17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 1901-1950 of 17426 CVEs Page 39 of 349
CVE-2026-49049
Analyzed
7.5
Joomla Helix3 extension

The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files...

2026-06-30
CVE-2026-49046
Analyzed
8.5
Arjun Thakur Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Arjun Thakur Duplicate Page and Post allows Blin...

2026-05-29
CVE-2026-49042
Analyzed
7.3
Apache Camel

Improper Input Validation vulnerability in Apache Camel

2026-07-07
CVE-2026-4904
8.8
Tenda AC5

A vulnerability has been found in Tenda AC5 15

2026-03-27
CVE-2026-4903
8.8
Tenda AC5

A flaw has been found in Tenda AC5 15

2026-03-27
CVE-2026-4902
8.8
Tenda AC5

A vulnerability was detected in Tenda AC5 15

2026-03-27
CVE-2026-48970
Analyzed
8.1
WordPress Really Simple SSL

Unauthenticated Broken Authentication in Really Simple SSL <= 9

2026-06-16
CVE-2026-48967
Analyzed
8.5
WordPress Geo Mashup Plugin

Subscriber SQL Injection in Geo Mashup <= 1

2026-06-18
CVE-2026-48964
Analyzed
8.5
WordPress HelpDesk & Customer Ticketing System

Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System <= 3

2026-06-16
CVE-2026-4896
Analyzed
8.1
WordPress is vulnerable

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct...

2026-04-04
CVE-2026-48920
Analyzed
8.8
Jenkins Email Extension

Jenkins Email Extension Plugin 1933

2026-05-28
CVE-2026-4892
8.4
DHCPv6 Multiple Products

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root priv...

2026-05-12
CVE-2026-48907
KEV Analyzed
9.5
Joomla Joomla Content Editor

An improper access control vulnerability in the Widget Factory Joomla Content Editor allows unauthorized users to perform restricted actions.

2026-06-17
CVE-2026-48904
Analyzed
9.8
Joomla CMS

An improper access check in the Joomla CMS `com_users` webservice endpoint allows for privilege escalation.

2026-05-27
CVE-2026-4890
7.5
DNSSEC validation Multiple Products

A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS pac...

2026-05-12
CVE-2026-48899
Analyzed
9.8
Joomla CMS

Joomla CMS contains an improper access check in the `com_users` batch task, allowing for privilege escalation.

2026-05-27
CVE-2026-48898
Analyzed
9.8
Joomla CMS

An improper access check in the Joomla CMS `com_users` batch task allows for privilege escalation.

2026-05-27
CVE-2026-48889
Analyzed
8.8
WordPress Amelia Plugin

Subscriber Privilege Escalation in Amelia <= 2

2026-06-16
CVE-2026-48882
Analyzed
8.5
WordPress WP Time Slots Booking Form

Subscriber SQL Injection in WP Time Slots Booking Form <= 1

2026-06-16
CVE-2026-48879
Analyzed
9.8
WordPress AIWU

The AIWU plugin for WordPress is vulnerable to privilege escalation due to incorrect privilege assignment.

2026-06-02
CVE-2026-48874
Analyzed
8.5
WordPress GamiPress

Subscriber SQL Injection in GamiPress <= 7

2026-06-16
CVE-2026-4885
Analyzed
9.8
WordPress is vulnerable

The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to insufficient extension filtering, enabling una...

2026-05-19
CVE-2026-48836
Analyzed
10
Easy Invoice Easy Invoice

Easy Invoice contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands on the server.

2026-06-16
CVE-2026-4883
Analyzed
9.8
WordPress is vulnerable

The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file upload due to insufficient file extension blacklisting, enabling remote code ex...

2026-05-20
CVE-2026-4882
Analyzed
9.8
WordPress is vulnerable

The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads, potentially leading to remote code execution.

2026-05-02
CVE-2026-48800
Analyzed
7.8
Notepad++ Notepad++

Notepad++ is a free and open-source source code editor

2026-06-27
CVE-2026-4880
Analyzed
9.8
WordPress is vulnerable

The Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale) plugin for WordPress is vulnerable to privilege e...

2026-04-16
CVE-2026-48793
Analyzed
8.8
Jellyfin Jellyfin

Jellyfin is an open source self hosted media server

2026-06-25
CVE-2026-48780
Analyzed
8.2
Forem Forem

Forem is open source software for building communities

2026-06-17
CVE-2026-48778
Analyzed
7.8
Notepad++ Notepad++

Notepad++ is a free and open-source source code editor

2026-06-27
CVE-2026-48772
Analyzed
10
ProxySQL ProxySQL

A PROXY protocol v1 implementation flaw in ProxySQL allows unauthenticated attackers to spoof source IP addresses, resulting in ACL and routing bypass...

2026-06-20
CVE-2026-48748
Analyzed
7.5
Netty Netty

Netty is a network application framework for development of protocol servers and clients

2026-06-15
CVE-2026-48746
Analyzed
9.1
Unknown vLLM

A vulnerability in the vLLM inference engine allows unauthenticated users to bypass OpenAI API key requirements, potentially exposing LLM services to...

2026-06-23
CVE-2026-48743
Analyzed
7.5
Envoy Proxy Envoy

Envoy is an open source edge and service proxy designed for cloud-native applications

2026-06-28
CVE-2026-48732
Analyzed
8.8
Warp Warp

Warp is an agentic development environment

2026-06-25
CVE-2026-48725
Analyzed
8.1
Warp Warp

Warp is an agentic development environment

2026-06-25
CVE-2026-48721
Analyzed
8.6
Intel Warp

Warp is an agentic development environment

2026-06-25
CVE-2026-48720
Analyzed
8.8
Intel Warp Development Environment

Warp is an agentic development environment

2026-06-25
CVE-2026-48716
Analyzed
8.7
SAP nanobot

nanobot is a personal AI assistant

2026-06-20
CVE-2026-48712
Analyzed
7.5
Unknown protobuf.js

protobufjs compiles protobuf definitions into JavaScript (JS) functions

2026-06-23
CVE-2026-48704
Analyzed
8.8
Intel Warp Development Environment

Warp is an agentic development environment

2026-06-25
CVE-2026-48689
Analyzed
9.8
FastNetMon Community Edition

FastNetMon Community Edition contains an off-by-one heap-based buffer overflow in its `dynamic_binary_buffer_t` class, allowing potential RCE.

2026-05-27
CVE-2026-48686
Analyzed
9.8
FastNetMon Community Edition

FastNetMon Community Edition is vulnerable to a stack-based buffer overflow in the BGP NLRI decoder, potentially allowing RCE.

2026-05-27
CVE-2026-4868
Analyzed
8.2
GitLab has remediated

GitLab has remediated an issue in GitLab EE affecting all versions from 18

2026-05-29
CVE-2026-4867
7.5
Unknown Multiple Products

Impact: A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not...

2026-03-28
CVE-2026-4862
8.8
UTT Multiple Products

A security vulnerability has been detected in UTT HiPER 1250GW up to 3

2026-03-27
CVE-2026-48614
Analyzed
9.9
WebPros Plesk

An improper authorization vulnerability in the Plesk XML API allows authenticated users to inject configuration directives, leading to arbitrary file...

2026-07-07
CVE-2026-48612
Analyzed
8
Okta OAuth implementation

Improper state verification in the OAuth implementation could allow an attacker to manipulate the authentication flow and cause a victim’s account to...

2026-06-14
CVE-2026-48611
Analyzed
9.8
Unknown Unknown

Improper authentication checks in the OAuth implementation of the affected software allow for account hijacking, even when the feature is disabled.

2026-06-12
CVE-2026-48610
Analyzed
8.1
Ubiquiti UniFi OS

Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain...

2026-06-13