17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 2051-2100 of 17426 CVEs Page 42 of 349
CVE-2026-4740
8.2
Red Hat Advanced Cluster

A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM)

2026-04-08
CVE-2026-47389
Analyzed
8.6
Mastodon Mastodon

Mastodon is a free, open-source social network server based on ActivityPub

2026-06-25
CVE-2026-47387
Analyzed
8.4
NocoDB NocoDB

NocoDB is software for building databases as spreadsheets

2026-06-24
CVE-2026-47373
Analyzed
7.5
Unknown Multiple Products

Crypt::SaltedHash versions through 0

2026-05-22
CVE-2026-47370
Analyzed
9.9
Ubiquiti UniFi OS

Certain Ubiquiti devices running UniFi OS contain an improper input validation vulnerability allowing low-privileged network attackers to execute arbi...

2026-06-12
CVE-2026-47369
Analyzed
9.9
Ubiquiti UniFi OS

Certain Ubiquiti devices running UniFi OS are susceptible to an improper input validation vulnerability that allows network-based attackers to escalat...

2026-06-12
CVE-2026-47368
Analyzed
8.6
Ubiquiti UniFi OS

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data fro...

2026-06-12
CVE-2026-47367
Analyzed
9.9
Ubiquiti UID Enterprise Agent

The Ubiquiti UID Enterprise Agent contains an improper input validation vulnerability that allows low-privileged network attackers to execute arbitrar...

2026-06-12
CVE-2026-47365
Analyzed
9.9
WordPress WordPress Toolkit

An argument injection vulnerability in WordPress Toolkit allows authenticated users to bypass cross-tenant authorization and execute arbitrary CLI com...

2026-06-12
CVE-2026-47358
Analyzed
7.5
Arch Multiple Products

Terrascan v1

2026-05-20
CVE-2026-47357
Analyzed
7.5
Arch Multiple Products

Terrascan v1

2026-05-20
CVE-2026-47356
Analyzed
7.5
Arch Multiple Products

Terrascan v1

2026-05-20
CVE-2026-47342
Analyzed
8.8
Apache OFBiz

A privilege escalation vulnerability in Apache OFBiz allows a low-privileged authenticated user to obtain higher privileges This issue affects Apac...

2026-06-13
CVE-2026-47314
Analyzed
7.8
Samsung Open Source

Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers

2026-05-19
CVE-2026-47311
Analyzed
7.8
Samsung Open Source

Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers

2026-05-19
CVE-2026-47310
Analyzed
7.8
Samsung Open Source

Use after free vulnerability in Samsung Open Source Escargot allows Pointer Manipulation

2026-05-19
CVE-2026-47298
Analyzed
8
Microsoft Office SharePoint

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network

2026-06-14
CVE-2026-47291
Analyzed
9.8
Microsoft Windows HTTP.sys

An integer overflow or wraparound vulnerability in the Windows HTTP.sys driver allows unauthorized attackers to execute arbitrary code over a network.

2026-06-10
CVE-2026-47289
Analyzed
8.8
Microsoft Remote Desktop Client

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network

2026-06-10
CVE-2026-4727
7.5
Unknown Multiple Products

Denial-of-service in the Libraries component in NSS

2026-03-26
CVE-2026-47267
Analyzed
8.3
Intel Gogs

Gogs is an open source self-hosted Git service

2026-06-25
CVE-2026-4726
7.5
Unknown Multiple Products

Denial-of-service in the XML component

2026-03-26
CVE-2026-4725
Analyzed
10
Mozilla Firefox and Thunderbird

A use-after-free vulnerability in the Graphics: Canvas2D component of Mozilla Firefox and Thunderbird enables a critical sandbox escape.

2026-03-25
CVE-2026-4723
Analyzed
9.8
Mozilla Firefox and Thunderbird

A use-after-free vulnerability in the JavaScript Engine of Mozilla Firefox and Thunderbird allows for critical remote code execution.

2026-03-25
CVE-2026-47220
Analyzed
7.5
Envoy Proxy Envoy

Envoy is an open source edge and service proxy designed for cloud-native applications

2026-06-28
CVE-2026-4722
8.8
Privilege Multiple Products

Privilege escalation in the IPC component

2026-03-25
CVE-2026-47210
Analyzed
9.8
Unknown vm2

The vm2 sandbox for Node.js is vulnerable to a sandbox escape that allows arbitrary code execution in the host process when using WebAssembly JSPI.

2026-06-13
CVE-2026-47209
Analyzed
8.6
Unknown vm2 (Node.js sandbox)

vm2 is an open source vm/sandbox for Node

2026-06-13
CVE-2026-47208
Analyzed
10
Docker vm2

A sandbox breakout vulnerability in vm2 allows unauthenticated attackers to execute arbitrary commands on the host system via promise manipulation.

2026-06-13
CVE-2026-47201
Analyzed
8.5
Unknown authentik

authentik is an open-source identity provider

2026-06-04
CVE-2026-47193
Analyzed
7.5
OpenProject OpenProject

OpenProject is open-source, web-based project management software

2026-06-28
CVE-2026-4719
7.5
Unknown Multiple Products

Incorrect boundary conditions in the Graphics: Text component

2026-03-26
CVE-2026-4718
8.1
Signal Multiple Products

Undefined behavior in the WebRTC: Signaling component

2026-03-26
CVE-2026-4717
Analyzed
9.8
Mozilla Firefox and Thunderbird

A privilege escalation vulnerability exists in the Netmonitor component of Mozilla Firefox and Thunderbird. Successful exploitation could allow an att...

2026-03-25
CVE-2026-47162
Analyzed
8.8
Vim Vim

Vim is an open source, command line text editor

2026-06-13
CVE-2026-4716
Analyzed
9.1
Unknown Multiple Products

Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9,...

2026-03-25
CVE-2026-4715
Analyzed
9.1
Mozilla Firefox and Thunderbird

An uninitialized memory vulnerability in the Graphics: Canvas2D component affects Mozilla Firefox and Thunderbird, leading to potential memory corrupt...

2026-03-25
CVE-2026-47140
Analyzed
10
Linux vm2

An incomplete denylist of Node.js builtins in vm2 allows unauthenticated attackers to escape the sandbox and execute code in the host process.

2026-06-13
CVE-2026-4714
7.5
Unknown Multiple Products

Incorrect boundary conditions in the Audio/Video component

2026-03-26
CVE-2026-47139
Analyzed
8.6
Unknown vm2 (Node.js sandbox)

vm2 is an open source vm/sandbox for Node

2026-06-13
CVE-2026-47137
Analyzed
10
Unknown vm2

An improper security check implementation in vm2 allows unauthenticated attackers to bypass sandbox restrictions and achieve remote code execution.

2026-06-13
CVE-2026-47135
Analyzed
8.7
Unknown vm2 (Node.js sandbox)

vm2 is an open source vm/sandbox for Node

2026-06-13
CVE-2026-47131
Analyzed
10
Unknown vm2

A sandbox escape vulnerability in vm2 allows unauthenticated attackers to execute arbitrary code on the host system via prototype mutation.

2026-06-13
CVE-2026-4713
7.5
Unknown Multiple Products

Incorrect boundary conditions in the Graphics component

2026-03-26
CVE-2026-47125
Analyzed
8.8
Docker containers

Arcane is an interface for managing Docker containers, images, networks, and volumes

2026-05-30
CVE-2026-4712
7.5
Infor Multiple Products

Information disclosure in the Widget: Cocoa component

2026-03-26
CVE-2026-47117
Analyzed
9.8
OpenMed Multiple Products

OpenMed contains a remote code execution vulnerability in its PII privacy-filter model loading path, allowing unauthenticated attackers to execute arb...

2026-06-03
CVE-2026-47114
Analyzed
8.8
IINA Multiple Products

IINA before 1

2026-05-22
CVE-2026-4711
Analyzed
9.8
Apple Firefox and Thunderbird

A use-after-free vulnerability in the Widget: Cocoa component of Mozilla products on macOS allows for remote code execution via malicious web interact...

2026-03-25
CVE-2026-47107
Analyzed
9.6
Windmill Windmill

Windmill contains a sandbox escape vulnerability due to incorrect default permissions in nsjail configurations, allowing authenticated users to modify...

2026-05-20