17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 1151-1200 of 17426 CVEs Page 24 of 349
CVE-2026-57663
Analyzed
8.5
WordPress Recipe Maker For Your Food Blog

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes <= 8

2026-06-27
CVE-2026-57662
Analyzed
8.5
Wasiliy Contest Gallery

Contributor SQL Injection in Contest Gallery <= 30

2026-06-27
CVE-2026-57659
Analyzed
8.8
Stranger Paid Memberships Pro - Add Member From Admin

Unauthenticated Cross Site Request Forgery (CSRF) in Paid Memberships Pro - Add Member From Admin <= 0

2026-06-27
CVE-2026-57655
Analyzed
8.2
WordPress Child Theme Wizard

Unauthenticated Cross Site Request Forgery (CSRF) in Child Theme Wizard <= 1

2026-06-27
CVE-2026-57653
Analyzed
8.5
WordPress WP Job Portal

Contributor SQL Injection in WP Job Portal <= 2

2026-06-27
CVE-2026-57647
Analyzed
7.5
Palo Alto Panorama Viewer – 360 Degree Image + Video Viewer

Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer <= 1

2026-06-28
CVE-2026-57645
Analyzed
8.1
Tribulant Newsletters

newsletters_subscribers Broken Access Control in Newsletters <= 4

2026-06-27
CVE-2026-57644
Analyzed
8.5
WordPress Restaurant Menu

Contributor SQL Injection in Restaurant Menu by MotoPress <= 2

2026-06-27
CVE-2026-57643
Analyzed
8.5
Themes WP Post Author

Contributor SQL Injection in WP Post Author <= 3

2026-06-27
CVE-2026-57642
Analyzed
8.5
BestWebSoft Gallery

Contributor SQL Injection in Gallery <= 4

2026-06-27
CVE-2026-57636
Analyzed
8.5
WordPress wpForo Forum

Contributor SQL Injection in wpForo Forum <= 3

2026-06-27
CVE-2026-57631
Analyzed
7.6
Ays Popup box

Administrator SQL Injection in Popup box <= 6

2026-06-28
CVE-2026-57628
Analyzed
7.6
WordPress WP All Import

Administrator SQL Injection in WP All Import <= 4

2026-06-28
CVE-2026-57625
Analyzed
9.6
ASE Admin and Site Enhancements (ASE) Pro

An unauthenticated Cross-Site Scripting (XSS) vulnerability in ASE Pro allows attackers to inject malicious scripts into the web interface.

2026-07-03
CVE-2026-57624
Analyzed
10
Creative Themes Blocksy Companion Pro

An unauthenticated remote code execution vulnerability in Blocksy Companion Pro allows attackers to execute arbitrary commands on the server.

2026-07-03
CVE-2026-57623
Analyzed
9
BoldGrid W3 Total Cache

An unauthenticated arbitrary code execution vulnerability exists in BoldGrid W3 Total Cache versions 2.9.4 and earlier, allowing remote attackers to e...

2026-07-03
CVE-2026-57621
Analyzed
9.8
HP Booktics

An unauthenticated PHP object injection vulnerability in the Booktics plugin allows remote attackers to execute arbitrary code on affected systems.

2026-07-03
CVE-2026-5760
Analyzed
9.8
Unknown Multiple Products

SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loade...

2026-04-21
CVE-2026-57573
Analyzed
8.6
Unknown crawl4ai

Crawl4AI is an open-source LLM-friendly web crawler and scraper

2026-07-07
CVE-2026-57572
Analyzed
10
Docker Crawl4ai

Crawl4ai is vulnerable to command injection via the Docker API, allowing unauthenticated attackers to execute arbitrary commands on the host by inject...

2026-07-07
CVE-2026-57571
Analyzed
9.6
Unknown crawl4ai

A path traversal vulnerability in crawl4ai allows attackers to perform arbitrary file writes by injecting malicious filenames during the crawling proc...

2026-07-07
CVE-2026-5757
Analyzed
7.5
Intel Ollama

Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server...

2026-06-28
CVE-2026-57532
Analyzed
8.8
Unknown pretix

Malicious HTML content contained in the layout specification of a PDF ticket or badge layout was executed when the PDF editor is opened in the brows...

2026-06-26
CVE-2026-57527
Analyzed
8.8
OWASP ZAP ViewState add-on

Zed Attack Proxy (ZAP) ViewState add-on before version 4 contains an insecure deserialization vulnerability that allows attackers who control a proxie...

2026-06-27
CVE-2026-5752
Analyzed
9.3
Unknown Multiple Products

Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traver...

2026-04-15
CVE-2026-57518
Analyzed
8.8
Pagekit Pagekit CMS

Pagekit CMS 1

2026-06-27
CVE-2026-57517
Analyzed
9.8
HP Control Web Panel

Control Web Panel is vulnerable to unauthenticated blind SQL injection, allowing remote attackers to achieve remote code execution via arbitrary file...

2026-07-02
CVE-2026-57516
Analyzed
8.8
Anyscale Ray

Ray prior to 2

2026-07-02
CVE-2026-57498
Analyzed
9.6
Unknown coolify

Coolify versions prior to 4.0.0-beta.474 contain an authorization flaw where Livewire web UI components fail to validate resource ownership, enabling...

2026-06-30
CVE-2026-57456
Analyzed
8.4
Vim Vim

Vim is an open source, command line text editor

2026-06-26
CVE-2026-5735
Analyzed
9.8
Unknown Multiple Products

Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that wit...

2026-04-08
CVE-2026-57346
Analyzed
7.1
Epiphyt Embed Privacy

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Epiphyt Embed Privacy allows Path Traversal

2026-06-30
CVE-2026-5734
Analyzed
9.8
Unknown Multiple Products

Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidenc...

2026-04-08
CVE-2026-57338
Analyzed
7.1
Repute ARForms

Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7

2026-06-30
CVE-2026-57337
Analyzed
7.1
PluginOps Landing Page Builder

Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1

2026-06-30
CVE-2026-57336
Analyzed
7.1
Astoundify Jobify

Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4

2026-06-30
CVE-2026-57333
Analyzed
7.1
Spencer Link Whisper Free

Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0

2026-06-30
CVE-2026-57332
Analyzed
7.1
Swings Wallet System for WooCommerce

Subscriber Broken Access Control in Wallet System for WooCommerce <= 2

2026-06-30
CVE-2026-57331
Analyzed
9.9
VideoWhisper Paid Videochat Turnkey Site

A vulnerability in VideoWhisper Paid Videochat Turnkey Site allows authenticated performers to perform arbitrary file deletion on the host server.

2026-06-30
CVE-2026-5733
8.8
Unknown Multiple Products

Incorrect boundary conditions in the Graphics: WebGPU component

2026-04-08
CVE-2026-57320
Analyzed
7.1
RealMag777 BEAR

Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1

2026-06-30
CVE-2026-5732
8.8
Unknown Multiple Products

Incorrect boundary conditions, integer overflow in the Graphics: Text component

2026-04-08
CVE-2026-57315
Analyzed
8.5
WordPress Blocksy Companion Pro

Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2

2026-06-27
CVE-2026-5731
Analyzed
9.8
Unknown Multiple Products

Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of the...

2026-04-08
CVE-2026-57301
Analyzed
8.8
Jenkins OWASP ZAP Plugin

Jenkins OWASP ZAP Plugin 1

2026-06-25
CVE-2026-5730
Analyzed
7.5
Unknown Ontime

Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc

2026-07-07
CVE-2026-57296
Analyzed
8.8
Jenkins External Workspace Manager Plugin

Jenkins External Workspace Manager Plugin 1

2026-06-25
CVE-2026-57280
Analyzed
8.8
Jenkins Script Security Plugin

Jenkins Script Security Plugin 1402

2026-06-25
CVE-2026-57278
Analyzed
8.3
GeoVision GeoWebPlayer

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVi...

2026-07-03
CVE-2026-57277
Analyzed
8.3
GeoVision GeoWebPlayer

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVi...

2026-07-03