17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 1951-2000 of 17426 CVEs Page 40 of 349
CVE-2026-4861
8.8
Unknown Multiple Products

A weakness has been identified in Wavlink WL-NU516U1 260227

2026-03-27
CVE-2026-48584
Analyzed
9.9
Microsoft Azure Synapse

An execution with unnecessary privileges vulnerability in Azure Synapse allows authenticated attackers to escalate privileges over a network.

2026-06-20
CVE-2026-4858
Analyzed
8
Mattermost Multiple Products

Mattermost versions 11

2026-05-22
CVE-2026-4857
8.4
IdentityIQ Multiple Products

IdentityIQ 8

2026-04-16
CVE-2026-48567
Analyzed
10
Microsoft Azure HorizonDB

An authentication bypass vulnerability in Azure HorizonDB allows unauthorized attackers to spoof credentials and elevate privileges over a network.

2026-06-05
CVE-2026-48558
KEV Analyzed
10
SimpleHelp SimpleHelp

SimpleHelp contains an authentication bypass in the OIDC flow, allowing unauthenticated attackers to forge tokens and gain full technician access with...

2026-06-13
CVE-2026-48557
Analyzed
8.8
Unknown AddHandler configuration

Spatie Laravel Media Library before version 11

2026-05-30
CVE-2026-48527
Analyzed
8.7
HP or NodeJs

HAX CMS helps manage microsite universe with PHP or NodeJs backends

2026-05-30
CVE-2026-48519
Analyzed
9.6
Langflow Langflow

Langflow contains a critical remote code execution (RCE) vulnerability in its "Shareable Playground" feature, allowing unauthenticated users to execut...

2026-06-24
CVE-2026-48506
Analyzed
7.5
MessagePack MessagePack-CSharp

MessagePack for C# is a MessagePack serializer for C#

2026-06-23
CVE-2026-48505
Analyzed
7.4
HP Filament

Filament is a collection of full-stack components for accelerated Laravel development

2026-06-23
CVE-2026-48502
Analyzed
8.2
MessagePack-CSharp MessagePack-CSharp

MessagePack for C# is a MessagePack serializer for C#

2026-06-23
CVE-2026-48491
Analyzed
7.8
Traefik Labs Traefik

Traefik is an HTTP reverse proxy and load balancer

2026-06-24
CVE-2026-4840
8.8
Netcore Multiple Products

A security flaw has been discovered in Netcore Power 15AX up to 3

2026-03-26
CVE-2026-4834
Analyzed
7.5
WordPress is vulnerable

The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'search_key' parameter in all versions up to, and including, 1

2026-05-22
CVE-2026-48316
Analyzed
10
Adobe ColdFusion

Adobe ColdFusion is susceptible to an improper input validation vulnerability that allows an unauthenticated remote attacker to execute arbitrary code...

2026-07-07
CVE-2026-48315
Analyzed
9.3
Adobe ColdFusion

Adobe ColdFusion is affected by an improper input validation vulnerability that allows for arbitrary code execution via malicious file interaction.

2026-07-01
CVE-2026-48313
Analyzed
9.3
Adobe ColdFusion

A path traversal vulnerability in Adobe ColdFusion allows unauthenticated attackers to read sensitive files and perform limited writes on the file sys...

2026-07-01
CVE-2026-48307
Analyzed
8.8
Adobe ColdFusion

ColdFusion versions 2025

2026-07-01
CVE-2026-48303
Analyzed
10
Adobe Campaign Classic

Adobe Campaign Classic is vulnerable to an incorrect authorization flaw that allows unauthenticated attackers to achieve arbitrary code execution via...

2026-06-10
CVE-2026-48286
Analyzed
10
Adobe Adobe Campaign Classic (ACC)

Adobe Campaign Classic contains an authorization flaw that allows unauthenticated remote attackers to execute arbitrary code.

2026-07-01
CVE-2026-48285
Analyzed
8.6
Adobe ColdFusion

ColdFusion versions 2025

2026-07-01
CVE-2026-48283
Analyzed
10
Adobe ColdFusion

Adobe ColdFusion is vulnerable to an unrestricted file upload flaw allowing unauthenticated attackers to achieve arbitrary code execution.

2026-07-01
CVE-2026-48282
Analyzed
10
Adobe ColdFusion

Adobe ColdFusion is affected by a path traversal vulnerability that permits unauthenticated remote attackers to execute arbitrary code.

2026-07-01
CVE-2026-48281
Analyzed
10
Adobe ColdFusion

Adobe ColdFusion is vulnerable to an improper input validation flaw, enabling unauthenticated remote attackers to execute arbitrary code on the host s...

2026-07-01
CVE-2026-4828
8.2
Devolutions Multiple Products

Improper authentication in the OAuth login functionality in Devolutions Server 2026

2026-04-02
CVE-2026-48277
Analyzed
10
Adobe ColdFusion

Adobe ColdFusion contains an improper input validation vulnerability that allows unauthenticated remote attackers to achieve arbitrary code execution.

2026-07-01
CVE-2026-48276
Analyzed
10
Adobe ColdFusion

Adobe ColdFusion is vulnerable to an unrestricted file upload flaw, allowing unauthenticated attackers to upload and execute arbitrary code.

2026-07-01
CVE-2026-48242
Analyzed
8.1
HP Multiple Products

Open ISES Tickets before 3

2026-05-22
CVE-2026-48241
Analyzed
8.1
HP Multiple Products

Open ISES Tickets before 3

2026-05-22
CVE-2026-48240
Analyzed
7.1
HP Unknown

Open ISES Tickets before 3

2026-05-23
CVE-2026-48239
Analyzed
7.1
HP Unknown

Open ISES Tickets before 3

2026-05-23
CVE-2026-48238
Analyzed
7.1
HP Unknown

Open ISES Tickets before 3

2026-05-23
CVE-2026-48237
Analyzed
7.1
HP Unknown

Open ISES Tickets before 3

2026-05-23
CVE-2026-48236
Analyzed
7.1
Open ISES Tickets

Open ISES Tickets before 3

2026-05-23
CVE-2026-48235
Analyzed
8.2
Google Latitude integration (Open ISES)

Open ISES Tickets before 3

2026-05-22
CVE-2026-48234
Analyzed
7.1
HP where the

Open ISES Tickets before 3

2026-05-22
CVE-2026-48233
Analyzed
7.1
HP where the

Open ISES Tickets before 3

2026-05-22
CVE-2026-48232
Analyzed
7.1
HP where the

Open ISES Tickets before 3

2026-05-22
CVE-2026-48231
Analyzed
7.1
HP where the

Open ISES Tickets before 3

2026-05-22
CVE-2026-48207
Analyzed
9.8
Apache Fory PyFory

Apache Fory PyFory is vulnerable to deserialization of untrusted data, which can bypass safety policies and lead to remote code execution.

2026-05-22
CVE-2026-48205
Analyzed
9.1
Apache Camel DNS

An SSRF vulnerability in Apache Camel DNS allows unauthenticated attackers to perform internal network reconnaissance and potentially interact with at...

2026-07-07
CVE-2026-48204
Analyzed
9.8
Apache Apache Camel

An input validation vulnerability in the Apache Camel MongoDB GridFS component allows unauthenticated remote attackers to perform unauthorized operati...

2026-07-07
CVE-2026-48203
Analyzed
9.1
Apache Apache Camel

The Apache Camel Solr component is vulnerable to SSRF and parameter injection due to improper header validation, allowing unauthenticated attackers to...

2026-07-07
CVE-2026-48188
Analyzed
9.1
OTRS OTRS / (OTRS) Community Edition

An improper input validation flaw in the OTRS database layer allows unauthenticated SQL injection when the MySQL/MariaDB server is configured with NO_...

2026-06-01
CVE-2026-48172
KEV Analyzed
9.8
Redis enable

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best...

2026-05-27
CVE-2026-48165
Analyzed
8
MariaDB Server

MariaDB server is a community developed fork of MySQL server

2026-06-14
CVE-2026-48163
Analyzed
8
MariaDB Server

MariaDB server is a community developed fork of MySQL server

2026-06-14
CVE-2026-48153
Analyzed
8.5
Unknown Multiple Products

Budibase is an open-source low-code platform

2026-05-29
CVE-2026-4815
8.8
HP Multiple Products

A SQL Injection vulnerability has been found in Support Board v3

2026-03-27