.7 | 8.7 | 7d ago | Typebot has Stored XSS via Rating Block Custom Icon that Bypasses isUnsafe Sandbox in Builder Preview | |||
| CVE-2026-40165 | high | 8.7 | 8.7 | 9d ago | authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Inject… | |||
| CVE-2026-34241 | high | 8.7 | 8.7 | 10d ago | CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability in the ticket reply notification system. Unsanitize… | |||
| CVE-2026-27173 | high | 8.7 | 8.7 | 10d ago | JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actio… | |||
| CVE-2026-6346 | high | 8.7 | 8.7 | 12d ago | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to sanitize sensitive configuration fields before including them in support packet generation, which allows a Mattermo… | |||
| CVE-2026-45315 | high | 8.7 | 8.7 | 14d ago | Open WebUI has stored XSS via attacker-controlled file extension in /api/v1/audio/transcriptions | |||
| CVE-2026-44549 | high | 8.7 | 8.7 | 14d ago | Open WebUI has stored XSS in Excel file preview | |||
| CVE-2026-41147 | high | 8.7 | 8.7 | 14d ago | NukeViet CMS: Stored Cross-Site Scripting (XSS) via insufficient server-side input sanitization in Request class | |||
| CVE-2026-45348 | high | 8.7 | 8.7 | 15d ago | pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the packages.js template at src/pyload/webui/app/themes/modern/templates/js/packages.js:172 interpolates … | |||
| CVE-2026-33583 | high | 8.7 | 8.7 | 16d ago | Exposure of the QKEY (used as input into the ‘OTA-Quantum’ device registration process) and internal system keys via an unauthenticated and unencrypted HTTP GET method in the Arqit Symmetric Key Ag… | |||
| CVE-2026-44295 | high | 8.7 | 8.7 | 16d ago | protobuf.js: Code injection in pbjs static output from crafted schema names | |||
| CVE-2026-42930 | high | 8.7 | 8.7 | 16d ago | When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP system. Note: Software versions which have … | |||
| CVE-2026-42924 | high | 8.7 | 8.7 | 16d ago | An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions… | |||
| CVE-2026-42406 | high | 8.7 | 8.7 | 16d ago | A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running ar… | |||
| CVE-2026-41953 | high | 8.7 | 8.7 | 16d ago | A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escala… | |||
| CVE-2026-40698 | high | 8.7 | 8.7 | 16d ago | A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iCont… | |||
| CVE-2026-40631 | high | 8.7 | 8.7 | 16d ago | An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions whic… | |||
| CVE-2026-40061 | high | 8.7 | 8.7 | 16d ago | When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with the Resource Administrator or… | |||
| CVE-2026-34176 | high | 8.7 | 8.7 | 16d ago | When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a securit… | |||
| CVE-2026-32673 | high | 8.7 | 8.7 | 16d ago | A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher priv… | |||
| CVE-2026-32643 | high | 8.7 | 8.7 | 16d ago | A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running ar… | |||
| CVE-2026-34686 | high | 8.7 | 8.7 | 17d ago | Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-pr… | |||
| CVE-2026-34653 | high | 8.7 | 8.7 | 17d ago | Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') … | |||
| CVE-2026-43912 | high | 8.7 | 8.7 | 18d ago | Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden does not enforce that a groups_users.users_organizations_uuid entry belongs to the same organization as grou… | |||
| CVE-2026-43888 | high | 8.7 | 8.7 | 18d ago | Outline is a service that allows for collaborative documentation. Prior to 1.7.0, ZipHelper.extract computes the extraction path for each entry by passing a full filesystem path through trimFileAndEx… | |||
| CVE-2026-44543 | high | 8.7 | 8.7 | 18d ago | Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in … | |||
| CVE-2026-44552 | high | 8.7 | 8.7 | 21d ago | Open WebUI: Redis Cache Keys tool_servers and terminal_servers Missing Instance Prefix Enable Cross-Instance Cache Poisoning | |||
| CVE-2026-41524 | high | 8.7 | 8.7 | 21d ago | Brave CMS is an open-source CMS. Prior to commit 6c56603, page and article body content entered through the CKEditor rich-text editor is stored verbatim in the database and subsequently rendered with… | |||
| CVE-2026-42275 | high | 8.7 | 8.7 | 22d ago | zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write | |||
| CVE-2026-6973 | high | 7.2 | 8.7 | 22d ago | Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution. | |||
| CVE-2026-41505 | high | 8.7 | 8.7 | 22d ago | RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make_sign_in_key() function and exam.py's gen_ticket_code() functi… | |||
| CVE-2026-35228 | high | 8.7 | 8.7 | 25d ago | Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects (component: helper tool). The supported versions that is affected is 1.0.1-1.0.156. Easily exploitable vulner… | |||
| CVE-2026-35569 | high | 8.7 | 8.7 | 1mo ago | Stored XSS in SEO Fields Leads to Authenticated API Data Exposure in ApostropheCMS | |||
| CVE-2026-30587 | high | 8.7 | 8.7 | 2mo ago | Seafile Server has multiple stored XSS vulnerabilities | |||
| CVE-2026-49127 | high | 8.6 | 8.6 | 1d ago | Music Player Daemon (MPD) before version 0.24.11 contains a stack buffer overflow vulnerability in the pcm_unpack_24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt st… | |||
| CVE-2026-44466 | high | 8.6 | 8.6 | 1d ago | Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash arithmetic expansion $((...)), allowing execution of arbitrary commands nested inside an allowli… | |||
| CVE-2026-44465 | high | 8.6 | 8.6 | 1d ago | Zed is a code editor. Prior to 0.227.1, Zed IDE executes arbitrary commands when opening a folder with a malicious .git/config file that abuses the core.fsmonitor Git configuration option. This allow… | |||
| CVE-2026-44463 | high | 8.6 | 8.6 | 1d ago | Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed by prepending environment variable assignments to allowlisted commands, hijacking program behavior (e.g.,… | |||
| CVE-2026-44461 | high | 8.6 | 8.6 | 1d ago | Zed is a code editor. Prior to 0.227.1, Zed builds SSH/WSL remote commands as a shell command string that starts with exec env ..., but environment variable keys are inserted without shell quoting or… | |||
| CVE-2026-7862 | high | 8.6 | 8.6 | 2d ago | The Eupago Gateway For Woocommerce WordPress plugin before 4.7.2 does not properly restrict access to its refund request handler, allowing unauthenticated attackers to initiate refunds against any Wo… | |||
| CVE-2026-42737 | high | 8.6 | 8.6 | 3d ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Path Traversal.This issue affects VikB… | |||
| CVE-2026-8958 | high | 8.6 | 8.6 | 3d ago | RHSA-2026:21382: firefox security update (Important) | |||
| CVE-2026-45298 | high | 8.6 | 8.6 | 3d ago | Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is re… | |||
| CVE-2026-42000 | high | 8.6 | 8.6 | 9d ago | Insufficient Validation of Names During AXFR | |||
| CVE-2026-39310 | high | 8.6 | 8.6 | 9d ago | Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Clipper API in Trilium Desktop (v0.101.3… | |||
| CVE-2026-47358 | high | 8.6 | 8.6 | 10d ago | Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM … | |||
| CVE-2026-47357 | high | 8.6 | 8.6 | 10d ago | Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the remote_url parameter in the remote directory scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/remote/dir/sca… | |||
| CVE-2026-47356 | high | 8.6 | 8.6 | 10d ago | Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the webhook_url parameter in the file scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/local/file/scan) when run… | |||
| CVE-2026-6379 | high | 8.6 | 8.6 | 12d ago | The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection at… | |||
| CVE-2026-2652 | high | 8.6 | 8.6 | 15d ago | MLflow: unauthenticated access to certain FastAPI routes | |||
| CVE-2026-20224 | high | 8.6 | 8.6 | 15d ago | A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system.… | |||
| CVE-2026-42595 | high | 8.6 | 8.6 | 15d ago | Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass | |||
| CVE-2026-42281 | high | 8.6 | 8.6 | 15d ago | MagicMirror vulnerable to unauthenticated SSRF via /cors endpoint | |||
| CVE-2026-29205 | high | 8.6 | 8.6 | 16d ago | Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints. |