17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 5901-5950 of 17426 CVEs Page 119 of 349
CVE-2026-26110
8.4
Microsoft Office allows

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally

2026-03-11
CVE-2026-2611
Analyzed
9.6
Unknown Multiple Products

In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a re...

2026-05-20
CVE-2026-26109
8.4
Microsoft Office Excel

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2026-03-11
CVE-2026-26108
7.8
Microsoft Office Excel

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2026-03-11
CVE-2026-26107
7.8
Microsoft Office Excel

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally

2026-03-11
CVE-2026-26106
8.8
Microsoft Office SharePoint

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network

2026-03-11
CVE-2026-26105
8.1
Microsoft Office SharePoint

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to...

2026-03-11
CVE-2026-26083
Analyzed
9.8
Fortinet FortiSandbox

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through...

2026-05-13
CVE-2026-26078
7.5
Unknown Multiple Products

Discourse is an open source discussion platform

2026-02-27
CVE-2026-26065
8.8
Unknown Multiple Products

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books

2026-02-21
CVE-2026-26064
8.8
Unknown Multiple Products

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books

2026-02-21
CVE-2026-26056
8.8
Kubernetes resources or

Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer

2026-02-13
CVE-2026-26055
7.5
Kubernetes API Server

Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer

2026-02-14
CVE-2026-26051
Analyzed
9.4
Unknown OCPP Charging Infrastructure

Unauthenticated attackers can exploit missing authentication in WebSocket endpoints to impersonate charging stations and manipulate backend data via t...

2026-03-07
CVE-2026-26050
7.8
Arch path

The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver

2026-02-20
CVE-2026-26048
Analyzed
7.5
Unknown Multiple Products

The Wi-Fi router is vulnerable to de-authentication attacks due to the absence of management frame protection, allowing forged deauthentication and...

2026-02-21
CVE-2026-26046
Analyzed
7.2
Moodle Moodle (TeX filter)

A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command inj...

2026-02-22
CVE-2026-26045
Analyzed
7.2
Moodle Moodle

A flaw was identified in Moodle’s backup restore functionality where specially crafted backup files were not properly validated during processing

2026-02-22
CVE-2026-26034
7.8
Unknown Multiple Products

UPS Multi-UPS Management Console (MUMC) version 01

2026-03-05
CVE-2026-26030
Analyzed
9.9
Microsoft Semantic Kernel Python SDK

A remote code execution vulnerability exists in Microsoft’s Semantic Kernel Python SDK due to improper filtering in the `InMemoryVectorStore` componen...

2026-02-20
CVE-2026-2603
8.1
Unknown Multiple Products

A flaw was found in Keycloak

2026-03-18
CVE-2026-26027
7.5
Unknown Multiple Products

GLPI is a free asset and IT management software package

2026-04-07
CVE-2026-26026
Analyzed
9.1
GLPI GLPI

GLPI is vulnerable to template injection by administrators, leading to remote code execution.

2026-04-07
CVE-2026-26022
8.7
Unknown Multiple Products

Gogs is an open source self-hosted Git service

2026-03-06
CVE-2026-26018
7.5
DNS Multiple Products

CoreDNS is a DNS server that chains plugins

2026-03-08
CVE-2026-26017
7.7
DNS Multiple Products

CoreDNS is a DNS server that chains plugins

2026-03-07
CVE-2026-26016
8.1
Unknown Multiple Products

Wings is the server control plane for Pterodactyl, a free, open-source game server management panel

2026-02-21
CVE-2026-26010
7.6
Unknown Multiple Products

OpenMetadata is a unified metadata platform

2026-02-13
CVE-2026-26009
Analyzed
9.9
Catalyst Catalyst Game Server Platform

Catalyst allows users with template permissions to execute arbitrary shell commands as root on host operating systems due to a lack of sandboxing in s...

2026-02-11
CVE-2026-26008
7.5
Unknown Multiple Products

EVerest is an EV charging software stack

2026-03-28
CVE-2026-26001
7.1
Unknown Multiple Products

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents

2026-03-19
CVE-2026-25991
Analyzed
7.7
AWS Tandoor Recipes

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists

2026-02-14
CVE-2026-2599
Analyzed
9.8
HP is vulnerable

The Database for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection via the 'download_csv' function. This could lead to code ex...

2026-03-06
CVE-2026-25989
7.5
Unknown Multiple Products

ImageMagick is free and open-source software used for editing and manipulating digital images

2026-02-24
CVE-2026-25985
7.5
Unknown Multiple Products

ImageMagick is free and open-source software used for editing and manipulating digital images

2026-02-24
CVE-2026-2597
7.5
Unknown Multiple Products

Crypt::SysRandom::XS versions before 0

2026-02-28
CVE-2026-25968
7.4
Unknown Multiple Products

ImageMagick is free and open-source software used for editing and manipulating digital images

2026-02-24
CVE-2026-25967
7.4
Unknown Multiple Products

ImageMagick is free and open-source software used for editing and manipulating digital images

2026-02-24
CVE-2026-25965
8.6
Unknown Multiple Products

ImageMagick is free and open-source software used for editing and manipulating digital images

2026-02-24
CVE-2026-25961
Analyzed
7.5
Microsoft SumatraPDF

SumatraPDF is a multi-format reader for Windows

2026-02-10
CVE-2026-25960
7.1
Unknown Multiple Products

vLLM is an inference and serving engine for large language models (LLMs)

2026-03-10
CVE-2026-25958
7.7
Unknown Multiple Products

Cube is a semantic layer for building data applications

2026-02-10
CVE-2026-25949
7.5
Traefik Multiple Products

Traefik is an HTTP reverse proxy and load balancer

2026-02-14
CVE-2026-25947
8.8
Unknown Multiple Products

Worklenz is a project management tool

2026-02-11
CVE-2026-25945
7.5
Unknown Multiple Products

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests

2026-02-27
Unknown Multiple Products

jsPDF is a library to generate PDFs in JavaScript

2026-02-20
CVE-2026-25931
7.8
Unknown Multiple Products

vscode-spell-checker is a basic spell checker that works well with code and documents

2026-02-10
CVE-2026-25926
7.3
Arch Path vulnerability

Notepad++ is a free and open-source source code editor

2026-02-19
CVE-2026-25925
7.8
Microsoft Multiple Products

PowerDocu contains a Windows GUI executable to perform technical documentations

2026-02-10
CVE-2026-25924
8.4
Kanboard Multiple Products

Kanboard is project management software focused on Kanban methodology

2026-02-12