17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 701-750 of 17426 CVEs Page 15 of 349
CVE-2026-7037
Analyzed
9.8
TOTOLINK A8000RU

A remote OS command injection vulnerability exists in the Totolink A8000RU router via the pptpPassThru argument in the setVpnPassCfg function.

2026-04-27
CVE-2026-7036
7.3
Tenda i9

A vulnerability was identified in Tenda i9 1

2026-04-27
CVE-2026-7035
8.8
Tenda FH1202

A vulnerability was determined in Tenda FH1202 1

2026-04-27
CVE-2026-7034
8.8
Tenda FH1202

A vulnerability was found in Tenda FH1202 1

2026-04-27
CVE-2026-7033
8.8
Tenda F456

A vulnerability has been found in Tenda F456 1

2026-04-27
CVE-2026-7032
8.8
Tenda F456

A flaw has been found in Tenda F456 1

2026-04-27
CVE-2026-7031
8.8
Tenda F456

A vulnerability was detected in Tenda F456 1

2026-04-27
CVE-2026-7030
8.8
Tenda F456

A security vulnerability has been detected in Tenda F456 1

2026-04-27
CVE-2026-7029
8.8
Tenda F456

A weakness has been identified in Tenda F456 1

2026-04-27
CVE-2026-7025
7.3
HP of the

A vulnerability was found in Typecho up to 1

2026-04-26
CVE-2026-7022
Analyzed
7.3
SmythOS SRE

A security vulnerability has been detected in SmythOS sre up to 0

2026-04-26
CVE-2026-7019
8.8
Tenda F456

A vulnerability was identified in Tenda F456 1

2026-04-26
CVE-2026-7002
7.3
HP of the

A vulnerability was determined in KLiK SocialMediaWebsite up to 1

2026-04-26
CVE-2026-6992
7.2
Linksys MR9600

A vulnerability was identified in Linksys MR9600 2

2026-04-26
CVE-2026-6988
8.8
Tenda HG10 HG7

A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon

2026-04-26
CVE-2026-6987
7.3
Infor Multiple Products

A vulnerability was detected in PicoClaw up to 0

2026-04-26
CVE-2026-6980
7.3
Infor Multiple Products

A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd

2026-04-26
CVE-2026-6977
Analyzed
7.3
Vanna-AI Vanna

A security vulnerability has been detected in vanna-ai vanna up to 2

2026-04-26
CVE-2026-6973
KEV
9.5
Ivanti Endpoint Manager Mobile (EPMM)

Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability - Active in CISA KEV catalog.

2026-05-08
CVE-2026-6963
8.8
WordPress is vulnerable

The WP Mail Gateway plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wmg_save_provider_config AJAX a...

2026-05-02
CVE-2026-6960
Analyzed
9.8
WordPress BookingPress Pro

The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads, potentially allowing unauthenticated remote code execution.

2026-05-22
CVE-2026-6951
Analyzed
9.8
Unknown Multiple Products

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://s...

2026-04-25
CVE-2026-6947
7.5
D-Link has

DWM-222W USB Wi-Fi Adapter developed by D-Link has a Brute-Force Protection Bypass vulnerability, allowing unauthenticated adjacent network attackers...

2026-04-24
CVE-2026-6942
Analyzed
9.8
Radare radare2-mcp

An OS command injection vulnerability in radare2-mcp allows unauthenticated remote attackers to execute arbitrary commands via the JSON-RPC interface.

2026-04-24
CVE-2026-6940
7.1
Unknown Multiple Products

radare2 prior to 6

2026-04-24
CVE-2026-6933
Analyzed
8.8
WordPress Dev Tools

The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2

2026-06-16
CVE-2026-6921
Analyzed
8.3
Microsoft Chrome on

Race in GPU in Google Chrome on Windows prior to 147

2026-04-24
CVE-2026-6920
Analyzed
9.6
Google Chrome on

An out-of-bounds read vulnerability in the Google Chrome GPU process on Android allows a remote attacker to achieve sandbox escape via a crafted HTML...

2026-04-24
CVE-2026-6918
Analyzed
7.5
Eclipse Foundation OpenJ9

In Eclipse Open9J versions 0

2026-05-06
CVE-2026-6912
Analyzed
8.8
AWS Ops Wheel

Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR #165...

2026-04-25
CVE-2026-6911
Analyzed
9.8
AWS Ops Wheel

Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to...

2026-04-25
CVE-2026-6903
7.5
Web Multiple Products

The LabOne Web Server, backing the LabOne User Interface, contains insufficient input validation in its file access functionality

2026-04-24
CVE-2026-6901
Analyzed
7.7
Unknown APROL

Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL

2026-07-07
CVE-2026-6900
Analyzed
7.4
B&R Industrial Automation APROL

Improper certificate validation vulnerability in B&R Industrial Automation GmbH APROL

2026-07-07
CVE-2026-6898
Analyzed
8.8
WordPress WishList Member

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember3_...

2026-05-27
CVE-2026-6897
Analyzed
8.8
WordPress WishList Member

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember\F...

2026-05-27
CVE-2026-6895
Analyzed
8.8
WordPress WishList Member

The WishList Member plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive Information Disclosure and Privilege Escalation i...

2026-05-27
CVE-2026-6893
Analyzed
8.8
Red Hat dracut

A flaw was found in dracut

2026-06-11
CVE-2026-6887
Analyzed
9.8
Borg Multiple Products

Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has a SQL Injection vulnerability, allowing unauthenticated remote attack...

2026-04-24
CVE-2026-6886
Analyzed
9.8
Borg Multiple Products

Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has a Authentication Bypass vulnerability, allowing unauthenticated remot...

2026-04-24
CVE-2026-6885
Analyzed
9.8
Borg Multiple Products

Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has an Arbitrary File Upload vulnerability, allowing unauthenticated remo...

2026-04-24
CVE-2026-6859
8.8
Linux Multiple Products

A flaw was found in InstructLab

2026-04-23
CVE-2026-6858
Analyzed
7.1
WordPress Webpay WordPress Plugin

The Transbank Webpay WordPress plugin before 1

2026-06-23
CVE-2026-6857
7.5
Unknown Multiple Products

A flaw was found in camel-infinispan

2026-04-24
CVE-2026-6855
7.1
Unknown Multiple Products

A flaw was found in InstructLab

2026-04-24
CVE-2026-6853
Analyzed
9.8
Başbelen Group Pause+ Mobile App

The Pause+ Mobile App contains an authentication bypass vulnerability due to improper restriction of excessive authentication attempts.

2026-06-13
CVE-2026-6849
Analyzed
8.8
TUBITAK BILGEM Institute Pardus

Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM Software Technologies Resea...

2026-04-30
CVE-2026-6846
7.8
Unknown Multiple Products

A flaw was found in binutils

2026-04-23
CVE-2026-6832
8.1
Unknown Multiple Products

Hermes WebUI contains an arbitrary file deletion vulnerability in the /api/session/delete endpoint that allows authenticated attackers to delete files...

2026-04-22
CVE-2026-6823
8.2
HKUDS Multiple Products

HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow_from = ["*...

2026-04-22