17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 1101-1150 of 17426 CVEs Page 23 of 349
CVE-2026-57993
Analyzed
7.4
Microsoft Edge (Chromium-based)

Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network

2026-07-05
CVE-2026-57992
Analyzed
7.5
Microsoft Edge (Chromium-based)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network

2026-07-05
CVE-2026-57991
Analyzed
7.4
Microsoft Edge (Chromium-based)

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose informat...

2026-07-05
CVE-2026-5799
Analyzed
7.5
Unknown Ontime

Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc

2026-07-07
CVE-2026-57988
Analyzed
7.1
Microsoft Edge (Chromium-based)

Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network

2026-07-05
CVE-2026-57986
Analyzed
7.5
Microsoft Edge (Chromium-based)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network

2026-07-05
CVE-2026-57985
Analyzed
7.6
Microsoft Edge (Chromium-based)

Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network

2026-07-05
CVE-2026-57984
Analyzed
7.5
Microsoft Edge (Chromium-based)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network

2026-07-05
CVE-2026-57983
Analyzed
8.7
Microsoft Edge

Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network

2026-07-04
CVE-2026-57981
Analyzed
8.8
Microsoft Edge

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network

2026-07-04
CVE-2026-57977
Analyzed
7.1
Microsoft Edge (Chromium-based)

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacke...

2026-07-05
CVE-2026-57975
Analyzed
7.5
Microsoft Edge (Chromium-based)

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over...

2026-07-05
CVE-2026-57974
Analyzed
8.8
Microsoft Edge (Chromium-based)

Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network

2026-07-04
CVE-2026-57955
Analyzed
8.5
SigNoz SigNoz

SigNoz through 0

2026-06-30
CVE-2026-57950
Analyzed
8.1
RuoYi ruoyi-vue-pro

ruoyi-vue-pro through 2026

2026-06-30
CVE-2026-57947
Analyzed
8.5
Pinpoint Pinpoint

Pinpoint through 3

2026-06-30
CVE-2026-57920
Analyzed
7.7
Peplink InControl

Peplink InControl 2 through 2

2026-06-28
CVE-2026-57919
Analyzed
7.8
Unknown PBackupVSS

PBackupVSS

2026-06-30
CVE-2026-57915
Analyzed
7.3
Apache Kerby

It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type

2026-06-28
CVE-2026-57913
Analyzed
7.5
Johnson & Johnson Audit Tracking Management System (ATMS)

Johnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts

2026-06-28
CVE-2026-57912
Analyzed
7.5
Johnson & Johnson Campus Recruiting

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by inter...

2026-06-28
CVE-2026-5791
Analyzed
9.6
Infor DivvyDrive

A Cross-Site Request Forgery (CSRF) vulnerability in DivvyDrive versions 4.8.2.9 through 4.8.3.1 allows unauthorized actions to be performed on behalf...

2026-05-08
CVE-2026-5789
7.8
Arch path in

Vulnerability related to an unquoted search path in CivetWeb v1

2026-04-23
CVE-2026-57881
Analyzed
9.8
GeoVision GV-LPC2011/2211

A stack-based buffer overflow in GeoVision GV-LPC2011/2211 allows remote, unauthenticated attackers to execute arbitrary code via crafted login data.

2026-06-26
CVE-2026-57880
Analyzed
9.8
GeoVision GV-LPC2011/2211

An unauthenticated stack-based buffer overflow in the ssvr component of GeoVision GV-LPC2011/2211 allows remote attackers to execute arbitrary code vi...

2026-06-26
CVE-2026-57879
Analyzed
9.8
GeoVision GV-LPC2011/2211

An unauthenticated stack-based buffer overflow in the ssvr component of GeoVision GV-LPC2011/2211 allows remote attackers to execute arbitrary code vi...

2026-06-26
CVE-2026-57878
Analyzed
9.8
GeoVision GV-LPC2011/2211

An unauthenticated stack-based buffer overflow in the thttpd component of GeoVision GV-LPC2011/2211 allows remote attackers to execute arbitrary code...

2026-06-26
CVE-2026-57877
Analyzed
8.6
GeoVision GV-LPC2011/GV-LPC2211

An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1

2026-06-26
CVE-2026-5787
8.9
Unknown EPMM before

An Improper Certificate Validation in Ivanti EPMM before versions 12

2026-05-08
CVE-2026-57867
Analyzed
8.8
MicroRealEstate MicroRealEstate

MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management

2026-07-07
CVE-2026-5786
8.8
Ivanti EPMM before EPMM before

An Improper Access Control vulnerability in Ivanti EPMM before versions 12

2026-05-08
CVE-2026-5785
8.1
Unknown PAM360 versions

Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQ...

2026-04-17
CVE-2026-5784
8.8
DivvyDrive Multiple Products

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information Technologies Inc

2026-05-08
CVE-2026-5783
Analyzed
7.6
Beyaz Computer Multiple Products

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Beyaz Computer Software Design Industry and Trad...

2026-05-21
CVE-2026-5781
Analyzed
8.8
MphRx Multiple Products

An authorization vulnerability in MphRx's Minerva V3

2026-05-29
CVE-2026-57766
Analyzed
8.8
WordPress File Manager & Code Editor

Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE – File Manager & Code Editor <= 3

2026-07-03
CVE-2026-57765
Analyzed
8.5
Levelfourdevelopment WP EasyCart

Contributor SQL Injection in WP EasyCart <= 5

2026-07-03
CVE-2026-57759
Analyzed
8.8
Metagauss ProfileGrid

Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5

2026-07-03
CVE-2026-57756
Analyzed
8.5
Unknown nicen-localize-image

Contributor SQL Injection in nicen-localize-image <= 1

2026-07-03
CVE-2026-57752
Analyzed
8.5
Unknown iNET Webkit

Contributor SQL Injection in iNET Webkit 1

2026-07-03
CVE-2026-57751
Analyzed
8.1
Heateor Heateor Social Login

Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login <= 1

2026-07-03
CVE-2026-57700
Analyzed
10
Daan.dev OMGF Pro

OMGF Pro contains an unrestricted file upload vulnerability that allows an attacker to upload malicious files, potentially leading to remote code exec...

2026-06-26
CVE-2026-57692
Analyzed
9.8
WordPress PrivateContent

LCweb PrivateContent is vulnerable to an incorrect privilege assignment flaw, potentially allowing an attacker to escalate privileges within the appli...

2026-07-02
CVE-2026-57688
Analyzed
8.2
Gurmehub POS Entegratör

Unauthenticated Broken Access Control in POS Entegratör <= 3

2026-07-03
CVE-2026-57687
Analyzed
8.5
Hiroaki Custom Field Template

Contributor SQL Injection in Custom Field Template <= 2

2026-07-03
CVE-2026-57683
Analyzed
9.3
WordPress WP Fast Total Search

An unauthenticated SQL injection vulnerability exists in Epsiloncool WP Fast Total Search versions 1.80.280 and earlier, allowing remote attackers to...

2026-07-03
CVE-2026-5768
Analyzed
8.8
Unknown Multiple Products

The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or autho...

2026-05-30
CVE-2026-57679
Analyzed
9.3
Ahmadgb GeekyBot

GeekyBot is susceptible to an unauthenticated SQL injection vulnerability, allowing remote attackers to manipulate database queries.

2026-07-03
CVE-2026-57677
Analyzed
9.8
HP Payment Gateway for WooCommerce

An unauthenticated PHP object injection vulnerability exists in the Novalnet Payment Gateway for WooCommerce plugin, allowing potential remote code ex...

2026-07-03
CVE-2026-57667
Analyzed
8.5
WordPress Groundhogg

Sales Representative SQL Injection in Groundhogg <= 4

2026-06-27