17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 2751-2800 of 17426 CVEs Page 56 of 349
CVE-2026-43904
7.8
Unknown Multiple Products

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation

2026-05-16
CVE-2026-43903
7.8
Unknown Multiple Products

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation

2026-05-16
CVE-2026-43900
Analyzed
9.3
Intel DeepChat AI Platform

A Cross-Site Scripting (XSS) vulnerability exists in DeepChat due to improper sanitization of SVG artifacts, allowing arbitrary JavaScript execution.

2026-05-12
CVE-2026-43899
Analyzed
9.6
Intel DeepChat AI Platform

DeepChat contains an arbitrary protocol execution bypass allowing Remote Code Execution (RCE) via improper handling of native Electron pop-up windows.

2026-05-12
CVE-2026-43898
Analyzed
10
SandboxJS SandboxJS

A sandbox escape vulnerability in SandboxJS allows unauthenticated attackers to execute arbitrary host JavaScript code by leveraging an exposed intern...

2026-05-29
CVE-2026-43893
8.2
Unknown Multiple Products

exiftool-vendored provides cross-platform Node

2026-05-12
CVE-2026-43892
8.8
Unknown Multiple Products

AntSword is a cross-platform website management toolkit

2026-05-13
CVE-2026-43890
7.7
Unknown Multiple Products

Outline is a service that allows for collaborative documentation

2026-05-12
CVE-2026-43888
8.7
Unknown Multiple Products

Outline is a service that allows for collaborative documentation

2026-05-12
CVE-2026-43887
7.3
Unknown Multiple Products

Outline is a service that allows for collaborative documentation

2026-05-12
CVE-2026-43886
8.2
Unknown Multiple Products

Outline is a service that allows for collaborative documentation

2026-05-12
CVE-2026-43884
7.7
HP and objects

WWBN AVideo is an open source video platform

2026-05-12
CVE-2026-4388
7.2
WordPress is vulnerable

The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Matrix field (Text Box input type) in form submissio...

2026-04-14
CVE-2026-43874
7.2
HP Multiple Products

WWBN AVideo is an open source video platform

2026-05-12
CVE-2026-43873
Analyzed
7.5
F5 AVideo

WWBN AVideo is an open source video platform

2026-05-12
CVE-2026-43869
7.3
Apache Thrift

Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift

2026-05-06
CVE-2026-43867
Analyzed
9.8
Apache Camel

A deserialization vulnerability in the Apache Camel PQC component allows attackers with write access to AWS Secrets Manager to execute arbitrary code...

2026-07-07
CVE-2026-43866
Analyzed
7.3
Apache Camel

Deserialization of Untrusted Data vulnerability in Apache Camel, Apache Camel JMS component

2026-07-07
CVE-2026-43865
Analyzed
8.1
Apache Apache Camel

Deserialization of Untrusted Data vulnerability in Apache Camel Hazelcast component

2026-07-07
CVE-2026-43825
Analyzed
7.3
Apache OpenNLP Core ML LibSVM

Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel Versions Affected:   before 3

2026-07-07
CVE-2026-43824
7.7
Kubernetes Secret data

In Argo CD 3

2026-05-02
CVE-2026-43735
Analyzed
8.1
Apple Safari

The issue was addressed with improved checks

2026-07-01
CVE-2026-43731
Analyzed
8.8
Apple Safari

A use-after-free issue was addressed with improved memory management

2026-06-30
CVE-2026-4373
7.5
WordPress is vulnerable

The JetFormBuilder plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 3

2026-03-22
CVE-2026-43725
Analyzed
7.1
Apple Safari

The issue was addressed with improved input validation

2026-06-30
CVE-2026-43724
Analyzed
7.8
Apple iOS and iPadOS

The issue was addressed with improved input sanitization

2026-07-01
CVE-2026-43715
Analyzed
8.8
Apple Safari

A use-after-free issue was addressed with improved memory management

2026-06-30
CVE-2026-43705
Analyzed
8.8
Apple Safari

A type confusion issue was addressed with improved checks

2026-06-30
CVE-2026-4370
Analyzed
10
Canonical Juju

Juju's internal Dqlite database fails to validate TLS certificates, allowing unauthenticated attackers to join the cluster and gain full read/write ac...

2026-04-02
CVE-2026-4365
Analyzed
9.1
WordPress is vulnerable

The LearnPress plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the `delete_question_answer()` fu...

2026-04-14
CVE-2026-43640
8.1
Bitwarden Multiple Products

Bitwarden Server prior to v2026

2026-05-12
CVE-2026-43639
8
Bitwarden Multiple Products

Bitwarden Server prior to v2026

2026-05-12
CVE-2026-43634
Analyzed
7.5
HestiaCP Multiple Products

HestiaCP versions 1

2026-05-20
CVE-2026-43633
Analyzed
10
HP and Node

HestiaCP versions 1.9.0 through 1.9.4 contain a deserialization vulnerability in the web terminal component caused by a session format mismatch betwee...

2026-05-20
CVE-2026-43623
Analyzed
8.8
Unknown microtar

microtar through 0

2026-06-02
CVE-2026-43618
Analyzed
8.1
Rsync Multiple Products

Rsync version 3

2026-05-20
CVE-2026-43616
7.1
Unknown Multiple Products

Detect-It-Easy prior to 3

2026-05-05
CVE-2026-43585
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-07
CVE-2026-43584
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-07
CVE-2026-43581
Analyzed
9.6
Google Sandbox Browser

OpenClaw contains an improper network binding configuration that exposes the Chrome DevTools Protocol externally, allowing unauthorized remote access.

2026-05-07
CVE-2026-43578
Analyzed
9.1
OpenClaw Sandbox Browser

OpenClaw contains a privilege escalation vulnerability where heartbeat owner downgrade detection misses async execution completion events.

2026-05-07
CVE-2026-43575
Analyzed
9.8
OpenClaw Sandbox Browser

OpenClaw contains an authentication bypass in the noVNC helper route, allowing unauthenticated attackers to hijack interactive browser sessions.

2026-05-07
CVE-2026-43573
7.7
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-43571
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-43569
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-43566
Analyzed
9.1
OpenClaw OpenClaw

OpenClaw contains a privilege escalation vulnerability where heartbeat owner downgrade logic incorrectly skips webhook wake events, allowing attackers...

2026-05-06
CVE-2026-43534
Analyzed
9.1
OpenClaw OpenClaw

OpenClaw contains an input validation vulnerability allowing external hook metadata to be enqueued as trusted system events, leading to privilege esca...

2026-05-06
CVE-2026-43533
8.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-43532
7.7
Discord event cover

OpenClaw versions 2026

2026-05-06
CVE-2026-43531
7.3
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06