17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 1351-1400 of 17426 CVEs Page 28 of 349
CVE-2026-56034
Analyzed
9.3
Online Web Tutor Library Management System

The Library Management System by Online Web Tutor is affected by an unauthenticated SQL injection vulnerability in versions 3.5.7 and earlier.

2026-06-27
CVE-2026-56033
Analyzed
9.8
Unknown Dokan Pro

A critical unauthenticated privilege escalation vulnerability in Dokan Pro allows attackers to bypass security controls and obtain administrative acce...

2026-06-27
CVE-2026-56032
Analyzed
9.8
HP Buddyboss Platform

A PHP Object Injection vulnerability exists in the Buddyboss Platform plugin that may allow unauthenticated or low-privileged attackers to execute arb...

2026-06-27
CVE-2026-56031
Analyzed
8.1
HP Automator

Unauthenticated PHP Object Injection in Uncanny Automator <= 7

2026-06-27
CVE-2026-56030
Analyzed
9.8
WordPress Paytium

A critical unauthenticated privilege escalation vulnerability in the Paytium plugin allows remote attackers to gain unauthorized administrative privil...

2026-06-27
CVE-2026-56029
Analyzed
7.5
CorvusPay WooCommerce Payment Gateway

Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway <= 2

2026-06-28
CVE-2026-56028
Analyzed
9.8
WordPress Easy Elements for Elementor

A critical unauthenticated privilege escalation vulnerability exists in the Easy Elements for Elementor plugin, allowing attackers to elevate their ac...

2026-06-27
CVE-2026-56027
Analyzed
9.9
WordPress Booster for WooCommerce

Booster for WooCommerce contains an arbitrary file upload vulnerability allowing unauthenticated remote code execution.

2026-06-27
CVE-2026-56025
Analyzed
7.5
Paymob Paymob for WooCommerce

Unauthenticated Broken Access Control in Paymob for WooCommerce <= 4

2026-06-28
CVE-2026-56018
Analyzed
7.5
Unknown JavaScript::Minifier::XS

JavaScript::Minifier::XS versions before 0

2026-06-30
CVE-2026-56017
Analyzed
7.5
Unknown JavaScript::Minifier::XS

JavaScript::Minifier::XS versions before 0

2026-06-30
CVE-2026-56015
Analyzed
9.1
TPODER Net::IP::LPM

The Perl module Net::IP::LPM allows a heap out-of-bounds read due to improper validation of prefix lengths in the add() function.

2026-07-07
CVE-2026-56012
Analyzed
8.5
David Lingren Media Library Assistant

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows Bli...

2026-06-20
CVE-2026-56010
Analyzed
8.8
WordPress Abandoned Cart Pro for WooCommerce

Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10

2026-06-27
CVE-2026-56008
Analyzed
8.8
WordPress Fusion Builder

Contributor Privilege Escalation in Fusion Builder <= 3

2026-06-27
CVE-2026-56004
Analyzed
10
Unknown buildservice

A shellcode injection vulnerability in the obs tar_scm source service allows attackers to execute arbitrary code via a malicious _service file.

2026-07-03
CVE-2026-55994
Analyzed
7.5
Apache Apache Camel Iggy

Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Server-Side Request Forgery (SSRF) vulnerability in Apache Came...

2026-07-07
CVE-2026-55961
Analyzed
8.2
Unknown wolfSSL

wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer

2026-06-26
CVE-2026-55960
Analyzed
8.2
Unknown wolfSSL

Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X

2026-06-26
CVE-2026-55958
Analyzed
8.3
Renesas TSIP (Trusted Secure IP)

Out-of-bounds write in the Renesas TSIP TLS 1

2026-06-26
CVE-2026-55952
Analyzed
8.2
Erlang OTP (Open Telecom Platform)

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1

2026-07-03
CVE-2026-55950
Analyzed
8.7
Erlang OTP

Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Erlang/OTP ssl (dtls_packet_demux module) allows an unauthenticated remote attacker...

2026-07-03
CVE-2026-55844
Analyzed
7.5
Home Assistant Core

Home Assistant is open source home automation software that puts local control and privacy first

2026-06-30
CVE-2026-5584
7.3
Fosowl Multiple Products

A vulnerability has been found in Fosowl agenticSeek 0

2026-04-06
CVE-2026-55794
Analyzed
8.7
Craft CMS Craft CMS

Craft CMS is a content management system (CMS)

2026-07-02
CVE-2026-5577
7.3
Infor Multiple Products

A vulnerability has been found in Song-Li cross_browser up to ca690f0fe6954fd9bcda36d071b68ed8682a786a

2026-04-06
CVE-2026-55762
Analyzed
8.1
Rocket.Chat Rocket.Chat

Rocket

2026-06-25
CVE-2026-5575
7.3
HP of the

A vulnerability was detected in SourceCodester/jkev Record Management System 1

2026-04-06
CVE-2026-55741
Analyzed
8.8
Cotonti Cotonti

Cotonti 1

2026-06-18
CVE-2026-55738
Analyzed
8.8
Microtar Microtar

A stack-based buffer overflow exists in the raw_to_header() function in src/microtar

2026-06-18
CVE-2026-5573
Analyzed
7.3
Technostrobe HI-LED-WR120-G2

A weakness has been identified in Technostrobe HI-LED-WR120-G2 5

2026-04-06
CVE-2026-55727
Analyzed
7.5
Genetec Inc. Genetec Security Center

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5

2026-07-07
CVE-2026-55721
Analyzed
9.3
Intel Storage Concentrator

StoneFly Storage Concentrator is vulnerable to unauthenticated SQL injection via cookie values in login.pl and debug.pl, allowing for sensitive data e...

2026-07-01
CVE-2026-5570
Analyzed
7.3
Technostrobe HI-LED-WR120-G2

A vulnerability was determined in Technostrobe HI-LED-WR120-G2 5

2026-04-06
CVE-2026-55698
Analyzed
8.8
Unknown pnpm

pnpm is a package manager

2026-06-26
CVE-2026-5569
Analyzed
7.3
Technostrobe HI-LED-WR120-G2

A vulnerability was found in Technostrobe HI-LED-WR120-G2 5

2026-04-06
CVE-2026-55677
Analyzed
7.5
Labstack Echo

Echo is a Go web framework

2026-06-28
CVE-2026-5567
8.8
Tenda M3

A flaw has been found in Tenda M3 1

2026-04-06
CVE-2026-55667
Analyzed
8.2
Unknown filebrowser

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory

2026-06-26
CVE-2026-55666
Analyzed
9.3
Apple Rocket.Chat

Rocket.Chat contains an authentication bypass vulnerability in its Apple OAuth flow, allowing attackers to forge JWTs and perform account takeovers.

2026-06-25
CVE-2026-5566
Analyzed
8.8
UTT HiPER 1250GW

A vulnerability was detected in UTT HiPER 1250GW up to 3

2026-04-06
CVE-2026-5565
7.3
HP of the

A security vulnerability has been detected in code-projects Simple Laundry System 1

2026-04-06
CVE-2026-5564
7.3
Laundry Multiple Products

A weakness has been identified in code-projects Simple Laundry System 1

2026-04-06
CVE-2026-5562
Analyzed
7.3
Provectus kafka-ui

A vulnerability was identified in provectus kafka-ui up to 0

2026-04-06
CVE-2026-55607
Analyzed
7.7
Intel Claude Code

Claude Code is an agentic coding tool

2026-06-30
CVE-2026-55603
Analyzed
7.5
Unknown http-proxy-middleware

http-proxy-middleware is node

2026-06-23
CVE-2026-55574
Analyzed
8.7
HP vLLM

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs

2026-07-07
CVE-2026-5555
7.3
HP of the

A weakness has been identified in code-projects Concert Ticket Reservation System 1

2026-04-06
CVE-2026-5554
7.3
Unknown Multiple Products

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1

2026-04-06
CVE-2026-5551
7.3
HP of the

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1

2026-04-06