17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 2451-2500 of 17426 CVEs Page 50 of 349
CVE-2026-45350
Analyzed
7.1
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-4535
8.8
Tenda FH451

A vulnerability has been found in Tenda FH451 1

2026-03-22
CVE-2026-45349
Analyzed
7.1
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-17
CVE-2026-45348
Analyzed
8.7
Unknown Multiple Products

pyLoad is a free and open-source download manager written in Python

2026-05-29
CVE-2026-4534
8.8
Tenda FH451

A flaw has been found in Tenda FH451 1

2026-03-22
CVE-2026-45338
Analyzed
7.7
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45331
Analyzed
8.5
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45321
KEV Analyzed
9.6
GitHub Actions OIDC

GitHub Actions OIDC was exploited to publish malicious npm packages by chaining multiple vulnerabilities, including cache poisoning and token extracti...

2026-05-12
CVE-2026-45315
Analyzed
8.7
Intel Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45312
Analyzed
9.9
RAGFlow RAGFlow

A Jinja2 template injection vulnerability in RAGFlow's prompt generator allows authenticated users to execute arbitrary OS commands on the server.

2026-05-30
CVE-2026-45303
7.7
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45301
8.1
Intel Multiple Products

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

2026-05-16
CVE-2026-45298
Analyzed
8.6
Docker containers

Dozzle is a realtime log viewer for docker containers

2026-05-29
CVE-2026-4529
Analyzed
8.8
HP Multiple Products

A vulnerability was identified in D-Link DHP-1320 1

2026-03-22
CVE-2026-45288
Analyzed
9.8
Arch APIs interpolated

Marten is a .NET Transactional Document DB and Event Store on PostgreSQL. Prior to 8.36.1, Marten's full-text search APIs interpolated the user-suppli...

2026-05-29
CVE-2026-4528
7.3
Unknown Multiple Products

A vulnerability was determined in trueleaf ApiFlow 0

2026-03-22
CVE-2026-45257
Analyzed
7.8
FreeBSD FreeBSD

The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify

2026-06-27
CVE-2026-45255
Analyzed
7.5
Unknown Multiple Products

When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog(1) to prompt the...

2026-05-22
CVE-2026-45253
Analyzed
8.4
Unknown Multiple Products

ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) and __syscall(2) meta-system calls

2026-05-22
CVE-2026-45251
Analyzed
7.8
Unknown Multiple Products

A file descriptor can be closed while a thread is blocked in a poll(2) or select(2) call waiting for that descriptor

2026-05-22
CVE-2026-45250
Analyzed
7.8
Unknown Multiple Products

The setcred(2) system call is only available to privileged users

2026-05-22
CVE-2026-4525
7.5
Unknown Multiple Products

If a Vault auth mount is configured to pass through the "Authorization" header, and the "Authorization" header is used to authenticate to Vault, Vault...

2026-04-17
CVE-2026-45247
KEV Analyzed
9.8
HP Full Page Cache Warmer for Magento 2

Mirasvit Full Page Cache Warmer for Magento 2 contains a PHP object injection vulnerability allowing unauthenticated RCE via the CacheWarmer cookie.

2026-05-27
CVE-2026-45245
Analyzed
7.4
Unknown Multiple Products

Summarize prior to 0

2026-05-19
CVE-2026-45242
Analyzed
7.1
Unknown Multiple Products

Summarize prior to 0

2026-05-19
CVE-2026-45233
Analyzed
8.1
HTMLy CMS

HTMLy CMS through 3

2026-06-27
CVE-2026-45230
Analyzed
9.1
DumbAssets DumbAssets

DumbAssets contains a path traversal vulnerability in the file deletion API that allows unauthenticated attackers to delete arbitrary files, resulting...

2026-05-19
CVE-2026-45229
8.8
Drive Multiple Products

Quark Drive before 0

2026-05-14
CVE-2026-45227
8.8
Heym Multiple Products

Heym before 0

2026-05-13
CVE-2026-45224
7.1
Crabbox Multiple Products

Crabbox before 0

2026-05-12
CVE-2026-45223
8.8
Crabbox Multiple Products

Crabbox before 0

2026-05-12
CVE-2026-45216
Analyzed
8.8
StoreApps Smart Manager

Incorrect Privilege Assignment vulnerability in StoreApps Smart Manager allows Privilege Escalation

2026-05-27
CVE-2026-45214
8.5
Xpro Xpro Elementor Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons...

2026-05-13
CVE-2026-45211
8.5
Saad Iqbal APIExperts Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woo...

2026-05-13
CVE-2026-45208
Analyzed
7.8
Apex Multiple Products

A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations

2026-05-22
CVE-2026-45207
Analyzed
7.8
Apex Multiple Products

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations

2026-05-22
CVE-2026-45206
Analyzed
7.8
Apex Multiple Products

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations

2026-05-22
CVE-2026-45195
Analyzed
7.8
Imagination Graphics DDK

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the pe...

2026-06-27
CVE-2026-45185
Analyzed
9.8
Exim Multiple Products

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a cl...

2026-05-13
CVE-2026-45137
Analyzed
8.2
Unknown Multiple Products

Anchor is a framework providing several convenient developer tools for writing Solana programs

2026-05-29
CVE-2026-45135
Analyzed
8.1
Caddy Caddy Server

Caddy is an extensible server platform that uses TLS by default

2026-06-24
CVE-2026-45132
Analyzed
10
GitHub Open Source Helm Charts

A GitHub Actions workflow in CloudPirates Helm Charts exposes Personal Access Tokens and SSH signing keys to untrusted code.

2026-06-02
CVE-2026-45131
Analyzed
10
GitHub Open Source Helm Charts

A GitHub Actions workflow in CloudPirates Helm Charts executes attacker-controlled code from forks, exposing repository secrets.

2026-06-02
CVE-2026-45108
Analyzed
8.4
Microsoft Azure Entra

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune

2026-05-29
CVE-2026-45102
Analyzed
9.9
OneUptime OneUptime

OneUptime is vulnerable to a sandbox escape in its Node.js environment due to the improper use of the vm module.

2026-05-28
CVE-2026-45091
Analyzed
9.1
Unknown sealed-env

The sealed-env library incorrectly embeds literal TOTP secrets in unencrypted JWS payloads, allowing unauthorized parties to extract sensitive credent...

2026-05-13
CVE-2026-45089
Analyzed
8.2
Unknown Multiple Products

Dalfox is a powerful open-source XSS scanner and utility focused on automation

2026-05-29
CVE-2026-45087
Analyzed
10
Dalfox Dalfox

Dalfox contains an unauthenticated remote code execution vulnerability in its REST API server mode due to insecure deserialization of scan options.

2026-05-28
CVE-2026-4508
7.3
HP of the

A vulnerability was identified in PbootCMS up to 3

2026-03-22
CVE-2026-45060
Analyzed
9.8
HP ClipBucket

The ClipBucket video sharing platform is vulnerable to unauthenticated blind SQL injection, allowing attackers to execute unauthorized database querie...

2026-06-12