17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 5001-5050 of 17426 CVEs Page 101 of 349
CVE-2026-31431
KEV
9.5
Linux Kernel

Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability - Active in CISA KEV catalog.

2026-05-02
CVE-2026-31409
Analyzed
8.8
Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn->binding on failed binding request When a multichannel SMB2_SE...

2026-06-02
CVE-2026-31386
7.2
Unknown Multiple Products

OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability

2026-03-17
CVE-2026-31368
7.8
Unknown Multiple Products

AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability

2026-04-21
CVE-2026-3135
7.3
HP Multiple Products

A weakness has been identified in itsourcecode News Portal Project 1

2026-02-25
CVE-2026-3134
7.3
HP Multiple Products

A security flaw has been discovered in itsourcecode News Portal Project 1

2026-02-25
CVE-2026-3133
7.3
HP of the

A vulnerability has been found in itsourcecode Document Management System 1

2026-02-25
CVE-2026-3132
8.8
WordPress is vulnerable

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2

2026-03-03
CVE-2026-31281
8
Totara Multiple Products

Totara LMS v19

2026-04-15
CVE-2026-31256
7.5
Unknown Multiple Products

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1

2026-04-29
CVE-2026-3124
Analyzed
7.5
WordPress is vulnerable

The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5

2026-03-30
CVE-2026-31225
8.8
Unknown Multiple Products

The superduper project thru v0

2026-05-14
CVE-2026-31224
8.8
Unknown Multiple Products

The snorkel library thru v0

2026-05-14
CVE-2026-31223
8.8
Unknown Multiple Products

The snorkel library thru v0

2026-05-14
CVE-2026-31222
8.8
Unknown Multiple Products

The snorkel library thru v0

2026-05-14
CVE-2026-3120
7.2
Unknown Multiple Products

Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Information and Consulting Trade and Industry Limited Company Samb...

2026-05-05
CVE-2026-31196
Analyzed
8.8
Acer Multiple Products

The traceroute diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsaniti...

2026-05-07
CVE-2026-31195
Analyzed
8.8
Unknown Multiple Products

The ping diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized us...

2026-05-07
CVE-2026-31181
Analyzed
9.8
TOTOLINK Multiple Products

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunServerAddr pa...

2026-04-24
CVE-2026-31178
Analyzed
9.8
TOTOLINK A3300R

The ToToLink A3300R firmware contains a command injection vulnerability in the stunMaxAlive parameter, allowing unauthenticated remote code execution.

2026-04-24
CVE-2026-31177
Analyzed
9.8
TOTOLINK A3300R

The ToToLink A3300R firmware contains a command injection vulnerability in the stunMinAlive parameter, allowing unauthenticated remote code execution.

2026-04-24
CVE-2026-31175
Analyzed
9.8
TOTOLINK A3300R

The ToToLink A3300R firmware contains a command injection vulnerability in the stunEnable parameter, allowing unauthenticated remote code execution.

2026-04-24
CVE-2026-3108
8
Mattermost Multiple Products

Mattermost versions 11

2026-03-28
CVE-2026-31069
Analyzed
8.8
EventRepository Multiple Products

BillaBear (all versions prior to Jan 2026) contains a SQL Injection vulnerability in the EventRepository

2026-05-21
CVE-2026-3105
7.6
Unknown Multiple Products

SummaryThis advisory addresses a SQL injection vulnerability in the API endpoint used for retrieving contact activities

2026-02-25
CVE-2026-31027
Analyzed
9.8
TOTOLINK Multiple Products

TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig interface of /lib/cste_modules/app.so. The vulnerabi...

2026-04-02
CVE-2026-31019
8.8
HP functions related

In the Website module of Dolibarr ERP & CRM 22

2026-04-22
CVE-2026-31018
8.8
HP code detection

In Dolibarr ERP & CRM <= 22

2026-04-22
CVE-2026-30999
7.5
Unknown Multiple Products

A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8

2026-04-14
CVE-2026-30998
7.5
Unknown Multiple Products

An improper resource deallocation and closure vulnerability in the tools/zmqsend

2026-04-14
CVE-2026-30997
7.5
Unknown Multiple Products

An out-of-bounds read in the read_global_param() function (libavcodec/av1dec

2026-04-14
CVE-2026-30996
7.5
HP of SAC

An issue in the file handling logic of the component download

2026-04-17
CVE-2026-30995
8.6
HP endpoint

Slah CMS v1

2026-04-16
CVE-2026-30994
7.5
HP component of

Incorrect access control in the config

2026-04-17
CVE-2026-30987
7.8
Unknown Multiple Products

iccDEV provides a set of libraries and tools for working with ICC color management profiles

2026-03-11
CVE-2026-30985
7.8
Unknown Multiple Products

iccDEV provides a set of libraries and tools for working with ICC color management profiles

2026-03-11
CVE-2026-30983
7.8
Unknown Multiple Products

iccDEV provides a set of libraries and tools for working with ICC color management profiles

2026-03-11
CVE-2026-30979
7.8
Unknown Multiple Products

iccDEV provides a set of libraries and tools for working with ICC color management profiles

2026-03-11
CVE-2026-30978
7.8
Unknown Multiple Products

iccDEV provides a set of libraries and tools for working with ICC color management profiles

2026-03-11
CVE-2026-30976
8.6
Linux are unaffected

Sonarr is a PVR for Usenet and BitTorrent users

2026-03-26
CVE-2026-30975
8.1
Unknown Multiple Products

Sonarr is a PVR for Usenet and BitTorrent users

2026-03-26
CVE-2026-30967
8.8
Parse Multiple Products

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node

2026-03-12
CVE-2026-30966
Analyzed
10
Parse Multiple Products

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.7 and 8.6.20, Parse Serve...

2026-03-11
CVE-2026-30957
Analyzed
9.9
OneUptime OneUptime Synthetic Monitors

A server-side RCE vulnerability in OneUptime Synthetic Monitors allows low-privileged users to execute arbitrary commands by abusing exposed Playwrigh...

2026-03-11
CVE-2026-30956
Analyzed
9.9
OneUptime OneUptime

A critical authorization bypass in OneUptime allows low-privileged users to forge headers, escape tenant isolation, and achieve full account takeover...

2026-03-11
CVE-2026-30950
Analyzed
7.1
Intel Workflow Automation Platform

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents

2026-05-19
CVE-2026-30949
8.8
Parse Multiple Products

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node

2026-03-12
CVE-2026-30944
8.8
Unknown Multiple Products

StudioCMS is a server-side-rendered, Astro native, headless content management system

2026-03-11
CVE-2026-30940
7.2
HP file in

baserCMS is a website development framework

2026-03-31
CVE-2026-3094
7.8
Delta Electronics CNCSoft

Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file

2026-03-04