17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 5101-5150 of 17426 CVEs Page 103 of 349
CVE-2026-30643
Analyzed
9.8
HP DedeCMS

A Remote Code Execution (RCE) vulnerability exists in DedeCMS 5.7.118. Attackers can execute arbitrary code by utilizing crafted setup tag values duri...

2026-04-02
CVE-2026-30637
7.5
HP in OTCMS

Server-Side Request Forgery (SSRF) vulnerability exists in the AnnounContent of the /admin/read

2026-03-29
CVE-2026-30635
8.1
Unknown Multiple Products

Command injection vulnerability in automagik-genie 2

2026-05-13
CVE-2026-30624
8.6
Agent Multiple Products

Agent Zero 0

2026-04-16
CVE-2026-30617
8.6
Unknown Multiple Products

LangChain-ChatChat 0

2026-04-16
CVE-2026-30616
7.3
MCP Multiple Products

Jaaz 1

2026-04-17
CVE-2026-30615
8
Windsurf Multiple Products

A prompt injection vulnerability in Windsurf 1

2026-04-16
CVE-2026-3060
Analyzed
9.8
SGLang SGLang

SGLang's encoder parallel disaggregation system allows unauthenticated remote code execution through insecure deserialization in the disaggregation mo...

2026-03-13
CVE-2026-3059
Analyzed
9.8
SGLang SGLang

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution via untrusted data deserialization in the ZMQ broker.

2026-03-13
CVE-2026-30576
7.5
HP file

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1

2026-03-29
CVE-2026-30575
7.5
HP file

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1

2026-03-29
CVE-2026-30574
7.5
HP file

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1

2026-03-29
CVE-2026-30573
7.5
HP file

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1

2026-04-02
CVE-2026-30562
Analyzed
9.3
HP file via

SourceCodester Sales and Inventory System 1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) via the 'msg' parameter in add_stock.php due to in...

2026-03-31
CVE-2026-3055
KEV
9.5
Citrix NetScaler

Citrix NetScaler Out-of-Bounds Read Vulnerability - Active in CISA KEV catalog.

2026-03-31
CVE-2026-30534
8.3
HP via the

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1

2026-03-28
CVE-2026-30533
Analyzed
9.8
HP file via

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 within the admin/manage_product.php file via the "id" paramete...

2026-03-28
CVE-2026-30532
Analyzed
9.8
HP file via

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 within the admin/view_product.php file via the "id" parameter.

2026-03-28
CVE-2026-30531
8.8
HP file

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1

2026-03-28
CVE-2026-30530
Analyzed
9.8
HP file

SourceCodester Online Food Ordering System v1.0 contains a critical SQL injection vulnerability in the `save_customer` action within `Actions.php`.

2026-03-28
CVE-2026-3053
7.3
Unknown Multiple Products

A vulnerability was determined in DataLinkDC dinky up to 1

2026-02-24
CVE-2026-30529
8.8
HP file

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1

2026-03-28
CVE-2026-30495
8.8
Unknown Multiple Products

The Optoma CinemaX P2 projector (firmware TVOS-04

2026-05-09
CVE-2026-30478
8.8
Microsoft Multiple Products

A Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5 allows attackers to escalate privileges via a crafted exe...

2026-04-10
CVE-2026-3047
8.8
Unknown Multiple Products

A flaw was found in org

2026-03-06
CVE-2026-30463
7.7
HP component

Daylight Studio FuelCMS v1

2026-03-28
CVE-2026-30461
8.3
HP and the

Daylight Studio FuelCMS v1

2026-04-17
CVE-2026-3046
7.3
HP Multiple Products

A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1

2026-02-24
CVE-2026-30459
7.1
Unknown Multiple Products

An issue in the Forgot Password feature of Daylight Studio FuelCMS v1

2026-04-18
CVE-2026-3045
Analyzed
7.5
WordPress is vulnerable

The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in all ver...

2026-03-14
CVE-2026-3044
8.8
Tenda AC8

A vulnerability has been found in Tenda AC8 16

2026-02-24
CVE-2026-3042
7.3
HP Multiple Products

A vulnerability was detected in itsourcecode Event Management System 1

2026-02-24
CVE-2026-30405
7.5
Unknown Multiple Products

An issue in GoBGP gobgpd v

2026-03-18
CVE-2026-30402
Analyzed
9.8
WGCLOUD WGCLOUD

A remote code execution (RCE) vulnerability in WGCLOUD v2.3.7 and earlier allows attackers to execute arbitrary code via the test connection function.

2026-03-20
CVE-2026-3039
Analyzed
7.5
BIND Multiple Products

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and...

2026-05-22
CVE-2026-3038
7.5
Infor Multiple Products

The rtsock_msg_buffer() function serializes routing information into a buffer

2026-03-10
CVE-2026-3037
8
Pro Multiple Products

An OS command injection vulnerability exists in XWEB Pro version 1

2026-02-27
CVE-2026-30364
7.5
Unknown Multiple Products

CentSDR commit e40795 was discovered to contain a stack overflow in the "Thread1" function

2026-04-17
CVE-2026-30363
Analyzed
8.4
Unknown Multiple Products

flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function

2026-05-02
CVE-2026-30352
Analyzed
9.8
Unknown Multiple Products

A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitra...

2026-04-28
CVE-2026-30351
7.5
Unknown Multiple Products

A path traversal vulnerability in the UI/static component of leonvanzyl autocoder commit 79d02a allows attackers to read arbitrary files via sending c...

2026-04-28
CVE-2026-30350
7.5
Protocol endpoint of

An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service (DoS) via a crafted...

2026-04-28
CVE-2026-30345
7.5
Unknown Multiple Products

A zip slip vulnerability in the Admin import functionality of CTFd v3

2026-03-20
CVE-2026-30332
Analyzed
7.5
Microsoft Multiple Products

A Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability in Balena Etcher for Windows prior to v2

2026-04-03
CVE-2026-30309
7.8
LG Multiple Products

InfCode's terminal auto-execution module contains a critical command filtering vulnerability that renders its blacklist security mechanism completely...

2026-04-01
CVE-2026-30304
Analyzed
9.6
Intel AI Code

AI Code's "Execute safe commands" feature is vulnerable to prompt injection, allowing attackers to bypass user approval and execute arbitrary terminal...

2026-03-28
CVE-2026-30303
Analyzed
9.8
Microsoft Axon Code

Axon Code is vulnerable to OS command injection on Windows systems because its auto-approval module incorrectly uses a Unix parser, allowing unauthent...

2026-03-28
CVE-2026-30302
Analyzed
10
Microsoft CodeRider-Kilo

CodeRider-Kilo contains an OS command injection vulnerability due to improper parsing of Windows escape sequences using a Unix-based library, allowing...

2026-03-28
CVE-2026-30292
8.4
Docudepot PDF Multiple Products

An arbitrary file overwrite vulnerability in Docudepot PDF Reader: PDF Viewer APP v1

2026-04-02
CVE-2026-30291
8.4
Ora Tools PDF Reader Multiple Products

An arbitrary file overwrite vulnerability in Ora Tools PDF Reader ' Reader & Editor APPv4

2026-04-02