17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 5401-5450 of 17426 CVEs Page 109 of 349
CVE-2026-28416
Analyzed
8.2
Gradio Multiple Products

Gradio is an open-source Python package designed for quick prototyping

2026-02-28
CVE-2026-28414
Analyzed
7.5
Gradio Multiple Products

Gradio is an open-source Python package designed for quick prototyping

2026-02-28
CVE-2026-28411
Analyzed
9.8
HP scripts

Unsafe use of the PHP extract() function in WeGIA allows unauthenticated attackers to overwrite local variables and bypass administrative authenticati...

2026-02-28
CVE-2026-28409
Analyzed
10
WeGIA WeGIA Web Manager

A critical RCE vulnerability in WeGIA's database restoration allows administrative users to execute arbitrary OS commands via crafted filenames in bac...

2026-02-28
CVE-2026-28408
Analyzed
9.8
HP does not

A missing authentication and permission check in WeGIA allows unauthenticated attackers to inject massive amounts of unauthorized data into the applic...

2026-02-28
CVE-2026-28406
Analyzed
8.2
Docker Kaniko

kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster

2026-02-28
CVE-2026-28405
8
Unknown Multiple Products

MarkUs is a web application for the submission and grading of student assignments

2026-03-07
CVE-2026-28403
Analyzed
7.6
Apple Multiple Products

Textream is a free macOS teleprompter app

2026-03-03
CVE-2026-28402
Analyzed
7.1
LG Multiple Products

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm

2026-02-28
CVE-2026-28400
Analyzed
7.5
Docker Model Runner

Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker

2026-02-28
CVE-2026-28399
Analyzed
8.8
NocoDB NocoDB

NocoDB is software for building databases as spreadsheets

2026-03-04
CVE-2026-28393
7.7
OpenClaw Multiple Products

OpenClaw versions 2

2026-03-07
CVE-2026-28392
Analyzed
9.8
Slack slash

OpenClaw versions prior to 2026.2.14 contain a privilege escalation flaw in the Slack slash-command handler that allows unauthorized users to execute...

2026-03-06
CVE-2026-28391
Analyzed
9.8
Microsoft OpenClaw

OpenClaw prior to 2026.2.2 is vulnerable to command injection because it fails to sanitize Windows cmd.exe metacharacters, allowing attackers to bypas...

2026-03-06
CVE-2026-28381
Analyzed
9.6
Grafana Snowflake Datasource

The Grafana Snowflake Datasource allows authenticated users to read or write arbitrary files between the local Grafana server and the Snowflake host.

2026-06-23
CVE-2026-28373
Analyzed
9.6
Unknown Stackfield Desktop App

A path traversal vulnerability in the Stackfield Desktop App's decryption functionality allows malicious exports to write arbitrary content to any pat...

2026-04-04
CVE-2026-28372
7.4
Unknown in release

telnetd in GNU inetutils through 2

2026-02-27
CVE-2026-28370
Analyzed
9.1
OpenStack Vitrage

OpenStack Vitrage contains a code execution vulnerability in its query parser, allowing authenticated API users to execute arbitrary code on the servi...

2026-02-27
CVE-2026-28369
Analyzed
8.7
Infor Multiple Products

A flaw was found in Undertow

2026-03-28
CVE-2026-28368
Analyzed
8.7
Unknown Multiple Products

A flaw was found in Undertow

2026-03-28
CVE-2026-28367
Analyzed
8.7
Google Cloud Classic

A flaw was found in Undertow

2026-03-28
CVE-2026-28364
7.9
OCaml Multiple Products

In OCaml before 4

2026-02-27
CVE-2026-28363
Analyzed
9.9
ABB Multiple Products

In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in...

2026-02-27
CVE-2026-28356
7.5
Unknown Multiple Products

multipart is a fast multipart/form-data parser for python

2026-03-14
CVE-2026-28342
7.5
Unknown Multiple Products

OliveTin gives access to predefined shell commands from a web interface

2026-03-07
CVE-2026-28318
KEV Analyzed
9.5
SolarWinds Serv-U

SolarWinds Serv-U is vulnerable to an uncontrolled resource consumption flaw allowing unauthenticated attackers to crash the service via specially cra...

2026-06-06
CVE-2026-28292
Analyzed
9.8
Unknown simple-git

The `simple-git` library is vulnerable to a remote code execution bypass that allows attackers to circumvent previous security fixes and achieve full...

2026-03-11
CVE-2026-28291
8.1
Unknown Multiple Products

simple-git enables running native Git commands from JavaScript

2026-04-14
CVE-2026-28289
Analyzed
10
HP FreeScout

A TOCTOU flaw in FreeScout's file upload sanitization allows authenticated users to achieve RCE by uploading malicious .htaccess files using zero-widt...

2026-03-04
CVE-2026-28287
8.8
Unknown Multiple Products

FreePBX is an open source IP PBX

2026-03-07
CVE-2026-28286
8.5
Unknown Multiple Products

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI

2026-03-03
CVE-2026-28284
8.8
Unknown Multiple Products

FreePBX is an open source IP PBX

2026-03-07
CVE-2026-28279
7.3
Unknown Multiple Products

osctrl is an osquery management solution

2026-02-28
CVE-2026-28276
7.5
Unknown Multiple Products

Initiative is a self-hosted project management platform

2026-02-27
CVE-2026-28275
8.1
Unknown Multiple Products

Initiative is a self-hosted project management platform

2026-02-27
CVE-2026-28274
8.7
Unknown Multiple Products

Initiative is a self-hosted project management platform

2026-02-27
CVE-2026-28272
8.1
Kiteworks Multiple Products

Kiteworks is a private data network (PDN)

2026-02-28
CVE-2026-28268
Analyzed
9.8
Vikunja Vikunja (vikunja/api)

A logic flaw in the Vikunja password reset mechanism allows reset tokens to be reused indefinitely, enabling persistent account takeover if a token is...

2026-02-28
CVE-2026-28261
7.8
Dell Elastic Cloud

Dell Elastic Cloud Storage, version 3

2026-04-09
CVE-2026-28229
Analyzed
9.8
Kubernetes Argo Workflows

Argo Workflows template endpoints allow unauthenticated clients to leak sensitive WorkflowTemplates and Secret manifests by providing a malformed "Bea...

2026-03-12
CVE-2026-28228
8.8
Tomcat process

OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication

2026-03-31
CVE-2026-28224
8.2
Unknown Multiple Products

Firebird is an open-source relational database management system

2026-04-18
CVE-2026-28216
8.3
Unknown Multiple Products

hoppscotch is an open source API development ecosystem

2026-02-27
CVE-2026-28215
Analyzed
9.1
Microsoft OAuth application

A critical flaw in Hoppscotch allows unauthenticated attackers to overwrite infrastructure configurations via the onboarding endpoint, leading to SSO...

2026-02-27
CVE-2026-28213
Analyzed
9.8
Unknown EverShop

The EverShop eCommerce platform leaks password reset tokens in API responses, enabling unauthenticated attackers to bypass authentication and take ove...

2026-02-27
CVE-2026-28212
7.5
Unknown Multiple Products

Firebird is an open-source relational database management system

2026-04-18
CVE-2026-28211
7.8
Unknown Multiple Products

The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing

2026-02-27
CVE-2026-28210
8.8
Unknown Multiple Products

FreePBX is an open source IP PBX

2026-03-07
CVE-2026-2821
7.3
Unknown Multiple Products

A weakness has been identified in Fujian Smart Integrated Management Platform System up to 7

2026-02-21
CVE-2026-28201
7.8
Unknown Multiple Products

An improper input validation, together with an overly permissive default CORS configuration in Open Notebook v1

2026-05-09