17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 5051-5100 of 17426 CVEs Page 102 of 349
CVE-2026-30934
8.9
Unknown Multiple Products

FileBrowser Quantum is a free, self-hosted, web-based file manager

2026-03-11
CVE-2026-30929
Analyzed
7.7
Docker ImageMagick

ImageMagick is free and open-source software used for editing and manipulating digital images

2026-03-10
CVE-2026-30926
7.1
Unknown Multiple Products

SiYuan is a personal knowledge management system

2026-03-10
CVE-2026-30922
7.5
Unknown Multiple Products

pyasn1 is a generic ASN

2026-03-19
CVE-2026-30921
Analyzed
9.9
OneUptime OneUptime Synthetic Monitors

Low-privileged users in OneUptime can achieve server-side RCE by abusing injected Playwright browser objects within Synthetic Monitors to spawn arbitr...

2026-03-11
CVE-2026-30920
8.6
GitHub App callback

OneUptime is a solution for monitoring and managing online services

2026-03-11
CVE-2026-30911
8.1
Apache Airflow versions

Apache Airflow versions 3

2026-03-18
CVE-2026-30903
Analyzed
9.6
Microsoft Workplace for

A path traversal vulnerability in the Mail feature of Zoom Workplace for Windows allows unauthenticated users to conduct an escalation of privilege vi...

2026-03-12
CVE-2026-30902
7.8
Microsoft Clients for

Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local acce...

2026-03-13
CVE-2026-30900
7.8
Microsoft Clients for

Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation...

2026-03-13
CVE-2026-3090
7.2
WordPress is vulnerable

The Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress is vulnerable t...

2026-03-19
CVE-2026-30896
7.8
Qsee Multiple Products

The installer for Qsee Client versions 1

2026-03-09
CVE-2026-30893
Analyzed
9
Wazuh Wazuh

A path traversal vulnerability in Wazuh's cluster synchronization routine allows authenticated peers to write arbitrary files and potentially achieve...

2026-04-30
CVE-2026-30887
Analyzed
9.9
OneUptime OneUptime Synthetic Monitors

OneUptime Synthetic Monitors are vulnerable to a sandbox escape via the Node.js vm module, allowing authenticated users to achieve remote code executi...

2026-03-11
CVE-2026-30884
Analyzed
9.6
Infor Custom Certificate (mod_customcert)

A critical flaw in the Moodle Custom Certificate plugin allows teachers to read or overwrite certificate elements from any other course in the system.

2026-03-18
CVE-2026-30881
8.8
Unknown Multiple Products

Chamilo LMS is a learning management system

2026-03-17
CVE-2026-30877
Analyzed
9.1
Unknown baserCMS

baserCMS contains an OS command injection vulnerability within its update functionality. Authenticated administrators can exploit this flaw to execute...

2026-03-31
CVE-2026-30875
8.8
HP files with

Chamilo LMS is a learning management system

2026-03-17
CVE-2026-30869
Analyzed
9.3
Unknown Multiple Products

SiYuan is a personal knowledge management system. Prior to 3.5.10, a path traversal vulnerability in the /export endpoint allows an attacker to read a...

2026-03-11
CVE-2026-30862
Analyzed
9
Appsmith Appsmith Table Widget (TableWidgetV2)

A stored XSS vulnerability in Appsmith's Table Widget allows authenticated users to execute malicious scripts via unsanitized HTML attributes, leading...

2026-03-11
CVE-2026-30861
Analyzed
9.9
WeKnora WeKnora LLM Framework

An unauthenticated remote code execution vulnerability in WeKnora allows attackers to bypass command validation using the -p flag in npx node, leading...

2026-03-08
CVE-2026-30860
Analyzed
9.9
PostgreSQL array expressions

A remote code execution vulnerability in WeKnora's database query functionality allows unauthenticated attackers to bypass SQL injection protections v...

2026-03-08
CVE-2026-3086
7.8
Unknown Multiple Products

GStreamer H

2026-03-17
CVE-2026-30855
Analyzed
8.8
WeKnora WeKnora LLM Framework

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval

2026-03-08
CVE-2026-30851
8.1
Unknown Multiple Products

Caddy is an extensible server platform that uses TLS by default

2026-03-08
CVE-2026-3085
Analyzed
8.8
Unknown Multiple Products

GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability

2026-03-17
CVE-2026-30840
8.8
Unknown Multiple Products

Wallos is an open-source, self-hostable personal subscription tracker

2026-03-07
CVE-2026-3084
7.8
Unknown Multiple Products

GStreamer H

2026-03-17
CVE-2026-30836
Analyzed
10
Step Multiple Products

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard aga...

2026-03-20
CVE-2026-30834
Analyzed
7.5
Google Multiple Products

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser

2026-03-08
CVE-2026-30832
Analyzed
9.1
Soft Soft Serve Git Server

An authenticated SSRF vulnerability in Soft Serve allows SSH users to force the server to make requests to internal IP addresses, potentially exposing...

2026-03-08
CVE-2026-3083
Analyzed
8.8
Unknown Multiple Products

GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability

2026-03-17
CVE-2026-30827
7.5
Unknown Multiple Products

express-rate-limit is a basic rate-limiting middleware for Express

2026-03-08
CVE-2026-30823
Analyzed
8.8
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-03-07
CVE-2026-30822
7.7
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-03-07
CVE-2026-3082
7.8
Unknown Multiple Products

GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability

2026-03-17
CVE-2026-30810
8.8
Unknown Multiple Products

Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension

2026-05-14
CVE-2026-3081
7.8
Unknown Multiple Products

GStreamer H

2026-03-17
CVE-2026-30808
8.1
Session Multiple Products

Session Fixation vulnerability allows Session Hijacking via crafted session ID

2026-05-14
CVE-2026-30807
8.8
Unknown Multiple Products

Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page

2026-05-14
CVE-2026-30778
7.5
Apache SkyWalking

The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL

2026-04-17
CVE-2026-30769
7.8
Unknown Multiple Products

An issue in the TVicPort64

2026-04-30
CVE-2026-3071
8.4
Unknown Multiple Products

Deserialization of untrusted data in the LanguageModel class of Flair from versions 0

2026-02-27
CVE-2026-30707
8.1
Unknown Multiple Products

An issue was discovered in SpeedExam Online Examination System (SaaS) after v

2026-03-19
CVE-2026-3069
7.3
HP Multiple Products

A security vulnerability has been detected in itsourcecode Document Management System 1

2026-02-24
CVE-2026-30689
7.5
Infor Multiple Products

A blog

2026-03-29
CVE-2026-3068
7.3
HP Multiple Products

A weakness has been identified in itsourcecode Document Management System 1

2026-02-24
CVE-2026-30656
7.5
Unknown Multiple Products

A NULL pointer dereference vulnerability exists in fio (Flexible I/O Tester) v3

2026-04-17
CVE-2026-30652
Analyzed
8.8
Vivotek FD8136 Camera

A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo

2026-06-04
CVE-2026-30650
Analyzed
8.8
Vivotek FD8136 Camera

A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask

2026-06-04