17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 1001-1050 of 17426 CVEs Page 21 of 349
CVE-2026-5966
Analyzed
8.1
TeamT5 ThreatSonar Anti-Ransomware

ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability

2026-04-20
CVE-2026-5965
Analyzed
9.8
Unknown Multiple Products

NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and...

2026-04-21
CVE-2026-5964
Analyzed
9.8
Digiwin EasyFlow .NET

Digiwin EasyFlow .NET contains a SQL injection vulnerability allowing unauthenticated remote attackers to manipulate database contents.

2026-04-20
CVE-2026-5963
Analyzed
9.8
Digiwin EasyFlow .NET

Digiwin EasyFlow .NET contains a SQL injection vulnerability allowing unauthenticated remote attackers to manipulate database contents.

2026-04-20
CVE-2026-59510
Analyzed
7.1
AIL Project AIL Framework

AIL Framework contains a path traversal vulnerability in its PDF object handling

2026-07-06
CVE-2026-59509
Analyzed
9.2
Unknown cve-search

The cve-search application is vulnerable to improper input validation in its API, allowing unauthenticated remote attackers to read arbitrary MongoDB...

2026-07-06
CVE-2026-5947
Analyzed
7.5
Undefined Multiple Products

Undefined behavior may result due to a race condition leading to a use-after-free violation

2026-05-22
CVE-2026-5946
Analyzed
7.5
AWS have been

Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `H...

2026-05-22
CVE-2026-5944
8.2
Cisco Intersight Device

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central

2026-04-29
CVE-2026-5943
7.8
Infor Multiple Products

Document structural anomalies caused inconsistencies between page element relationships and internal index states

2026-04-28
CVE-2026-5941
7.8
Arch Multiple Products

Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to inva...

2026-04-28
CVE-2026-5940
7.8
Unknown Multiple Products

Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes

2026-04-28
CVE-2026-5936
8.5
Unknown Multiple Products

An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations

2026-04-13
CVE-2026-5935
7.3
IBM Total Storage

IBM Total Storage Service Console (TSSC) / TS4500 IMC 9

2026-04-24
CVE-2026-5928
7.5
Library Multiple Products

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte...

2026-04-22
CVE-2026-59195
Analyzed
8.2
Unknown pnpm

pnpm is a package manager

2026-07-07
CVE-2026-5915
8.1
Google Chrome prior

Insufficient validation of untrusted input in WebML in Google Chrome prior to 147

2026-04-10
CVE-2026-5914
8.8
Google Chrome prior

Type Confusion in CSS in Google Chrome prior to 147

2026-04-10
CVE-2026-5912
8.8
Google Chrome prior

Integer overflow in WebRTC in Google Chrome prior to 147

2026-04-10
CVE-2026-5910
8.8
Google Chrome prior

Integer overflow in Media in Google Chrome prior to 147

2026-04-10
CVE-2026-59099
Analyzed
9.1
Apereo CAS

A cryptographic flaw in Apereo CAS allows unauthenticated attackers to decrypt webflow conversation states by exploiting AES-GCM initialization vector...

2026-07-03
CVE-2026-59095
Analyzed
7.7
LobeHub LobeChat

LobeChat before 2

2026-07-03
CVE-2026-59093
Analyzed
8.8
Weaviate Weaviate

Weaviate before 1

2026-07-03
CVE-2026-59092
Analyzed
7.7
JuiceFS JuiceFS

JuiceFS through 1

2026-07-03
CVE-2026-5909
8.8
Google Chrome prior

Integer overflow in Media in Google Chrome prior to 147

2026-04-10
CVE-2026-5908
8.8
Google Chrome prior

Integer overflow in Media in Google Chrome prior to 147

2026-04-10
CVE-2026-5907
8.1
Google Chrome prior

Insufficient data validation in Media in Google Chrome prior to 147

2026-04-10
CVE-2026-5883
Analyzed
8.8
Google Chrome

Use after free in Media in Google Chrome prior to 147

2026-06-03
CVE-2026-5879
Analyzed
8.8
Google Chrome for Mac

Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147

2026-05-27
CVE-2026-5866
8.8
Google Chrome prior

Use after free in Media in Google Chrome prior to 147

2026-04-10
CVE-2026-5865
Analyzed
8.8
Google Chrome

Type Confusion in V8 in Google Chrome prior to 147

2026-05-27
CVE-2026-5860
Analyzed
8.8
Google Chrome

Use after free in WebRTC in Google Chrome prior to 147

2026-05-27
CVE-2026-5854
Analyzed
9.8
TOTOLINK A7100RU

The Totolink A7100RU is susceptible to remote OS command injection via the setWiFiEasyCfg function, specifically through the merge argument in the CGI...

2026-04-09
CVE-2026-5853
Analyzed
9.8
TOTOLINK A7100RU

The Totolink A7100RU is vulnerable to remote OS command injection via the setIpv6LanCfg function, exploitable through the addrPrefixLen argument in th...

2026-04-09
CVE-2026-5852
Analyzed
9.8
TOTOLINK A7100RU

The Totolink A7100RU allows remote OS command injection via the setIptvCfg function by manipulating the igmpVer argument in the CGI handler.

2026-04-09
CVE-2026-5851
Analyzed
9.8
TOTOLINK A7100RU

The Totolink A7100RU is susceptible to remote OS command injection via the setUPnPCfg function, specifically through the enable parameter in the CGI h...

2026-04-09
CVE-2026-5850
Analyzed
9.8
TOTOLINK A7100RU

The Totolink A7100RU contains an OS command injection vulnerability in the setVpnPassCfg function, allowing remote attackers to execute arbitrary syst...

2026-04-09
CVE-2026-58466
Analyzed
9.8
EstrellaXD Auto_Bangumi

Auto_Bangumi contains a hard-coded default credentials vulnerability that allows unauthenticated attackers to gain administrative access.

2026-07-03
CVE-2026-58460
Analyzed
7.7
Unknown react-native-receive-sharing-intent

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the...

2026-07-03
CVE-2026-58457
Analyzed
9.8
Unknown M300 Wi-Fi Repeater

The Shenzhen Aitemi M300 Wi-Fi Repeater is vulnerable to unauthenticated OS command injection via the smacfilter_conf handler, allowing remote attacke...

2026-07-02
CVE-2026-58455
Analyzed
9.8
HP dockwatch

Dockwatch is vulnerable to unauthenticated OS command injection via improper session handling and unsanitized input in the composePath parameter.

2026-07-03
CVE-2026-58453
Analyzed
9.8
JAIOTlink C492A-W6 Wi-Fi IP Camera

JAIOTlink C492A-W6 IP cameras contain hard-coded default credentials that allow network-adjacent attackers to gain unauthorized administrative access.

2026-07-02
CVE-2026-58452
Analyzed
8.8
JAIOTlink C492A-W6 Wi-Fi IP Camera

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4

2026-07-02
CVE-2026-58449
Analyzed
9.8
Unknown txtai

The txtai API /reindex endpoint is vulnerable to remote code execution due to improper input validation in the function parameter, which allows arbitr...

2026-07-01
CVE-2026-58426
Analyzed
9.6
Gitea Gitea Open Source Git Server

An HMAC ambiguity in Gitea Actions Artifacts allows cross-repository data reads and cross-task state writes, compromising the integrity and confidenti...

2026-07-04
CVE-2026-58424
Analyzed
8.9
Gitea Gitea Open Source Git Server

Permanent Fork PR Workflow Approval Gate Bypass

2026-07-04
CVE-2026-58423
Analyzed
7.7
Intel Gitea Open Source Git Server

LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories

2026-07-04
CVE-2026-58422
Analyzed
9.8
Gitea Open Source Git Server

An improper authorization flaw in the OAuth sign-in callback mechanism allows attackers to silently re-enable previously disabled administrator accoun...

2026-07-07
CVE-2026-58421
Analyzed
7.5
Gitea Open Source Git Server

Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service

2026-07-07
CVE-2026-58419
Analyzed
7.5
Intel Gitea Open Source Git Server

Notification API leaks private issue metadata after access revocation

2026-07-07