17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 501-550 of 17426 CVEs Page 11 of 349
CVE-2026-7489
Analyzed
8.8
Sunnet CTMS

CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify,...

2026-05-03
CVE-2026-7486
Analyzed
9.8
Netcad Software E-İmar

An SQL injection vulnerability in Netcad Software E-İmar allows unauthorized attackers to manipulate database queries and potentially access sensitive...

2026-06-10
CVE-2026-7482
Analyzed
9.1
Ollama Multiple Products

Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied...

2026-05-05
CVE-2026-7481
8.7
GitLab has remediated

GitLab has remediated an issue in GitLab EE affecting all versions from 16

2026-05-14
CVE-2026-7474
8.8
Unknown Nomad and

HashiCorp Nomad and Nomad Enterprise prior to 2

2026-05-13
CVE-2026-7473
KEV Analyzed
9.5
Arista Extensible Operating System

Arista Extensible Operating System is affected by an incomplete comparison vulnerability, currently tracked in the CISA KEV catalog.

2026-06-10
CVE-2026-7470
8.8
Tenda Multiple Products

A flaw has been found in Tenda 4G300 US_4G300V1

2026-04-30
CVE-2026-7468
7.3
Unknown Multiple Products

A security vulnerability has been detected in 1024-lab smart-admin up to 3

2026-05-01
CVE-2026-7467
Analyzed
8.8
WordPress is vulnerable

The Read More & Accordion plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3

2026-05-20
CVE-2026-7466
Analyzed
8.8
Unknown Multiple Products

AgentFlow contains an arbitrary code execution vulnerability that allows attackers to execute local Python pipeline files by supplying a user-controll...

2026-04-30
CVE-2026-7465
Analyzed
8.8
WordPress is vulnerable

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to,...

2026-05-31
CVE-2026-7461
7.2
Microsoft Multiple Products

Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before...

2026-05-01
CVE-2026-7458
Analyzed
9.8
WordPress is vulnerable

The User Verification plugin for WordPress is vulnerable to authentication bypass due to loose comparison of OTP codes, allowing unauthenticated login...

2026-05-02
CVE-2026-7448
7.2
WordPress is vulnerable

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'first_n...

2026-05-06
CVE-2026-7446
Analyzed
7.3
F5 mcp-server-semgrep

A vulnerability was detected in VetCoders mcp-server-semgrep 1

2026-05-01
CVE-2026-7443
7.3
Infor Multiple Products

A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1

2026-05-01
CVE-2026-7435
7.2
Unknown Multiple Products

SSCMS v7

2026-05-01
CVE-2026-7426
8.1
Insufficient Multiple Products

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4

2026-04-30
CVE-2026-7424
8.1
Integer Multiple Products

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4

2026-04-30
CVE-2026-7420
8.8
UTT Multiple Products

A security flaw has been discovered in UTT HiPER 1250GW up to 3

2026-04-30
CVE-2026-7419
8.8
UTT Multiple Products

A vulnerability was identified in UTT HiPER 1250GW up to 3

2026-04-30
CVE-2026-7418
8.8
UTT Multiple Products

A vulnerability was determined in UTT HiPER 1250GW up to 3

2026-04-30
CVE-2026-7417
7.3
LG Multiple Products

A vulnerability was found in Algovate xhs-mcp 0

2026-05-01
CVE-2026-7416
7.3
Infor Multiple Products

A vulnerability was found in PolarVista xcode-mcp-server 1

2026-05-01
CVE-2026-7415
Analyzed
9.8
Yarbo Firmware

The embedded MQTT broker in Yarbo firmware v2.3.9 allows anonymous connections and lacks ACLs, enabling unauthorized control of the device.

2026-05-08
CVE-2026-7414
Analyzed
9.8
Yarbo Yarbo Firmware

Yarbo firmware v2.3.9 contains hardcoded administrative credentials that cannot be changed, leading to trivial unauthorized management access.

2026-05-08
CVE-2026-7412
8.6
Java Multiple Products

In Eclipse BaSyx Java Server SDK versions prior to 2

2026-05-06
CVE-2026-7411
Analyzed
10
Eclipse BaSyx Java Server SDK

The Eclipse BaSyx Java Server SDK is vulnerable to path traversal via the Submodel HTTP API, potentially leading to Remote Code Execution.

2026-05-06
CVE-2026-7404
7.3
Infor Multiple Products

A weakness has been identified in getsimpletool mcpo-simple-server up to 0

2026-05-01
CVE-2026-7402
8.1
MeWare Software Multiple Products

Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc

2026-05-01
CVE-2026-7400
7.3
Unknown Multiple Products

A security vulnerability has been detected in geekgod382 filesystem-mcp-server 1

2026-05-01
CVE-2026-7399
8.1
MeWare Software Multiple Products

Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc

2026-05-01
CVE-2026-7398
7.3
Infor Multiple Products

A weakness has been identified in florensiawidjaja BioinfoMCP up to 7ada7918b9e515604d3c0ae264d3a9af10bf6e54

2026-05-01
CVE-2026-7389
7.3
HP Multiple Products

A security vulnerability has been detected in EyouCMS up to 1

2026-05-01
CVE-2026-7387
Analyzed
8.8
Mattermost Mattermost

Mattermost versions 11

2026-06-13
CVE-2026-7386
7.3
Unknown Multiple Products

A flaw has been found in fatbobman mail-mcp-bridge up to 1

2026-05-01
CVE-2026-7384
7.3
Arch Multiple Products

A vulnerability was detected in ezequiroga mcp-bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea39/c630b8ab0f970614d42da8e566e9c0d15a16414c

2026-05-01
CVE-2026-7383
Analyzed
8.1
OpenSSL OpenSSL Library

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer over...

2026-06-16
CVE-2026-7377
8.7
GitLab has remediated

GitLab has remediated an issue in GitLab EE affecting all versions from 18

2026-05-14
CVE-2026-7374
Analyzed
9.9
Red Hat KubeVirt

A flaw in KubeVirt's `virt-handler` allows an authenticated user to hijack privileged connections, potentially leading to full cluster compromise.

2026-05-27
CVE-2026-7372
Analyzed
9
GeoVision GV-VMS

A stack overflow in the GeoVision GV-VMS WebCam Server login functionality allows unauthenticated attackers to gain SYSTEM-level code execution via un...

2026-05-04
CVE-2026-7371
7.4
Unknown Multiple Products

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi

2026-05-04
CVE-2026-7368
Analyzed
8.1
Yarbo Yarbo mobile app and cloud services

The Yarbo cloud does not enforce per-device or per-user authorization

2026-06-14
CVE-2026-7365
Analyzed
8.4
IBM Operations Analytics

IBM Operations Analytics - Log Analysis  and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing p...

2026-05-29
CVE-2026-7363
8.8
Google Chrome on

Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147

2026-04-30
CVE-2026-7361
8.8
Apple Chrome prior

Use after free in iOS in Google Chrome prior to 147

2026-04-30
CVE-2026-7359
8.8
Google Chrome prior

Use after free in ANGLE in Google Chrome prior to 147

2026-04-30
CVE-2026-7358
8.8
Google Chrome prior

Use after free in Animation in Google Chrome prior to 147

2026-04-30
CVE-2026-7357
7.5
Google Chrome prior

Use after free in GPU in Google Chrome prior to 147

2026-04-30
CVE-2026-7356
8.8
Google Chrome prior

Use after free in Navigation in Google Chrome prior to 147

2026-04-30