17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 551-600 of 17426 CVEs Page 12 of 349
CVE-2026-7355
8.8
Google Chrome prior

Use after free in Media in Google Chrome prior to 147

2026-04-30
CVE-2026-7354
8.8
Google Chrome prior

Out of bounds read and write in Angle in Google Chrome prior to 147

2026-04-30
CVE-2026-7353
8.3
Google Chrome prior

Heap buffer overflow in Skia in Google Chrome prior to 147

2026-04-30
CVE-2026-7352
8.3
Google Chrome on

Use after free in Media in Google Chrome on Android prior to 147

2026-04-30
CVE-2026-7350
8.3
Google Chrome prior

Use after free in WebMIDI in Google Chrome prior to 147

2026-04-30
CVE-2026-7349
7.5
Google Chrome prior

Use after free in Cast in Google Chrome prior to 147

2026-04-30
CVE-2026-7348
8.8
Google Chrome prior

Use after free in Codecs in Google Chrome prior to 147

2026-04-30
CVE-2026-7347
8.1
Google Chrome prior

Use after free in Chromoting in Google Chrome prior to 147

2026-04-30
CVE-2026-7346
8.1
Google Chrome prior

Inappropriate implementation in Tint in Google Chrome prior to 147

2026-04-30
CVE-2026-7345
8.3
Google Chrome prior

Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147

2026-04-30
CVE-2026-7344
Analyzed
8.8
Microsoft Chrome on

Use after free in Accessibility in Google Chrome on Windows prior to 147

2026-04-30
CVE-2026-7342
Analyzed
8.8
Google Chrome on

Use after free in WebView in Google Chrome on Android prior to 147

2026-04-30
CVE-2026-7341
Analyzed
8.8
Google Chrome prior

Use after free in WebRTC in Google Chrome prior to 147

2026-04-30
CVE-2026-7339
Analyzed
8.8
Google Chrome prior

Heap buffer overflow in WebRTC in Google Chrome prior to 147

2026-04-30
CVE-2026-7338
7.5
Google Chrome prior

Use after free in Cast in Google Chrome prior to 147

2026-04-30
CVE-2026-7337
8.8
Google Chrome prior

Type Confusion in V8 in Google Chrome prior to 147

2026-04-30
CVE-2026-7336
Analyzed
8.8
Google Chrome prior

Use after free in WebRTC in Google Chrome prior to 147

2026-04-30
CVE-2026-7335
Analyzed
8.8
Google Chrome prior

Use after free in media in Google Chrome prior to 147

2026-04-30
CVE-2026-7334
Analyzed
8.8
Google Chrome on

Use after free in Views in Google Chrome on Mac prior to 147

2026-04-30
CVE-2026-7332
7.2
WordPress is vulnerable

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'booking...

2026-05-06
CVE-2026-7321
Analyzed
9.6
Mozilla Firefox, Thunderbird

A sandbox escape vulnerability in the WebRTC networking component allows attackers to bypass security boundaries.

2026-04-29
CVE-2026-7320
7.5
Infor Multiple Products

Information disclosure due to incorrect boundary conditions in the Audio/Video component

2026-04-29
CVE-2026-7313
Analyzed
8.7
Progress Sitefinity

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8

2026-06-04
CVE-2026-7312
Analyzed
10
Progress Sitefinity

Progress Sitefinity web services contain a vulnerability that allows unauthenticated remote attackers to retrieve plain-text credentials for the Sitef...

2026-06-03
CVE-2026-7311
Analyzed
8.1
WordPress JPEG, PNG & WebP image compression plugin

The TinyPNG – JPEG, PNG & WebP image compression plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validatio...

2026-07-03
CVE-2026-7307
Analyzed
7.5
Unknown Multiple Products

A flaw was found in Keycloak

2026-05-20
CVE-2026-7304
Analyzed
9.8
SGLangs Multimodal Generation Runtime

The SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when custom logit processing is enabled, due to unsaf...

2026-05-19
CVE-2026-7302
Analyzed
9.1
SGLangs Multimodal Generation Runtime

The SGLangs runtime is vulnerable to an unauthenticated path traversal attack, allowing remote attackers to write arbitrary files to the server's file...

2026-05-19
CVE-2026-7301
Analyzed
9.8
SGLangs Multimodal Generation Runtime

The SGLangs scheduler binds its ROUTER socket to 0.0.0.0 and performs unsafe pickle deserialization on incoming messages, enabling unauthenticated rem...

2026-05-19
CVE-2026-7289
8.8
D-Link DIR

A vulnerability was found in D-Link DIR-825M 1

2026-04-29
CVE-2026-7288
8.8
D-Link DIR

A vulnerability has been found in D-Link DIR-825M 1

2026-04-29
CVE-2026-7287
7.5
Zyxel NWA1100

** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert(...

2026-05-12
CVE-2026-7284
Analyzed
9.8
WordPress is vulnerable

The Easy Elements for Elementor plugin is vulnerable to privilege escalation, allowing unauthenticated users to register as administrators.

2026-05-20
CVE-2026-7279
7.8
Unknown Multiple Products

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specifi...

2026-04-29
CVE-2026-7273
Analyzed
8.8
HP GS1900-48HPv2

A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2

2026-06-16
CVE-2026-7270
7.8
Unknown Multiple Products

An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2)...

2026-05-01
CVE-2026-7256
8.8
Zyxel WRE6505 v2

** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1

2026-05-12
CVE-2026-7252
8.1
WordPress is vulnerable

The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary fi...

2026-05-07
CVE-2026-7251
Analyzed
9.8
Eppendorf BioFlo 320

Eppendorf BioFlo 320 is vulnerable to unauthorized access via a hard-coded password in the VNC server.

2026-05-27
CVE-2026-7248
Analyzed
9.8
D-Link DI

A remote buffer overflow vulnerability in the D-Link DI-8100 CGI endpoint allows for arbitrary code execution.

2026-04-29
CVE-2026-7246
7.2
Unknown Multiple Products

Pallets Click, versions 8

2026-05-01
CVE-2026-7244
Analyzed
9.8
TOTOLINK A8000RU

A remote OS command injection vulnerability in the Totolink A8000RU CGI handler is reachable via the setWiFiEasyGuestCfg function's merge argument.

2026-04-29
CVE-2026-7243
Analyzed
9.8
TOTOLINK A8000RU

The Totolink A8000RU is susceptible to remote OS command injection in the setRadvdCfg function, reachable via the maxRtrAdvInterval argument.

2026-04-29
CVE-2026-7242
Analyzed
9.8
TOTOLINK A8000RU

A remote OS command injection vulnerability in the Totolink A8000RU CGI handler is accessible via the setOpenVpnClientCfg function's enabled argument.

2026-04-29
CVE-2026-7241
Analyzed
9.8
TOTOLINK A8000RU

The Totolink A8000RU is vulnerable to remote OS command injection via the setWiFiBasicCfg function, triggered by the wifiOff argument.

2026-04-29
CVE-2026-7240
Analyzed
9.8
TOTOLINK Multiple Products

A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/...

2026-04-28
CVE-2026-7237
7.3
Unknown Multiple Products

A vulnerability was detected in AgiFlow scaffold-mcp up to 1

2026-04-29
CVE-2026-7234
7.3
Infor Multiple Products

A weakness has been identified in BrowserOperator browser-operator-core up to 0

2026-04-29
CVE-2026-7228
7.3
HP Multiple Products

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1

2026-04-29
CVE-2026-7227
7.3
HP Multiple Products

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1

2026-04-29