17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 1401-1450 of 17426 CVEs Page 29 of 349
CVE-2026-5550
8.8
Tenda AC10

A vulnerability was identified in Tenda AC10 16

2026-04-05
CVE-2026-5548
8.8
Tenda AC10

A vulnerability was found in Tenda AC10 16

2026-04-05
CVE-2026-55454
Analyzed
9.9
Appsmith Appsmith

The Appsmith platform contains a configuration flaw in the bundled Caddy reverse-proxy, allowing authenticated users to perform SSRF and achieve full...

2026-06-25
CVE-2026-55450
Analyzed
9.3
Unknown langflow

Unauthenticated users can exploit Langflow to cause server-side space exhaustion via excessive file uploads and gain information leaks regarding file...

2026-06-24
CVE-2026-55447
Analyzed
9.6
Langflow Langflow

A path traversal vulnerability in Langflow components based on BaseFileComponent allows attackers to read arbitrary files from the server's filesystem...

2026-06-24
CVE-2026-55441
Analyzed
8.6
Unknown mise

mise manages dev tools like node, python, cmake, and terraform

2026-06-27
CVE-2026-5544
Analyzed
8.8
UTT HiPER 1250GW

A security flaw has been discovered in UTT HiPER 1250GW up to 3

2026-04-05
CVE-2026-55413
Analyzed
9.4
ToolJet ToolJet

An authenticated builder can overwrite marketplace plugins with arbitrary server-side JavaScript, leading to RCE and supply-chain compromise within To...

2026-06-26
CVE-2026-55412
Analyzed
8.3
ToolJet ToolJet

ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents

2026-06-26
CVE-2026-55409
Analyzed
7.6
Filament Filament

Filament is a collection of full-stack components for accelerated Laravel development

2026-06-23
CVE-2026-5540
7.3
HP of the

A vulnerability has been found in code-projects Simple Laundry System 1

2026-04-05
CVE-2026-55388
Analyzed
8.1
Piscina piscina

piscina is a node

2026-06-23
CVE-2026-55380
Analyzed
7.5
Python Pillow Pillow

Pillow is a Python imaging library

2026-07-07
CVE-2026-55379
Analyzed
7.5
Python Pillow Pillow

Pillow is a Python imaging library

2026-07-07
CVE-2026-5536
Analyzed
7.3
FedML-AI FedML

A weakness has been identified in FedML-AI FedML up to 0

2026-04-05
CVE-2026-5534
Analyzed
7.3
HP Online Enrollment System

A vulnerability was identified in itsourcecode Online Enrollment System 1

2026-04-05
CVE-2026-5526
7.3
Tenda Multiple Products

A security flaw has been discovered in Tenda 4G03 Pro up to 1

2026-04-05
CVE-2026-55255
Analyzed
9.9
Langflow Langflow

An Insecure Direct Object Reference (IDOR) vulnerability in the Langflow /api/v1/responses endpoint allows authenticated attackers to execute unauthor...

2026-06-24
CVE-2026-5524
Analyzed
9.8
WordPress Divi Form Builder

The Divi Form Builder plugin for WordPress contains an arbitrary file upload vulnerability allowing unauthenticated remote code execution via insuffic...

2026-07-03
CVE-2026-55237
Analyzed
8.8
Intel Workflow Automation Platform

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents

2026-06-19
CVE-2026-55189
Analyzed
7.7
RustFS RustFS

RustFS is a distributed object storage system built in Rust

2026-06-28
CVE-2026-55188
Analyzed
8.2
RustFS RustFS

RustFS is a distributed object storage system built in Rust

2026-06-27
CVE-2026-5513
Analyzed
7.2
WordPress Online Scheduling and Appointment Booking System

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-custom...

2026-06-15
CVE-2026-55119
Analyzed
8.1
Ubiquiti UniFi Talk Application

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application...

2026-07-03
CVE-2026-55118
Analyzed
8.3
Ubiquiti UniFi Network Application

A malicious actor with access to the network,low privileges and under certain conditions could exploit an Improper Access Control vulnerability found...

2026-07-03
CVE-2026-55117
Analyzed
8.6
Ubiquiti UniFi Access Application

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the hos...

2026-07-03
CVE-2026-55116
Analyzed
9
Ubiquiti Dream Machines

An improper access control flaw in Ubiquiti Dream Machines running UniFi OS allows network-adjacent attackers to make unauthorized configuration chang...

2026-07-03
CVE-2026-55115
Analyzed
9.9
Ubiquiti UniFi Protect Application

A Server-Side Request Forgery (SSRF) vulnerability in the Ubiquiti UniFi Protect Application allows authenticated low-privilege network users to escal...

2026-07-03
CVE-2026-55114
Analyzed
8.8
Ubiquiti UniFi Network Application

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Network Applicat...

2026-07-03
CVE-2026-55069
Analyzed
8.7
Unknown kestra

Kestra is an open-source, event-driven orchestration platform

2026-06-27
CVE-2026-54998
Analyzed
8.8
Microsoft Exchange Online

Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network

2026-07-03
CVE-2026-5496
7.8
Unknown Multiple Products

Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability

2026-04-11
CVE-2026-5495
7.8
Unknown Multiple Products

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

2026-04-11
CVE-2026-5494
7.8
Unknown Multiple Products

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

2026-04-11
CVE-2026-5493
7.8
Unknown Multiple Products

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

2026-04-11
CVE-2026-54917
Analyzed
7.8
SeaweedFS SeaweedFS

SeaweedFS is a distributed storage system for object storage (S3), file systems, and Iceberg tables

2026-06-27
CVE-2026-54904
Analyzed
8.2
Unknown concurrent-ruby

concurrent-ruby is a modern concurrency tools for Ruby

2026-06-25
CVE-2026-54892
Analyzed
8.7
Elixir Plug

Inefficient algorithmic complexity in Plug's nested-parameter decoder allows an unauthenticated remote attacker to cause denial of service

2026-06-24
CVE-2026-5485
Analyzed
7.8
Unknown might allow

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2

2026-04-04
CVE-2026-54849
Analyzed
9.3
WordPress Wishlist for WooCommerce

Premmerce Wishlist for WooCommerce contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries...

2026-06-26
CVE-2026-54848
Analyzed
8.3
APIExperts APIExperts Square for WooCommerce

Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal APIExperts Square for WooCommerce allows Retrieve Embedded Sensitive Dat...

2026-06-26
CVE-2026-54847
Analyzed
7.5
Stylish Cost Calculator Stylish Cost Calculator

Unauthenticated Broken Access Control in Stylish Cost Calculator <= 8

2026-06-28
CVE-2026-54846
Analyzed
7.5
Unknown Syncee Premium Dropshipping & Wholesale

Unauthenticated Broken Access Control in Syncee Premium Dropshipping &amp; Wholesale <= 1

2026-06-28
CVE-2026-54845
Analyzed
8.1
PluginUs.Net MDTF (WordPress Plugin)

Unauthenticated Local File Inclusion in MDTF <= 1

2026-06-27
CVE-2026-54843
Analyzed
9.3
WordPress MDTF

The MDTF plugin for WordPress contains an unauthenticated SQL injection vulnerability in versions 1.3.7 and earlier, allowing remote attackers to exec...

2026-06-26
CVE-2026-54842
Analyzed
8.1
WordPress Royal MCP

Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels

2026-06-27
CVE-2026-54840
Analyzed
7.3
Tribulant Newsletters

Unauthenticated Broken Access Control in Newsletters <= 4

2026-06-28
CVE-2026-54839
Analyzed
7.5
Intel Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups

Unauthenticated Sensitive Data Exposure in Trinity Backup &#8211; Backup, Migrate, Restore, Clone &amp; Schedule Backups <= 2

2026-06-28
CVE-2026-54838
Analyzed
8.5
WordPress WC Vendors Marketplace

Subscriber SQL Injection in WC Vendors Marketplace <= 2

2026-06-26
CVE-2026-54837
Analyzed
7.5
Syed Intranet & Private Site – All-In-One Intranet

Unauthenticated Broken Access Control in Intranet &amp; Private Site &#8211; All-In-One Intranet <= 1

2026-06-28