WebSystems WebTOTUM 2026 (CVE-2026-6743)An insecure direct object reference vulnerability in the Users API component ... (CVE-2026-5652)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-41191)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-41190)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-41189)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-41183)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40592)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40591)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40590)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40589)BlueprintUE is a tool to help Unreal Engine developers (CVE-2026-40586)BlueprintUE is a tool to help Unreal Engine developers (CVE-2026-40585)RansomLook is a tool to monitor Ransomware groups and markets and extract the... (CVE-2026-40584)UltraDAG is a minimal DAG-BFT blockchain in Rust (CVE-2026-40583)Excel-mcp-server is a Model Context Protocol server for Excel file manipulation (CVE-2026-40576)OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 pro... (CVE-2026-40574)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40570)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40569)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40568)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40567)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40566)BACnet Stack is a BACnet open source protocol stack C library for embedded sy... (CVE-2026-40279)Tekton Pipelines project provides k8s-style resources for declaring CI/CD-sty... (CVE-2026-40161)CrowdStrike has released security updates to address a critical unauthenticat... (CVE-2026-40050)Tenda W30E V2 (CVE-2026-38835)Tenda W30E V2 (CVE-2026-38834)Twenty is an open source CRM (CVE-2026-35451)Textpattern CMS 4 (CVE-2026-30452)October is a Content Management System (CMS) and web platform (CVE-2026-29179)October is a Content Management System (CMS) and web platform (CVE-2026-27937)October is a Content Management System (CMS) and web platform (CVE-2026-26274)October is a Content Management System (CMS) and web platform (CVE-2026-26067)Tekton Pipelines project provides k8s-style resources for declaring CI/CD-sty... (CVE-2026-25542)NVIDIA CUDA-Q contains a vulnerability in an endpoint, where an unauthenticat... (CVE-2026-24189)NVIDIA KAI Scheduler contains a vulnerability where an attacker could access ... (CVE-2026-24177)NVIDIA KAI Scheduler contains a vulnerability where an attacker could cause i... (CVE-2026-24176)This Critical severity OS Command Injection vulnerability was introduced in v... (CVE-2026-21571)Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability i... (CVE-2019-25714)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40565)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40498)Visitor Management System 1 (CVE-2026-37748)SQL injection vulnerability in Zeon Academy Pro by Zeon Global Tech (CVE-2025-41029)HTML injection vulnerability in PHP Point of Sale v19 (CVE-2025-41011)Net::Dropbear versions before 0 (CVE-2025-15638)Storable versions before 3 (CVE-2017-20230)Vulnerability related to an unquoted search path in CivetWeb v1 (CVE-2026-5789)The method "sock_recvfrom_into()" of "asyncio (CVE-2026-3298)In the Website module of Dolibarr ERP & CRM 22 (CVE-2026-31019)In Dolibarr ERP & CRM <= 22 (CVE-2026-31018)Dovestones Softwares AD Self Update <4 (CVE-2026-31014)Dovestones Softwares ADPhonebook <4 (CVE-2026-31013)XiangShan (open-source high-performance RISC-V processor) commit edb1dfaf7d29... (CVE-2026-29644)User‑Controlled HTTP Header in Fortra's GoAnywhere MFT prior to version 7 (CVE-2026-1089)The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MF... (CVE-2026-0972)An improper session timeout issue in Fortra's GoAnywhere MFT prior to version 7 (CVE-2026-0971)HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encr... (CVE-2025-31981)HCL BigFix Service Management is susceptible to HTTP Request Smuggling (CVE-2025-31958)Encrypted values in Fortra's GoAnywhere MFT prior to version 7 (CVE-2025-1241)The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MF... (CVE-2025-14362)Cross-Site Scripting (XSS) vulnerability reflected in Semantic MediaWiki (CVE-2025-10354)Memory safety bugs present in Firefox 149 and Thunderbird 149 (CVE-2026-6784)Incorrect boundary conditions, integer overflow in the Audio/Video: Playback ... (CVE-2026-6783)Information disclosure in the IP Protection component (CVE-2026-6782)Denial-of-service in the Audio/Video: Playback component (CVE-2026-6781)Denial-of-service in the Audio/Video: Playback component (CVE-2026-6780)Other issue in the JavaScript Engine component (CVE-2026-6779)Invalid pointer in the Audio/Video: Playback component (CVE-2026-6778)Other issue in the Networking: DNS component (CVE-2026-6777)Incorrect boundary conditions in the WebRTC: Networking component (CVE-2026-6776)Incorrect boundary conditions in the WebRTC component (CVE-2026-6775)Mitigation bypass in the DOM: Security component (CVE-2026-6774)Denial-of-service due to integer overflow in the Graphics: WebGPU component (CVE-2026-6773)Incorrect boundary conditions in the Libraries component in NSS (CVE-2026-6772)Mitigation bypass in the DOM: Security component (CVE-2026-6771)Other issue in the Storage: IndexedDB component (CVE-2026-6770)Privilege escalation in the Debugger component (CVE-2026-6769)Mitigation bypass in the Networking: Cookies component (CVE-2026-6768)Other issue in the Libraries component in NSS (CVE-2026-6767)Incorrect boundary conditions in the Libraries component in NSS (CVE-2026-6766)Information disclosure in the Form Autofill component (CVE-2026-6765)Incorrect boundary conditions in the DOM: Device Interfaces component (CVE-2026-6764)Mitigation bypass in the File Handling component (CVE-2026-6763)Spoofing issue in the DOM: Core & HTML component (CVE-2026-6762)Privilege escalation in the Networking component (CVE-2026-6761)Mitigation bypass in the Networking: Cookies component (CVE-2026-6760)Use-after-free in the Widget: Cocoa component (CVE-2026-6759)Use-after-free in the JavaScript: WebAssembly component (CVE-2026-6758)Invalid pointer in the JavaScript: WebAssembly component (CVE-2026-6757)Mitigation bypass in Firefox for Android (CVE-2026-6756)Mitigation bypass in the DOM: postMessage component (CVE-2026-6755)Use-after-free in the JavaScript Engine component (CVE-2026-6754)Incorrect boundary conditions in the WebRTC component (CVE-2026-6753)Incorrect boundary conditions in the WebRTC component (CVE-2026-6752)Uninitialized memory in the Audio/Video: Web Codecs component (CVE-2026-6751)Privilege escalation in the Graphics: WebRender component (CVE-2026-6750)Information disclosure due to uninitialized memory in the Graphics: Canvas2D ... (CVE-2026-6749)Uninitialized memory in the Audio/Video: Web Codecs component (CVE-2026-6748)Use-after-free in the WebRTC component (CVE-2026-6747)Use-after-free in the DOM: Core & HTML component (CVE-2026-6746)FreePBX api module version 17 (CVE-2026-40520)Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'... (CVE-2026-32147)This vulnerability exists in Quantum Networks router due to improper access c... (CVE-2026-41039)This vulnerability exists in Quantum Networks router due to lack of enforceme... (CVE-2026-41038)Changing backend users' passwords via the user settings module results in sto... (CVE-2026-6553)This vulnerability exists in Quantum Networks router due to missing rate limi... (CVE-2026-41037)This vulnerability exists in Quantum Networks router due to inadequate saniti... (CVE-2026-41036)Reflected Cross-Site Scripting (XSS) vulnerability in Navigate Content Manage... (CVE-2026-3317)Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slid... (CVE-2026-39467)Zervit's portable HTTP/web server is vulnerable to remote DoS attacks when a ... (CVE-2025-13826)The Website LLMs (CVE-2026-6712)The Website LLMs (CVE-2026-6711)The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPre... (CVE-2026-6703)Honor E APP is affected by information leak vulnerability, successful exploit... (CVE-2026-31370)PcManager is affected by type privilege bypass, successful exploitation of th... (CVE-2026-31369)AiAssistant is affected by type privilege bypass, successful exploitation of ... (CVE-2026-31368)NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, all... (CVE-2026-5965)The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPre... (CVE-2026-6675)The Plugin: CMS für Motorrad Werkstätten plugin for WordPress is vulnerable t... (CVE-2026-6674)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40497)** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerabilit... (CVE-2026-6058)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40496)OpenEXR provides the specification and reference implementation of the EXR fi... (CVE-2026-40250)OpenEXR provides the specification and reference implementation of the EXR fi... (CVE-2026-40244)Apktool is a tool for reverse engineering Android APK files (CVE-2026-39973)OpenEXR provides the specification and reference implementation of the EXR fi... (CVE-2026-39886)Lawnchair is a free, open-source home app for Android (CVE-2026-39866)OpenBao is an open source identity-based secrets management system (CVE-2026-40264)OpenBao is an open source identity-based secrets management system (CVE-2026-39946)Claude Code is an agentic coding tool (CVE-2026-39861)OpenBao is an open source identity-based secrets management system (CVE-2026-39396)OpenBao is an open source identity-based secrets management system (CVE-2026-39388)Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC I... (CVE-2026-39386)The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various ... (CVE-2026-39378)The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various ... (CVE-2026-39377)Signal K Server is a server application that runs on a central hub in a boat (CVE-2026-39320)OpenClaw before 2026 (CVE-2026-41331)OpenClaw before 2026 (CVE-2026-41330)OpenClaw before 2026 (CVE-2026-41329)OpenClaw before 2026 (CVE-2026-41303)OpenClaw before 2026 (CVE-2026-41302)OpenClaw versions 2026 (CVE-2026-41301)OpenClaw before 2026 (CVE-2026-41300)OpenClaw before 2026 (CVE-2026-41299)OpenClaw before 2026 (CVE-2026-41298)OpenClaw before 2026 (CVE-2026-41297)OpenClaw before 2026 (CVE-2026-41296)OpenClaw before 2026 (CVE-2026-41295)OpenClaw before 2026 (CVE-2026-41294)In OpenBSD through 7 (CVE-2026-41285)OpenClaw before 2026 (CVE-2026-40045)Glances is an open-source system cross-platform monitoring tool (CVE-2026-35588)Glances is an open-source system cross-platform monitoring tool (CVE-2026-35587)OpenClaude is an open-source coding-agent command line interface for cloud an... (CVE-2026-35570)Glances is an open-source system cross-platform monitoring tool (CVE-2026-34839)The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin... (CVE-2026-5721)Dify is an open-source LLM app development platform (CVE-2026-34082)HKUDS OpenHarness prior to PR #159 remediation contains a session key derivat... (CVE-2026-6729)XiangShan (Open-source high-performance RISC-V processor) commit edb1dfaf7d29... (CVE-2026-29643)StorageGRID (formerly StorageGRID Webscale) versions prior to 11 (CVE-2026-22051)Potential read out of bounds case with wolfSSHd on Windows while handling a t... (CVE-2026-0930)Calling the ungetwc function on a FILE stream with wide characters encoded in... (CVE-2026-5928)Calling the scanf family of functions with a %mc (malloc'd character match) i... (CVE-2026-5450)The obsolete nis_local_principal function in the GNU C Library version 2 (CVE-2026-5358)The Image Source Control Lite – Show Image Credits and Captions plugin for Wo... (CVE-2026-4852)Nginx UI is a web user interface for the Nginx web server (CVE-2026-34403)LMDeploy is a toolkit for compressing, deploying, and serving large language ... (CVE-2026-33626)Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived... (CVE-2026-33432)Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived... (CVE-2026-33431)Nginx UI is a web user interface for the Nginx web server (CVE-2026-33031)Spinnaker is an open source, multi-cloud continuous delivery platform (CVE-2026-32613)Spinnaker is an open source, multi-cloud continuous delivery platform (CVE-2026-32604)In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0 (CVE-2026-29648)In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows l... (CVE-2026-29647)In OpenXiangShan NEMU prior to 55295c4, when running with RVH (Hypervisor ext... (CVE-2026-29646)A local attacker who can execute privileged CSR operations (or can induce fir... (CVE-2026-29642)Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encrypti... (CVE-2026-6550)Vvveb CMS v1 (CVE-2026-6257)Vvveb CMS 1 (CVE-2026-6249)The Everest Forms plugin for WordPress is vulnerable to Arbitrary File Read a... (CVE-2026-5478)Flowsint is an open-source OSINT graph exploration tool designed for cybersec... (CVE-2026-32311)NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform (CVE-2026-32135)NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling wh... (CVE-2026-29649)NEMU (OpenXiangShan/NEMU) before v2025 (CVE-2026-29645)The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletio... (CVE-2026-6248)The SQL Box in the admin interface of OTRS leads to an uncontrolled resource ... (CVE-2026-6060)Rejected reason: This CVE id was assigned as a duplicate of CVE-2025-66414 (CVE-2025-11249)OpenClaw versions 2026 (CVE-2026-41389)Cross Site Scripting vulnerability in Apartment Visitors Management System Ap... (CVE-2026-39112)SQL Injection vulnerability in Apartment Visitors Management System Apartment... (CVE-2026-39111)SQL Injection vulnerability in Apartment Visitors Management System Apartment... (CVE-2026-39110)SQL Injection vulnerability in Apartment Visitors Management System Apartment... (CVE-2026-39109)A stack-use-after-return issue exists in the Arduino_Core_STM32 library prior... (CVE-2026-26399)GFI HelpDesk before 4 (CVE-2026-23758)GFI HelpDesk before 4 (CVE-2026-23757)GFI HelpDesk before 4 (CVE-2026-23756)GFI HelpDesk before 4 (CVE-2026-23753)GFI HelpDesk before 4 (CVE-2026-23752)Ericc-ch copilot-api up to 0 (CVE-2026-6662)KissFFT before commit 8a8e66e contains an integer overflow vulnerability in t... (CVE-2026-41445)Magento Long Term Support (LTS) is an unofficial, community-driven project pr... (CVE-2026-40488)Magento Long Term Support (LTS) is an unofficial, community-driven project pr... (CVE-2026-40098)Dell PowerProtect Data Domain appliances, versions 7 (CVE-2026-35154)Improper access control in Doorman v0 (CVE-2026-30269)Insecure Permissions vulnerability in DeepCool DeepCreative v (CVE-2026-30266)Python-dotenv reads key-value pairs from a (CVE-2026-28684)Dell PowerProtect Data Domain, versions 7 (CVE-2026-26951)Dell PowerProtect Data Domain, versions 7 (CVE-2026-26943)Dell PowerProtect Data Domain, versions 8 (CVE-2026-26942)Magento Long Term Support (LTS) is an unofficial, community-driven project pr... (CVE-2026-25525)Magento Long Term Support (LTS) is an unofficial, community-driven project pr... (CVE-2026-25524)Dell PowerProtect Data Domain, versions 7 (CVE-2026-24506)Dell PowerProtect Data Domain, versions 8 (CVE-2026-24505)Dell PowerProtect Data Domain, versions 7 (CVE-2026-24504)Dell PowerProtect Data Domain, versions 8 (CVE-2026-22761)A vulnerability exists in the Buffalo Link Station version 1 (CVE-2025-66954)A weakness has been identified in Pagekit CMS up to 1 (CVE-2026-6652)A security flaw has been discovered in erponline (CVE-2026-6651)A vulnerability was identified in Z-BlogPHP 1 (CVE-2026-6650)ConnectWise has released a security update for ConnectWise Automate™ that add... (CVE-2026-6066)Junrar is an open source java RAR archive library (CVE-2026-41245)OpenProject is open-source, web-based project management software (CVE-2026-40896)Pip handles concatenated tar and ZIP files as ZIP files regardless of filenam... (CVE-2026-3219)Vvveb prior to 1 (CVE-2026-39918)Vvveb prior to 1 (CVE-2026-34429)Vvveb prior to 1 (CVE-2026-34428)Vvveb prior to 1 (CVE-2026-34427)Dell PowerProtect Data Domain, versions 7 (CVE-2026-26944)Vexa is an open-source, self-hostable meeting bot API and meeting transcripti... (CVE-2026-25883)Vexa is an open-source, self-hostable meeting bot API and meeting transcripti... (CVE-2026-25058)OpenAEV is an open source platform allowing organizations to plan, schedule a... (CVE-2026-24468)OpenAEV is an open source platform allowing organizations to plan, schedule a... (CVE-2026-24467)Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Fe... (CVE-2026-23774)A vulnerability was determined in Qibo CMS 1 (CVE-2026-6649)An improper access control vulnerability in the canonical-livepatch snap clie... (CVE-2026-6369)SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE)... (CVE-2026-5760)OS Command Injection Remote Code Execution Vulnerability in UI in Progress AD... (CVE-2026-4048)OS Command Injection Remote Code Execution Vulnerability in API in Progress A... (CVE-2026-3519)OS Command Injection Remote Code Execution Vulnerability in API in Progress A... (CVE-2026-3518)OS Command Injection Remote Code Execution Vulnerability in API in Progress A... (CVE-2026-3517)Information exposure vulnerability has been identified in Apache Kafka (CVE-2026-33558)A possible security vulnerability has been identified in Apache Kafka (CVE-2026-33557)Apache Doris MCP Server versions earlier than 0 (CVE-2025-66335)Qibo CMS 1 (CVE-2026-6648)A vulnerability was detected in p2r3 convert up to 6998584ace3e11db66dff0b423... (CVE-2026-6636)A security vulnerability has been detected in rowboatlabs rowboat up to 0 (CVE-2026-6635)A weakness has been identified in usememos memos up to 0 (CVE-2026-6634)A security flaw has been discovered in Yifang CMS up to 2 (CVE-2026-6633)When sed is invoked with both -i (in-place edit) and --follow-symlinks, the f... (CVE-2026-5958)Double-Free / Use-After-Free (UAF) in the `IntoIter::drop` and `ThinVec::clea... (CVE-2026-6654)A vulnerability was identified in Tenda F451 1 (CVE-2026-6632)A vulnerability was determined in Tenda F451 1 (CVE-2026-6631)Tenda F451 1 (CVE-2026-6630)Metasoft 美特软件 MetaCRM up to 6 (CVE-2026-6629)A flaw has been found in phili67 Ecclesia CRM up to 8 (CVE-2026-6628)A vulnerability was detected in Cockpit-HQ Cockpit up to 2 (CVE-2026-6626)A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5 (CVE-2026-6625)A weakness has been identified in BichitroGan ISP Billing Software 2025 (CVE-2026-6624)A security flaw has been discovered in BichitroGan ISP Billing Software 2025 (CVE-2026-6623)A vulnerability was identified in BichitroGan ISP Billing Software 2025 (CVE-2026-6622)In the Linux kernel, the following vulnerability has been resolved:
X (CVE-2026-31430)In the Linux kernel, the following vulnerability has been resolved:
net: skb... (CVE-2026-31429)Fudo Enterprise in versions from 5 (CVE-2025-13480)A vulnerability was determined in 1024bit extend-deep up to 0 (CVE-2026-6621)SonicCloudOrg sonic-server up to 2 (CVE-2026-6620)Langgenius dify up to 1 (CVE-2026-6619)A flaw has been found in langgenius dify up to 1 (CVE-2026-6618)ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation v... (CVE-2026-5967)SKYSEA Client View and SKYMEC IT Manager provided by Sky Co (CVE-2026-39454)A vulnerability was detected in langgenius dify up to 0 (CVE-2026-6617)A security vulnerability has been detected in TransformerOptimus SuperAGI up ... (CVE-2026-6616)A weakness has been identified in TransformerOptimus SuperAGI up to 0 (CVE-2026-6615)ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletio... (CVE-2026-5966)EasyFlow (CVE-2026-5964)EasyFlow (CVE-2026-5963)ProjectDiscovery Nuclei 3 before 3 (CVE-2026-41282)A command injection vulnerability was found in the PPTP VPN Clients on the ADM (CVE-2026-6644)A stack-based buffer overflow vulnerability was found in the VPN Clients on t... (CVE-2026-6643)A security flaw has been discovered in TransformerOptimus SuperAGI up to 0 (CVE-2026-6614)A vulnerability was identified in TransformerOptimus SuperAGI up to 0 (CVE-2026-6613)A vulnerability was determined in TransformerOptimus SuperAGI up to 0 (CVE-2026-6612)Liangliangyy DjangoBlog up to 2 (CVE-2026-6611)The Email Encoder WordPress plugin before 2 (CVE-2024-7083)Liangliangyy DjangoBlog up to 2 (CVE-2026-6610)A flaw has been found in liangliangyy DjangoBlog up to 2 (CVE-2026-6609)A vulnerability was detected in lm-sys fastchat up to 0 (CVE-2026-6608)A security vulnerability has been detected in lm-sys fastchat up to 0 (CVE-2026-6607)A weakness has been identified in modelscope agentscope up to 1 (CVE-2026-6606)A security flaw has been discovered in modelscope agentscope up to 1 (CVE-2026-6605)A vulnerability was identified in modelscope agentscope up to 1 (CVE-2026-6604)A vulnerability was determined in modelscope agentscope up to 1 (CVE-2026-6603)Rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4 (CVE-2026-6602)Lagom WHMCS Template up to 2 (CVE-2026-6601)A flaw has been found in langflow-ai langflow up to 1 (CVE-2026-6600)A vulnerability was detected in langflow-ai langflow up to 1 (CVE-2026-6599)A security vulnerability has been detected in langflow-ai langflow up to 1 (CVE-2026-6598)Initialization of a resource with an insecure default vulnerability exists in... (CVE-2026-32965)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32964)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32963)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32962)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32961)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32960)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32959)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32958)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32957)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32956)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32955)A weakness has been identified in langflow-ai langflow up to 1 (CVE-2026-6597)A security flaw has been discovered in langflow-ai langflow up to 1 (CVE-2026-6596)A vulnerability was identified in ProjectsAndPrograms School Management Syste... (CVE-2026-6595)A vulnerability was determined in brikcss merge up to 1 (CVE-2026-6594)ComfyUI up to 0 (CVE-2026-6593)ComfyUI up to 0 (CVE-2026-6592)A flaw has been found in ComfyUI up to 0 (CVE-2026-6591)A vulnerability was detected in ComfyUI up to 0 (CVE-2026-6590)A security vulnerability has been detected in ComfyUI up to 0 (CVE-2026-6589)A weakness has been identified in serge-chat serge up to 1 (CVE-2026-6588)A security flaw has been discovered in vibrantlabsai RAGAS up to 0 (CVE-2026-6587)A vulnerability was identified in TransformerOptimus SuperAGI up to 0 (CVE-2026-6586)A vulnerability was determined in TransformerOptimus SuperAGI up to 0 (CVE-2026-6585)TransformerOptimus SuperAGI up to 0 (CVE-2026-6584)TransformerOptimus SuperAGI up to 0 (CVE-2026-6583)A flaw has been found in TransformerOptimus SuperAGI up to 0 (CVE-2026-6582)A vulnerability was detected in H3C Magic B1 up to 100R004 (CVE-2026-6581)A security vulnerability has been detected in liangliangyy DjangoBlog up to 2 (CVE-2026-6580)A weakness has been identified in liangliangyy DjangoBlog up to 2 (CVE-2026-6579)A security flaw has been discovered in liangliangyy DjangoBlog up to 2 (CVE-2026-6578)A vulnerability was identified in liangliangyy DjangoBlog up to 2 (CVE-2026-6577)A vulnerability was determined in liangliangyy DjangoBlog up to 2 (CVE-2026-6576)Osuuu LightPicture up to 1 (CVE-2026-6574)A vulnerability was detected in PHPEMS 11 (CVE-2026-6573)A security vulnerability has been detected in Collabora KodExplorer up to 4 (CVE-2026-6572)A weakness has been identified in kodcloud KodExplorer up to 4 (CVE-2026-6571)A security flaw has been discovered in kodcloud KodExplorer up to 4 (CVE-2026-6570)A vulnerability was identified in kodcloud KodExplorer up to 4 (CVE-2026-6569)A vulnerability was determined in kodcloud KodExplorer up to 4 (CVE-2026-6568)EMQ EMQX Enterprise up to 6 (CVE-2026-6564)H3C Magic B1 up to 100R004 (CVE-2026-6563)A flaw has been found in dameng100 muucmf 1 (CVE-2026-6562)A vulnerability was detected in EyouCMS up to 1 (CVE-2026-6561)A security vulnerability has been detected in H3C Magic B0 up to 100R002 (CVE-2026-6560)A weakness has been identified in Wavlink WL-WN579A3 220323 (CVE-2026-6559)The EMC – Easily Embed Calendly Scheduling Features plugin for WordPress is v... (CVE-2026-0868)Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Number... (CVE-2026-6056)Protobufjs compiles protobuf definitions into JavaScript (JS) functions (CVE-2026-41242)The Keycloak authentication manager in `apache-airflow-providers-keycloak` di... (CVE-2026-40948)The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cro... (CVE-2026-2986)The Categories Images plugin for WordPress is vulnerable to Stored Cross-Site... (CVE-2026-2505)The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to... (CVE-2026-0894)Little CMS (lcms2) through 2 (CVE-2026-41254)Secrets in Variables saved as JSON dictionaries were not properly redacted - ... (CVE-2026-32690)UI / API User with asset materialize permission could trigger dags they had n... (CVE-2026-32228)In case of SQL errors, exception/stack trace of errors was exposed in API eve... (CVE-2026-30912)An example of BashOperator in Airflow documentation suggested a way of passin... (CVE-2026-30898)Dag Authors, who normally should not be able to execute code in the webserver... (CVE-2026-25917)In iTerm2 through 3 (CVE-2026-41253)The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPres... (CVE-2026-6518)The Flipbox Addon for Elementor plugin for WordPress is vulnerable to Stored ... (CVE-2026-6048)The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerab... (CVE-2026-4801)SAIL is a cross-platform library for loading and saving images with support f... (CVE-2026-40494)SAIL is a cross-platform library for loading and saving images with support f... (CVE-2026-40493)SAIL is a cross-platform library for loading and saving images with support f... (CVE-2026-40492)Gdown is a Google Drive public file/folder downloader (CVE-2026-40491)The AsyncHttpClient (AHC) library allows Java applications to easily execute ... (CVE-2026-40490)Editorconfig-core-c is an EditorConfig core library for use by plugins suppo... (CVE-2026-40489)Postiz is an AI social media scheduling tool (CVE-2026-40487)Emissary is a P2P based data-driven workflow engine (CVE-2026-35582)The Hostel plugin for WordPress is vulnerable to Reflected Cross-Site Scripti... (CVE-2026-1838)The Youzify plugin for WordPress is vulnerable to Stored Cross-Site Scripting... (CVE-2026-1559)NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly (CVE-2026-40572)Movary is a self hosted web app to track and rate a user's watched movies (CVE-2026-40350)NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly (CVE-2026-40317)SecureDrop Client is a desktop app for journalists to securely communicate wi... (CVE-2026-35465)ChurchCRM is an open-source church management system (CVE-2026-40593)ChurchCRM is an open-source church management system (CVE-2026-40582)ChurchCRM is an open-source church management system (CVE-2026-40581)ChurchCRM is an open-source church management system (CVE-2026-40485)ChurchCRM is an open-source church management system (CVE-2026-40484)ChurchCRM is an open-source church management system (CVE-2026-40483)ChurchCRM is an open-source church management system (CVE-2026-40482)ChurchCRM is an open-source church management system (CVE-2026-40480)Movary is a self hosted web app to track and rate a user's watched movies (CVE-2026-40349)Movary is a self hosted web app to track and rate a user's watched movies (CVE-2026-40348)Python-Multipart is a streaming multipart parser for Python (CVE-2026-40347)NocoBase is an AI-powered no-code/low-code platform for building business app... (CVE-2026-40346)Libgphoto2 is a camera access and control library (CVE-2026-40341)Libgphoto2 is a camera access and control library (CVE-2026-40340)Libgphoto2 is a camera access and control library (CVE-2026-40339)Libgphoto2 is a camera access and control library (CVE-2026-40338)The Sentry kernel is a high security level micro-kernel implementation made f... (CVE-2026-40337)Libgphoto2 is a camera access and control library (CVE-2026-40336)Libgphoto2 is a camera access and control library (CVE-2026-40335)Libgphoto2 is a camera access and control library (CVE-2026-40334)Libgphoto2 is a camera access and control library (CVE-2026-40333)Hot Chocolate is an open-source GraphQL server (CVE-2026-40324)SP1 is a zero‑knowledge virtual machine that proves the correct execution of ... (CVE-2026-40323)The Easy Appointments plugin for WordPress is vulnerable to Sensitive Informa... (CVE-2026-2262)Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Number... (CVE-2026-5250)Kimai is an open-source time tracking application (CVE-2026-40486)Monetr is a budgeting application for recurring expenses (CVE-2026-40481)Kimai is an open-source time tracking application (CVE-2026-40479)The Pz-LinkCard plugin for WordPress is vulnerable to Stored Cross-Site Scrip... (CVE-2026-2434)Miniupnpd contains an integer underflow vulnerability in SOAPAction header pa... (CVE-2026-5720)Thymeleaf is a server-side Java template engine for web and standalone enviro... (CVE-2026-40478)Thymeleaf is a server-side Java template engine for web and standalone enviro... (CVE-2026-40477)Graphql-go is a Go implementation of GraphQL (CVE-2026-40476)Wger is a free, open-source workout and fitness manager (CVE-2026-40474)Wger is a free, open-source workout and fitness manager (CVE-2026-40353)FastGPT is an AI Agent building platform (CVE-2026-40352)FastGPT is an AI Agent building platform (CVE-2026-40351)DNN (formerly DotNetNuke) is an open-source web content management platform (... (CVE-2026-40321)DNN (formerly DotNetNuke) is an open-source web content management platform (... (CVE-2026-40306)DNN (formerly DotNetNuke) is an open-source web content management platform (... (CVE-2026-40305)Zrok is software for sharing web services, files, and network resources (CVE-2026-40304)The Gramps Web API is a Python REST API for the genealogical research softwar... (CVE-2026-40258)Libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B (CVE-2026-29013)Radare2 prior to commit bc5a890 contains a command injection vulnerability in... (CVE-2026-40527)Zrok is software for sharing web services, files, and network resources (CVE-2026-40303)Zrok is software for sharing web services, files, and network resources (CVE-2026-40302)DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7 (CVE-2026-40301)Next-intl provides internationalization for Next (CVE-2026-40299)OpenFGA is an authorization/permission engine built for developers (CVE-2026-40293)WeGIA is a web manager for charitable institutions (CVE-2026-40286)WeGIA is a web manager for charitable institutions (CVE-2026-40285)WeGIA is a web manager for charitable institutions (CVE-2026-40284)WeGIA is a web manager for charitable institutions (CVE-2026-40282)HomeBox is a home inventory and organization system (CVE-2026-40196)The Auth0 Next (CVE-2026-40155)Claude Code is an agentic coding tool (CVE-2026-35603)Xrdp is an open source RDP server (CVE-2026-35512)Mcp-neo4j-cypher is an MCP server for executing Cypher queries against Neo4j ... (CVE-2026-35402)Xrdp is an open source RDP server (CVE-2026-33689)Stirling-PDF is a locally hosted web application that facilitates various ope... (CVE-2026-33436)Xrdp is an open source RDP server (CVE-2026-33145)Dolibarr is an enterprise resource planning (ERP) and customer relationship m... (CVE-2026-23500)Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that m... (CVE-2026-40461)Anviz CrossChex Standard
lacks source verification in the client/server chann... (CVE-2026-40434)Firebird is an open-source relational database management system (CVE-2026-40342)WeGIA is a web manager for charitable institutions (CVE-2026-40283)Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can ... (CVE-2026-40066)Anviz CX2 Lite is vulnerable to an authenticated command injection via a
fil... (CVE-2026-35682)Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads (CVE-2026-35546)Firebird is an open-source relational database management system (CVE-2026-35215)Anviz CX7 Firmware is vulnerable to the most recently captured test photo tha... (CVE-2026-35061)Firebird is an open-source relational database management system (CVE-2026-34232)Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling
on‑... (CVE-2026-33569)Xrdp is an open source RDP server (CVE-2026-33516)Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device tha... (CVE-2026-33093)Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 ... (CVE-2026-32650)Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that disclose... (CVE-2026-32648)Xrdp is an open source RDP server (CVE-2026-32624)Xrdp is an open source RDP server (CVE-2026-32623)Anviz CX7 Firmware is
vulnerable because the application embeds reusable cer... (CVE-2026-32324)Xrdp is an open source RDP server (CVE-2026-32107)Xrdp is an open source RDP server (CVE-2026-32105)Anviz CX7 Firmware is vulnerable to an authenticated CSV upload which allows ... (CVE-2026-31927)Improper neutralization of argument delimiters in the volume handling compone... (CVE-2026-6437)OpenViking prior to version 0 (CVE-2026-40525)Firebird is an open-source relational database management system (CVE-2026-33337)Firebird is an open-source relational database management system (CVE-2026-28224)Firebird is an open-source relational database management system (CVE-2026-28214)Firebird is an open-source relational database management system (CVE-2026-28212)Firebird is an open-source relational database management system (CVE-2026-27890)The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPres... (CVE-2026-5718)The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPres... (CVE-2026-5710)Giskard is an open-source testing framework for AI models (CVE-2026-40320)Giskard is an open-source testing framework for AI models (CVE-2026-40319)Firebird is an open-source relational database management system (CVE-2025-65104)ByteDance DeerFlow before commit 2176b2b contains a path traversal and arbitr... (CVE-2026-40518)OpenHarness before commit bd4df81 contains a server-side request forgery vuln... (CVE-2026-40516)OpenHarness before commit bd4df81 contains a permission bypass vulnerability ... (CVE-2026-40515)The WP Customer Area plugin for WordPress is vulnerable to arbitrary file rea... (CVE-2026-3464)Software installed and run as a non-privileged user may conduct improper GPU ... (CVE-2026-21733)A vulnerability was determined in prasathmani TinyFileManager up to 2 (CVE-2026-6497)An attacker with network access to the PLC is able to brute force discover pa... (CVE-2026-6284)A vulnerability allowing a local attacker with administrator privileges to by... (CVE-2026-21709)Prasathmani TinyFileManager up to 2 (CVE-2026-6496)A flaw has been found in lukevella rallly up to 4 (CVE-2026-6493)In JetBrains Junie before 252 (CVE-2026-41153)A SQL injection vulnerability in CodeAstro Simple Attendance Management Syste... (CVE-2026-37749)A vulnerability was detected in arnobt78 Hotel Booking Management System up t... (CVE-2026-6492)A security vulnerability has been detected in libvips up to 8 (CVE-2026-6491)A weakness has been identified in QueryMine sms up to 7ab5a9ea196209611134525... (CVE-2026-6490)PAC4J is vulnerable to LDAP Injection in multiple methods (CVE-2026-40459)PAC4J is vulnerable to Cross-Site Request Forgery (CSRF) (CVE-2026-40458)Craftql v1 (CVE-2026-31317)STProcessMonitor 11 (CVE-2025-70795)A flaw was found in dnsmasq (CVE-2026-6507)A security flaw has been discovered in QueryMine sms up to 7ab5a9ea1962096111... (CVE-2026-6489)A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525... (CVE-2026-6488)A flaw has been found in Qihui jtbc5 CMS 5 (CVE-2026-6487)A vulnerability was detected in classroombookings up to 2 (CVE-2026-6486)Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Fe... (CVE-2026-28263)Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Fe... (CVE-2026-23777)Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Fe... (CVE-2025-46641)Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Fe... (CVE-2025-46607)Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Fe... (CVE-2025-46606)Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Fe... (CVE-2025-46605)Wavlink WL-WN530H4 20220721 (CVE-2026-6483)GREENmod uses named pipes for communication between plugins, the web portal, ... (CVE-2026-5131)Dell PowerProtect Data Domain, versions 7 (CVE-2026-35153)
Page not found
Skip to content
It looks like the link pointing here was faulty. Maybe try searching?
