17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 2001-2050 of 17426 CVEs Page 41 of 349
CVE-2026-48114
Analyzed
9.8
DataONE (Metacat) Metacat

Metacat data repository software contains an unauthenticated SQL injection vulnerability allowing full database read/write/execute access.

2026-06-16
CVE-2026-48109
Analyzed
8.2
MessagePack-CSharp MessagePack-CSharp

MessagePack for C# is a MessagePack serializer for C#

2026-06-23
CVE-2026-48095
Analyzed
8.8
Unknown 7-Zip

7-Zip is a file archiver with a high compression ratio

2026-06-07
CVE-2026-4809
Analyzed
9.8
HP code while

Plank laravel-mediable through version 6.4.0 allows for arbitrary file upload and remote code execution by trusting client-supplied MIME types during...

2026-03-27
CVE-2026-48059
Analyzed
7.5
Netty Netty

Netty is a network application framework for development of protocol servers and clients

2026-06-15
CVE-2026-48055
Analyzed
10
Streambert Streambert

A Zip Slip vulnerability in the Streambert desktop application allows attackers to perform path traversal and write arbitrary files to the host filesy...

2026-06-18
CVE-2026-48044
Analyzed
7.5
Envoy Proxy Envoy

Envoy is an open source edge and service proxy designed for cloud-native applications

2026-06-28
CVE-2026-48042
Analyzed
7.5
Envoy Proxy Envoy

Envoy is an open source edge and service proxy designed for cloud-native applications

2026-06-28
CVE-2026-4803
Analyzed
7.2
WordPress is vulnerable

The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'status' parameter in the wpr_update_form_action_...

2026-05-05
CVE-2026-48027
KEV Analyzed
9.8
Nx Multiple Products

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed...

2026-05-28
CVE-2026-48020
Analyzed
7.8
Traefik Labs Traefik

Traefik is an HTTP reverse proxy and load balancer

2026-06-24
CVE-2026-4802
8
Unknown Multiple Products

A flaw was found in Cockpit

2026-05-12
CVE-2026-48017
Analyzed
8.8
DbGate DbGate

DbGate is cross-platform database manager

2026-06-16
CVE-2026-48006
Analyzed
7.5
Netty Netty Framework

Netty is a network application framework for development of protocol servers and clients

2026-06-15
CVE-2026-4800
8.1
GitHub Multiple Products

Impact: The fix for CVE-2021-23337 (https://github

2026-04-01
CVE-2026-47965
Analyzed
7.8
Adobe Acrobat Reader

Acrobat Reader versions 24

2026-06-14
CVE-2026-47938
Analyzed
10
Adobe Campaign Classic

Adobe Campaign Classic is affected by a Server-Side Request Forgery (SSRF) vulnerability that allows for unauthenticated privilege escalation.

2026-06-10
CVE-2026-47932
Analyzed
8.8
Adobe ColdFusion

ColdFusion versions 2023

2026-06-10
CVE-2026-47931
Analyzed
8.4
Adobe ColdFusion

ColdFusion versions 2023

2026-06-12
CVE-2026-47930
Analyzed
8.1
Adobe ColdFusion

ColdFusion versions 2023

2026-06-16
CVE-2026-47929
Analyzed
8.4
Adobe ColdFusion

ColdFusion versions 2023

2026-06-12
CVE-2026-47907
Analyzed
8.2
Adobe Dreamweaver Desktop

Dreamweaver Desktop versions 21

2026-06-13
CVE-2026-47906
Analyzed
8.6
Adobe Dreamweaver

Dreamweaver Desktop versions 21

2026-06-11
CVE-2026-47897
Analyzed
8.9
Apache Lucene

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene

2026-07-03
CVE-2026-47896
Analyzed
8.9
Apache Lucene

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene

2026-07-03
CVE-2026-4788
8.4
IBM Tivoli Netcool

IBM Tivoli Netcool Impact 7

2026-04-08
CVE-2026-47835
Analyzed
8.6
Spring Spring AI Vector Stores

In Spring AI Vector Stores, special characters could be used to force the execution of arbitrary queries in Elasticsearch, OpenSearch, and GemFire Vec...

2026-06-16
CVE-2026-47825
Analyzed
8.6
Spring Cloud Gateway Server

Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies in certain configuration scenarios

2026-06-16
CVE-2026-47784
Analyzed
8.1
Unknown Multiple Products

In memcached before 1

2026-05-20
CVE-2026-47783
Analyzed
8.1
Unknown Multiple Products

In memcached before 1

2026-05-20
CVE-2026-47762
Analyzed
8.7
Unknown Multiple Products

TinyMCE is an open source rich text editor

2026-05-29
CVE-2026-47761
Analyzed
8.7
Unknown Multiple Products

TinyMCE is an open source rich text editor

2026-05-29
CVE-2026-47760
Analyzed
8.7
Unknown Multiple Products

TinyMCE is an open source rich text editor

2026-05-29
CVE-2026-47759
Analyzed
8.7
Unknown Multiple Products

TinyMCE is an open source rich text editor

2026-05-29
CVE-2026-4775
Analyzed
7.8
Unknown Multiple Products

A flaw was found in the libtiff library

2026-03-25
CVE-2026-47744
Analyzed
9.9
Shopper Headless e-commerce Admin Panel

Shopper's admin panel contains authorization defects that allow low-privilege users to escalate their privileges to full administrator.

2026-05-30
CVE-2026-47691
Analyzed
8.7
Netty Netty

Netty is a network application framework for development of protocol servers and clients

2026-06-13
CVE-2026-4767
Analyzed
9.8
TR7 Cyber Defense WAF-ASP

A critical authentication bypass in TR7 Cyber Defense WAF-ASP enables unauthenticated attackers to perform unauthorized administrative actions.

2026-07-03
CVE-2026-47653
Analyzed
8.8
Microsoft Remote Desktop Client

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network

2026-06-10
CVE-2026-47645
Analyzed
8.8
Microsoft 365 Copilot Business Chat

Url redirection to untrusted site ('open redirect') in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges ove...

2026-06-20
CVE-2026-47643
Analyzed
9.8
Microsoft Azure Stack Edge

Azure Stack Edge contains a path traversal vulnerability that allows unauthenticated remote attackers to execute arbitrary code over the network.

2026-06-10
CVE-2026-47635
Analyzed
8.4
Microsoft Office

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally

2026-06-12
CVE-2026-47631
Analyzed
8.1
Microsoft Exchange Server

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to p...

2026-06-16
CVE-2026-4758
8.8
WordPress is vulnerable

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfiel...

2026-03-26
CVE-2026-4756
7.8
Google Multiple Products

Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7

2026-03-24
CVE-2026-4755
Analyzed
9.8
Google Android-ImageMagick7

A critical improper input validation vulnerability (CWE-20) in MolotovCherry Android-ImageMagick7 can lead to severe system instability or unauthorize...

2026-03-24
CVE-2026-4753
Analyzed
9.1
Unknown Multiple Products

Out-of-bounds Read vulnerability in slajerek RetroDebugger.This issue affects RetroDebugger: before v0.64.72.

2026-03-24
CVE-2026-4750
Analyzed
9.1
Unknown Multiple Products

Out-of-bounds Read vulnerability in fabiangreffrath woof.This issue affects woof: before woof_15.3.0.

2026-03-24
CVE-2026-4748
7.5
Unknown Multiple Products

A regression in the way hashes were calculated caused rules containing the address range syntax (x

2026-04-02
CVE-2026-4747
Analyzed
8.8
SAP SAP Software (RPCSEC_GSS implementation)

Each RPCSEC_GSS data packet is validated by a routine which checks a signature in the packet

2026-03-27