17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 1251-1300 of 17426 CVEs Page 26 of 349
CVE-2026-56448
Analyzed
8.3
AIL Framework AIL Framework

A path traversal vulnerability exists in AIL Framework before the release containing commit 0041456af25da0cdea1c1c4624e46baff2731d8f

2026-06-23
CVE-2026-56447
Analyzed
9.3
Intel MISP

An authenticated MISP administrator can trigger arbitrary code execution by providing a malicious configuration file path for the Kafka_rdkafka_config...

2026-06-23
CVE-2026-56446
Analyzed
8.7
Intel MISP (Malware Information Sharing Platform)

MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool

2026-06-23
CVE-2026-56445
Analyzed
9.1
Unknown pynetdicom Library

The pynetdicom library's qrscp application is vulnerable to arbitrary file writes via an unsanitized DICOM dataset instance in the C-STORE handler.

2026-06-26
CVE-2026-56425
Analyzed
9.3
Microsoft AAD Authentication Plugin

The Azure Active Directory (AAD) authentication plugin for MISP contains multiple OAuth 2.0 implementation flaws, including session token leakage and...

2026-06-23
CVE-2026-56424
Analyzed
7.1
Intel MISP

MISP core contained multiple broken access-control flaws where authorization checks were performed against the wrong entity, or where ownership/editab...

2026-06-23
CVE-2026-56423
Analyzed
9.4
Intel MISP

MISP Core contains broken access-control checks in bulk deletion flows for Event Reports and Sharing Groups, allowing unauthorized deletion of data ac...

2026-06-23
CVE-2026-56422
Analyzed
9.4
Intel MISP

MISP core controllers fail to properly validate ownership and primary keys, allowing authenticated users to perform unauthorized data modifications on...

2026-06-23
CVE-2026-5642
7.3
HP of the

A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f

2026-04-06
CVE-2026-56415
Analyzed
10
StoneFly Storage Concentrator

An unauthenticated command injection vulnerability in the StoneFly Storage Concentrator debug.pl script allows remote attackers to execute arbitrary s...

2026-07-01
CVE-2026-56413
Analyzed
10
StoneFly Storage Concentrator

StoneFly Storage Concentrator is vulnerable to unauthenticated remote command injection via the ms_service.pl service, allowing root-level arbitrary c...

2026-07-01
CVE-2026-56397
Analyzed
9.6
SiYuan SiYuan

SiYuan versions before 3.6.1 contain an XSS vulnerability in the Bazaar marketplace that allows remote code execution via malicious package metadata.

2026-06-22
CVE-2026-56396
Analyzed
8.8
HP phpMyFAQ

phpMyFAQ before 4

2026-06-22
CVE-2026-56395
Analyzed
9.6
SiYuan SiYuan

SiYuan versions before 3.6.1 contain an XSS vulnerability in the Bazaar marketplace that allows remote code execution via malicious package metadata.

2026-06-22
CVE-2026-56382
Analyzed
7.2
Craft CMS CMS

Craft CMS (composer package craftcms/cms) versions >= 5

2026-06-22
CVE-2026-5637
7.3
HP of the

A security vulnerability has been detected in projectworlds Car Rental System 1

2026-04-06
CVE-2026-56351
Analyzed
8.2
Unknown n8n

n8n before version 2

2026-06-25
CVE-2026-56348
Analyzed
9.1
Unknown n8n

n8n contains a credential exfiltration vulnerability in the POST /rest/dynamic-node-parameters/options endpoint allowing authenticated users to bypass...

2026-06-23
CVE-2026-56345
Analyzed
8.1
AVideo AVideo

AVideo through 29

2026-06-21
CVE-2026-56341
Analyzed
7.5
AVideo AVideo

AVideo through version 26

2026-06-22
CVE-2026-56340
Analyzed
8.8
Intel vLLM

vLLM versions >= 0

2026-06-21
CVE-2026-5634
7.3
HP of the

A vulnerability was identified in projectworlds Car Rental Project 1

2026-04-06
CVE-2026-5633
7.3
Arch Multiple Products

A vulnerability was determined in assafelovic gpt-researcher up to 3

2026-04-06
CVE-2026-56324
Analyzed
8.2
Capgo Capgo

Capgo before 12

2026-06-23
CVE-2026-56323
Analyzed
7.5
Capgo Capgo

Capgo before 12

2026-06-23
CVE-2026-5632
7.3
Arch Multiple Products

A vulnerability was found in assafelovic gpt-researcher up to 3

2026-04-06
CVE-2026-56315
Analyzed
9.8
Unknown picklescan

The picklescan library before 1.0.4 fails to block multiple Python standard library modules, allowing attackers to execute arbitrary code via maliciou...

2026-06-24
CVE-2026-56314
Analyzed
7.1
Capgo Capgo

Capgo before 12

2026-06-23
CVE-2026-5631
7.3
Arch Multiple Products

A vulnerability has been found in assafelovic gpt-researcher up to 3

2026-04-06
CVE-2026-56290
Analyzed
10
Joomla Page Builder CK

The Page Builder CK extension for Joomla is vulnerable to an unauthenticated arbitrary file upload, enabling attackers to execute malicious code on th...

2026-06-30
CVE-2026-5629
Analyzed
8.8
Belkin F9K1015

A vulnerability was detected in Belkin F9K1015 1

2026-04-06
CVE-2026-56286
Analyzed
8.1
Capgo Capgo

Capgo before 12

2026-07-01
CVE-2026-56285
Analyzed
8.6
Zedeus Nitter

Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and uses a hardcoded default HMAC key, allowing unauthent...

2026-06-30
CVE-2026-56280
Analyzed
7.1
Cap-go Cap-go

Cap-go before 12

2026-06-23
CVE-2026-5628
Analyzed
8.8
Belkin F9K1015

A security vulnerability has been detected in Belkin F9K1015 1

2026-04-06
CVE-2026-56278
Analyzed
9.1
Flowise Flowise

Flowise uses a weak, hardcoded default secret for session management, enabling unauthenticated attackers to forge session cookies and hijack user acco...

2026-07-01
CVE-2026-56274
Analyzed
9.9
Flowise Flowise

Flowise versions before 3.1.2 are susceptible to OS command injection via the Custom MCP Server feature due to inadequate validation of command flags...

2026-06-24
CVE-2026-5627
Analyzed
9.1
Infor Multiple Products

A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the `AgentFlows` component. The vulnera...

2026-04-08
CVE-2026-56268
Analyzed
7.7
Flowise Flowise

Flowise before 3

2026-06-23
CVE-2026-56266
Analyzed
8.6
Crawl4AI Crawl4AI

Crawl4AI before 0

2026-06-23
CVE-2026-56265
Analyzed
9.8
Docker Crawl4AI

Crawl4AI versions before 0.8.7 contain an authentication bypass vulnerability due to a hardcoded JWT signing key in the Docker API server.

2026-06-22
CVE-2026-56264
Analyzed
8.1
Crawl4AI Crawl4AI

Crawl4AI before 0

2026-07-01
CVE-2026-56258
Analyzed
8.1
Crawl4AI Crawl4AI

Crawl4AI before 0

2026-06-24
CVE-2026-56253
Analyzed
7.5
Capgo Capgo

Capgo before 12

2026-06-22
CVE-2026-56249
Analyzed
7.6
Capgo Capgo

Capgo before 12

2026-07-01
CVE-2026-56247
Analyzed
8.8
Capgo Capgo

Capgo before 12

2026-07-01
CVE-2026-56245
Analyzed
8.2
Supabase Capgo

Supabase Capgo before 12

2026-06-25
CVE-2026-56243
Analyzed
8.1
Capgo Capgo

Capgo before 12

2026-06-24
CVE-2026-56242
Analyzed
7.5
Capgo Capgo

Capgo before 12

2026-06-22
CVE-2026-56239
Analyzed
7.6
Capgo Capgo

Capgo before 12

2026-06-22