17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 8101-8150 of 17426 CVEs Page 163 of 349
CVE-2026-0774
Analyzed
8.8
WatchYourLAN Multiple Products

WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability

2026-01-23
CVE-2026-0773
Analyzed
9.8
Unknown Multiple Products

Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbit...

2026-01-23
CVE-2026-0772
7.5
Langflow Multiple Products

Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability

2026-01-23
CVE-2026-0770
Analyzed
9.8
Langflow Multiple Products

Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote a...

2026-01-23
CVE-2026-0769
Analyzed
9.8
Langflow Multiple Products

Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrar...

2026-01-23
CVE-2026-0768
Analyzed
9.8
Unknown Multiple Products

Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected ins...

2026-01-23
CVE-2026-0766
Analyzed
8.8
Open Multiple Products

Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability

2026-01-23
CVE-2026-0765
Analyzed
8.8
Open Multiple Products

Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability

2026-01-23
CVE-2026-0764
Analyzed
9.8
Unknown Multiple Products

GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbit...

2026-01-23
CVE-2026-0763
Analyzed
9.8
GPT Academic Multiple Products

GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote at...

2026-01-23
CVE-2026-0762
8.1
GPT Multiple Products

GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability

2026-01-23
CVE-2026-0761
Analyzed
9.8
HP Multiple Products

Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers t...

2026-01-23
CVE-2026-0760
Analyzed
9.8
Foundation Agents MetaGPT Multiple Products

Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote...

2026-01-23
CVE-2026-0759
Analyzed
9.8
Unknown Multiple Products

Katana Network Development Starter Kit executeCommand Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attacker...

2026-01-23
CVE-2026-0758
7.8
Unknown Multiple Products

mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability

2026-01-23
CVE-2026-0757
8.8
MCP Multiple Products

MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability

2026-01-23
CVE-2026-0756
Analyzed
9.8
GitHub Multiple Products

github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitr...

2026-01-23
CVE-2026-0755
Analyzed
9.8
Unknown Multiple Products

gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code...

2026-01-23
CVE-2026-0753
Analyzed
7.2
WordPress is vulnerable

The Super Simple Contact Form plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sscf_name' parameter in all versions up to...

2026-02-14
CVE-2026-0752
8
GitLab has remediated

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16

2026-02-26
CVE-2026-0745
Analyzed
7.2
WordPress is vulnerable

The User Language Switch plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1

2026-02-14
CVE-2026-0740
Analyzed
9.8
WordPress is vulnerable

The Ninja Forms File Uploads plugin is vulnerable to unauthenticated arbitrary file uploads, potentially leading to remote code execution.

2026-04-07
CVE-2026-0726
Analyzed
8.1
HP Multiple Products

The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4

2026-01-21
CVE-2026-0723
7.4
GitLab Multiple Products

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18

2026-01-24
CVE-2026-0719
7.5
Unknown Multiple Products

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication

2026-01-09
CVE-2026-0713
8.3
Unknown Multiple Products

A security vulnerability in the /apis/dashboard

2026-01-16
CVE-2026-0712
7.6
Unknown Multiple Products

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks

2026-01-16
CVE-2026-0710
8.4
Unknown Multiple Products

A flaw was found in SIPp

2026-01-23
CVE-2026-0709
7.2
Hikvision Multiple Products

Some Hikvision Wireless Access Points are vulnerable to authenticated command execution due to insufficient input validation

2026-01-31
CVE-2026-0708
8.3
Unknown Multiple Products

A flaw was found in libucl

2026-03-17
CVE-2026-0702
Analyzed
7.5
WordPress Multiple Products

The VidShop – Shoppable Videos for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the 'fields' parameter in all versio...

2026-01-28
CVE-2026-0700
7.3
Unknown Multiple Products

A vulnerability was determined in code-projects Intern Membership Management System 1

2026-01-08
CVE-2026-0695
Analyzed
8.7
Unknown Multiple Products

In ConnectWise PSA versions older than 2026

2026-01-17
CVE-2026-0692
Analyzed
7.5
WordPress is vulnerable

The BlueSnap Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3

2026-02-14
CVE-2026-0685
Analyzed
9.8
Edgewall Genshi

A server-side template injection vulnerability in the Genshi template engine allows remote attackers to execute arbitrary code via crafted template ex...

2026-06-27
CVE-2026-0677
7.2
TotalSuite Multiple Products

Deserialization of Untrusted Data vulnerability in TotalSuite TotalContest Lite allows Object Injection

2026-03-22
CVE-2026-0669
7.5
Wikimedia Foundation Multiple Products

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows...

2026-01-08
CVE-2026-0662
Analyzed
7.8
Arch Path being

A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the...

2026-02-05
CVE-2026-0661
Analyzed
7.8
Intel 3ds Max

A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability

2026-02-05
CVE-2026-0660
Analyzed
7.8
Intel 3ds Max

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability

2026-02-05
CVE-2026-0659
Analyzed
7.8
Intel Arnold and 3ds Max

A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability

2026-02-05
CVE-2026-0656
Analyzed
8.2
WordPress Multiple Products

The iPaymu Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and including, 2

2026-01-08
CVE-2026-0648
7.8
Unknown Multiple Products

The vulnerability stems from an incorrect error-checking logic in the CreateCounter() function (in threadx/utility/rtos_compatibility_layers/OSEK/tx_o...

2026-01-28
CVE-2026-0643
7.3
Property Multiple Products

A flaw has been found in projectworlds House Rental and Property Listing 1

2026-01-08
CVE-2026-0640
8.8
Tenda Multiple Products

A weakness has been identified in Tenda AC23 16

2026-01-07
CVE-2026-0634
7.8
Google Multiple Products

Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows local apps to execute arbitrary code as system via command injection

2026-04-03
CVE-2026-0628
Analyzed
8.8
Google Multiple Products

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143

2026-01-08
CVE-2026-0617
Analyzed
7.2
WordPress Multiple Products

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer...

2026-02-03
CVE-2026-0616
7.5
TheLibrarians Multiple Products

TheLibrarians web_fetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backe...

2026-01-18
CVE-2026-0615
7.3
Librarian Multiple Products

The Librarian `supervisord` status page can be retrieved by the `web_fetch` tool, which can be used to retrieve running processes within TheLibrarian...

2026-01-18