17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 6501-6550 of 17426 CVEs Page 131 of 349
CVE-2026-23647
Analyzed
9.8
Linux system

Glory RBG-100 recycler systems use hardcoded OS credentials in the ISPK-08 software, allowing unauthenticated remote access and full system compromise...

2026-02-18
CVE-2026-23631
8.1
Redis is an

Redis is an in-memory data structure store

2026-05-07
CVE-2026-23625
Analyzed
8.7
Intel Multiple Products

OpenProject is an open-source, web-based project management software

2026-01-20
CVE-2026-2361
8
PostgreSQL Anonymizer contains

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function contai...

2026-02-12
CVE-2026-2360
8
Arch Multiple Products

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and...

2026-02-12
CVE-2026-23599
7.8
HP Multiple Products

A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux

2026-02-18
CVE-2026-23595
Analyzed
8.8
Unknown Application API

An authentication bypass in the application API allows an unauthorized administrative account to be created

2026-02-18
CVE-2026-23593
Analyzed
7.5
HP Multiple Products

A vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer could allow an unauthenticated remote attacker to view s...

2026-01-28
CVE-2026-23592
Analyzed
7.2
HP Multiple Products

Insecure file operations in HPE Aruba Networking Fabric Composer’s backup functionality could allow authenticated attackers to achieve remote code e...

2026-01-28
CVE-2026-23572
7.2
Apple Multiple Products

Improper access control in the TeamViewer Full and Host clients (Windows, macOS, Linux) prior version 15

2026-02-06
CVE-2026-23558
Analyzed
7.8
Unknown Multiple Products

The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a grant table v...

2026-05-20
CVE-2026-23554
7.8
Intel EPT paging

The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple modifications...

2026-03-24
CVE-2026-23552
Analyzed
9.1
Apache Camel Keycloak

Apache Camel Keycloak fails to validate the issuer claim of JWT tokens, allowing tokens from one realm to be accepted by another, thereby breaking ten...

2026-02-24
CVE-2026-23550
Analyzed
10
Unknown Multiple Products

Incorrect Privilege Assignment vulnerability in Modular DS allows Privilege Escalation.This issue affects Modular DS: from n/a through 2.5.1.

2026-01-14
CVE-2026-23549
Analyzed
9.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from...

2026-02-20
CVE-2026-23544
8.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in codetipi Valenti valenti allows Object Injection

2026-02-20
CVE-2026-23542
Analyzed
9.8
ThemeGoods Grand Multiple Products

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restau...

2026-02-20
CVE-2026-23536
7.5
Feature Multiple Products

A security issue was discovered in the Feast Feature Server's `/read-document` endpoint that allows an unauthenticated remote attacker to read any fil...

2026-03-22
CVE-2026-23535
Analyzed
8
Unknown Multiple Products

wlc is a Weblate command-line client using Weblate's REST API

2026-01-17
CVE-2026-23529
Analyzed
7.7
Google Multiple Products

Kafka Connect BigQuery Connector is an implementation of a sink connector from Apache Kafka to Google BigQuery

2026-01-17
CVE-2026-23527
8.9
Unknown Multiple Products

H3 is a minimal H(TTP) framework built for high performance and portability

2026-01-16
CVE-2026-23524
Analyzed
9.8
HP Multiple Products

Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. In versions 1.6.3 and below, Reverb passes data from the...

2026-01-22
CVE-2026-23523
Analyzed
9.6
Unknown Multiple Products

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. Prior to 0.13.0, crafted deeplink can install...

2026-01-17
CVE-2026-23520
Analyzed
9
Docker Multiple Products

Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane’s updater service supported l...

2026-01-16
CVE-2026-23515
Analyzed
9.9
Unknown Multiple Products

Signal K Server is a server application that runs on a central hub in a boat. Prior to 1.5.0, a command injection vulnerability allows authenticated u...

2026-02-03
CVE-2026-23514
8.8
Unknown Multiple Products

Kiteworks is a private data network (PDN)

2026-03-26
CVE-2026-23512
Analyzed
8.6
Microsoft Multiple Products

SumatraPDF is a multi-format reader for Windows

2026-01-15
CVE-2026-23493
Analyzed
8.6
Intel Multiple Products

Pimcore is an Open Source Data & Experience Management Platform

2026-01-16
CVE-2026-23492
Analyzed
8.8
Pimcore Multiple Products

Pimcore is an Open Source Data & Experience Management Platform

2026-01-15
CVE-2026-23490
7.5
Unknown Multiple Products

pyasn1 is a generic ASN

2026-01-18
CVE-2026-23489
Analyzed
9.1
HP code from

Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to version 1.23.3, it is possible to execute arbitrary PHP c...

2026-03-17
CVE-2026-23482
7.5
Unknown Multiple Products

Blinko is an AI-powered card note-taking project

2026-03-25
CVE-2026-23480
8.8
Unknown Multiple Products

Blinko is an AI-powered card note-taking project

2026-03-25
CVE-2026-23479
8.8
Redis is an

Redis is an in-memory data structure store

2026-05-07
CVE-2026-23477
7.7
Unknown Multiple Products

Rocket

2026-01-16
CVE-2026-2347
Analyzed
9.8
Authorization bypass E-Commerce Website

An authorization bypass vulnerability in Akilli Commerce E-Commerce Website allows for session hijacking via a user-controlled key.

2026-05-15
CVE-2026-23411
7.8
Linux kernel

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race between freeing data and fs accessing it AppArmor was putting...

2026-04-03
CVE-2026-23410
7.8
Linux kernel

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race on rawdata dereference There is a race condition that leads t...

2026-04-03
CVE-2026-23408
7.8
Linux kernel

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of ns_name in aa_replace_profiles() if ns_name is NULL...

2026-04-03
CVE-2026-23407
7.8
F5 Multiple Products

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix missing bounds check on DEFAULT table in verify_dfa() The verify_d...

2026-04-03
CVE-2026-23406
7.8
F5 Multiple Products

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in match_char() macro usage The match_char() macro...

2026-04-03
CVE-2026-2331
Analyzed
9.8
AppEngine Fileaccess over HTTP

AppEngine's Fileaccess over HTTP feature lacks proper access restrictions, allowing unauthenticated read/write access to sensitive filesystem areas, i...

2026-03-06
CVE-2026-2330
Analyzed
9.4
CROWN REST interface

The CROWN REST interface fails to enforce whitelists on internal testing directories. Unauthenticated attackers can upload manipulated parameter files...

2026-03-06
CVE-2026-2328
7.5
Infor Multiple Products

An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path travers...

2026-03-30
CVE-2026-23230
Analyzed
8.8
Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: smb: client: split cached_fid bitfields to avoid shared-byte RMW races is_open,...

2026-06-03
CVE-2026-2319
7.5
Google Chrome prior

Race in DevTools in Google Chrome prior to 145

2026-02-13
CVE-2026-2315
8.8
Google Chrome prior

Inappropriate implementation in WebGPU in Google Chrome prior to 145

2026-02-12
CVE-2026-2314
8.8
Google Chrome prior

Heap buffer overflow in Codecs in Google Chrome prior to 145

2026-02-12
CVE-2026-2313
8.8
Google Chrome prior

Use after free in CSS in Google Chrome prior to 145

2026-02-12
CVE-2026-2296
7.2
WordPress is vulnerable

The Product Addons for Woocommerce – Product Options with Custom Fields plugin for WordPress is vulnerable to Code Injection in all versions up to, an...

2026-02-18