17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 2501-2550 of 17426 CVEs Page 51 of 349
CVE-2026-4504
7.3
Unknown Multiple Products

A flaw has been found in eosphoros-ai db-gpt up to 0

2026-03-22
CVE-2026-45039
Analyzed
9.8
RustFS Distributed Object Storage System

RustFS uses a hardcoded default secret key for internode RPC authentication, allowing attackers to bypass security if the environment is not explicitl...

2026-05-29
CVE-2026-45037
Analyzed
7.1
ABB Multiple Products

Tabby (formerly Terminus) is a highly configurable terminal emulator

2026-05-17
CVE-2026-45036
Analyzed
7
ABB Multiple Products

Tabby (formerly Terminus) is a highly configurable terminal emulator

2026-05-17
CVE-2026-45034
Analyzed
9.2
Microsoft PhpSpreadsheet

An input validation flaw in PhpSpreadsheet allows attackers to bypass wrapper protections, leading to potential Remote Code Execution (RCE) via phar d...

2026-06-23
CVE-2026-4503
7.5
IBM Langflow Desktop

IBM Langflow Desktop 1

2026-05-01
CVE-2026-45013
Analyzed
8.1
Intel ApostropheCMS

ApostropheCMS is an open-source Node

2026-06-14
CVE-2026-45010
Analyzed
9.1
HP phpMyFAQ

phpMyFAQ lacks rate limiting on its TOTP authentication endpoint, allowing unauthenticated attackers to brute-force two-factor authentication tokens.

2026-05-16
CVE-2026-45006
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-12
CVE-2026-45004
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-12
CVE-2026-45001
7.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-12
CVE-2026-44995
7.3
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-12
CVE-2026-44990
Analyzed
9.3
ApostropheCMS sanitize-html

The sanitize-html library contains a sanitizer bypass vulnerability that can lead to stored XSS in applications rendering user-controlled content.

2026-06-13
CVE-2026-4499
7.3
D-Link DIR

A vulnerability was determined in D-Link DIR-820LW 2

2026-03-22
CVE-2026-44988
Analyzed
8.8
VNC Multiple Products

LibVNCClient is a library for easy implementation of a VNC client

2026-05-28
CVE-2026-4498
7.7
Arch RBAC scope

Execution with Unnecessary Privileges (CWE-250) in Kibana’s Fleet plugin debug route handlers can lead reading index data beyond their direct Elastics...

2026-04-09
CVE-2026-44971
Analyzed
8.2
GitHub credentials with

GuardDog is a CLI tool to identify malicious PyPI packages

2026-05-29
CVE-2026-4497
7.3
TOTOLINK Multiple Products

A vulnerability was determined in Totolink WA300 5

2026-03-22
CVE-2026-44966
Analyzed
8.3
Shepherdwind Velocity.js

Velocity

2026-06-04
CVE-2026-44962
Analyzed
9.9
Arch functionality

Plesk contains an XPath injection vulnerability in the APS Application Catalog search functionality, where user-supplied input is interpolated into XP...

2026-05-30
CVE-2026-44959
Analyzed
8.8
Revive Adserver

A missing validation of user input exists when saving delivery limitations in Revive Adserver 6

2026-06-24
CVE-2026-44946
Analyzed
9.5
SUSE Rancher

Rancher's SAML Assertion Consumer Service handler is vulnerable to authentication replay attacks due to a failure to enforce one-time use of SAML asse...

2026-07-01
CVE-2026-44941
Analyzed
8.4
SUSE libzypp

A relative path traversal in the "keyhint" option in repomd

2026-07-03
CVE-2026-44937
Analyzed
8.3
SUSE Rancher Fleet

Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0

2026-07-07
CVE-2026-44935
Analyzed
9.9
Kubernetes Rancher

A missing validation vulnerability in the SUSE Rancher Fleet Helm Deployer allows authenticated tenants to access the fleet credentials of other tenan...

2026-07-03
CVE-2026-44934
Analyzed
7
SUSE Rancher AI Agent

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1

2026-07-06
CVE-2026-44933
Analyzed
7.8
Unknown Multiple Products

`PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot`, this root is frequently `/` (the system root) in standard configurations or w...

2026-05-21
CVE-2026-44932
Analyzed
8.8
Linux wicked dhcp client

Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0

2026-06-17
CVE-2026-4493
8.8
Tenda A18 Pro

A vulnerability was determined in Tenda A18 Pro 02

2026-03-21
CVE-2026-44926
Analyzed
8.8
CmdServer Multiple Products

InfoScale CmdServer before 7

2026-05-21
CVE-2026-44925
Analyzed
8.8
InfoScale Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v

2026-05-21
CVE-2026-4492
8.8
Tenda A18 Pro

A vulnerability was found in Tenda A18 Pro 02

2026-03-21
CVE-2026-44914
Analyzed
7.5
Apache NiFi

Apache NiFi 1

2026-06-22
CVE-2026-4491
8.8
Tenda A18 Pro

A vulnerability has been found in Tenda A18 Pro 02

2026-03-21
CVE-2026-4490
8.8
Tenda A18 Pro

A flaw has been found in Tenda A18 Pro 02

2026-03-21
CVE-2026-44894
Analyzed
7.5
Netty Project Netty

Netty is a network application framework for development of protocol servers and clients

2026-06-15
CVE-2026-44893
Analyzed
7.5
Netty Project Netty

Netty is a network application framework for development of protocol servers and clients

2026-06-15
CVE-2026-44892
Analyzed
7.5
Netty Project Netty

Netty is a network application framework for development of protocol servers and clients

2026-06-15
CVE-2026-44890
Analyzed
7.5
Netty Netty

Netty is a network application framework for development of protocol servers and clients

2026-06-15
CVE-2026-4489
8.8
Tenda A18 Pro

A vulnerability was detected in Tenda A18 Pro 02

2026-03-21
CVE-2026-44888
Analyzed
9.8
Pi.Alert Pi.Alert

Pi.Alert is vulnerable to unauthenticated remote code execution through the configuration save endpoint, allowing arbitrary Python code injection.

2026-05-28
CVE-2026-44887
Analyzed
9.8
Pi.Alert Pi.Alert

Pi.Alert is vulnerable to unauthenticated remote code execution due to improper validation of configuration files, allowing arbitrary Python code exec...

2026-05-28
CVE-2026-4488
8.8
UTT Multiple Products

A vulnerability was identified in UTT HiPER 1250GW up to 3

2026-03-21
CVE-2026-4487
8.8
UTT Multiple Products

A vulnerability was determined in UTT HiPER 1200GW up to 2

2026-03-21
CVE-2026-4486
8.8
D-Link DIR

A vulnerability was found in D-Link DIR-513 1

2026-03-21
CVE-2026-44850
Analyzed
8.5
Docker API

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubern...

2026-05-29
CVE-2026-44849
Analyzed
8.8
Docker Portainer Community Edition / Swarm

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubern...

2026-06-02
CVE-2026-44848
Analyzed
8.8
Docker Portainer Community Edition

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubern...

2026-06-02
CVE-2026-4484
Analyzed
9.8
WordPress is vulnerable

The Masteriyo LMS plugin for WordPress allows authenticated Student-level users to escalate their privileges to Administrator via the InstructorsContr...

2026-03-26
CVE-2026-44832
Analyzed
8.8
Snipe-IT IT Asset/License Management System

Snipe-IT is an IT asset/license management system

2026-05-27