17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 2951-3000 of 17426 CVEs Page 60 of 349
CVE-2026-42511
7.3
Unknown Multiple Products

The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient

2026-05-01
CVE-2026-42503
8.8
Unknown Multiple Products

gopls by default communicates via pipe

2026-05-07
CVE-2026-42501
7.5
Unknown Multiple Products

A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation

2026-05-09
CVE-2026-42499
7.5
Unknown Multiple Products

Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322

2026-05-09
CVE-2026-4249
Analyzed
8.6
WSO2 Universal Gateway, Traffic Manager, API Control Plane, API Manager

The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure...

2026-07-07
CVE-2026-42485
Analyzed
7.5
Unknown Multiple Products

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library

2026-05-02
CVE-2026-42484
Analyzed
9.8
Hashcat Hashcat

A heap-based buffer overflow in the PKZIP hash parser of Hashcat v7.1.2 allows attackers to cause a denial of service or execute arbitrary code via a...

2026-05-02
CVE-2026-42483
Analyzed
9.8
Hashcat Hashcat

A heap-based buffer overflow in the Kerberos hash parser of Hashcat v7.1.2 allows for potential arbitrary code execution via a crafted hash file.

2026-05-02
CVE-2026-42482
Analyzed
9.8
Hashcat Hashcat

A stack-based buffer overflow in Hashcat v7.1.2 allows remote code execution or denial of service via crafted rule files or specific rule options.

2026-05-02
CVE-2026-4248
8
WordPress is vulnerable

The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2

2026-03-28
CVE-2026-42478
7.5
Unknown Multiple Products

An issue was discovered in VrmlData_IndexedFaceSet::TShape in the VRML V2

2026-05-02
CVE-2026-42477
7.1
Infor Multiple Products

A heap-based out-of-bounds read vulnerability in RWObj_Reader::read in the OBJ file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows user-as...

2026-05-02
CVE-2026-42476
7.1
Infor Multiple Products

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 exist in RWStl_Reader::Rea...

2026-05-02
CVE-2026-42473
Analyzed
9.8
HP Framework

The MixPHP Framework is vulnerable to unsafe deserialization of session and cache data stored on the filesystem, potentially allowing remote code exec...

2026-05-02
CVE-2026-42472
Analyzed
9.8
HP Framework

The MixPHP Framework is vulnerable to unsafe deserialization of session and cache data stored in Redis, potentially allowing remote code execution.

2026-05-02
CVE-2026-42471
8.1
HP Framework

Unsafe deserialization vulnerability in MixPHP Framework 2

2026-05-02
CVE-2026-42469
8.6
Unknown Multiple Products

Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3

2026-05-02
CVE-2026-42468
8.8
Unknown Multiple Products

Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3

2026-05-02
CVE-2026-42467
7.5
Unknown Multiple Products

An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Binary_Data_Transfer_DM1...

2026-05-02
CVE-2026-42457
Analyzed
9
Kubernetes platform for

A stored Cross-Site Scripting (XSS) vulnerability in the vCluster Platform allows attackers to execute arbitrary scripts and potentially escalate priv...

2026-05-15
CVE-2026-42454
Analyzed
9.9
Docker container management

Termix is vulnerable to OS command injection in its Docker management endpoints, leading to remote code execution.

2026-05-09
CVE-2026-42452
8.1
Unknown Multiple Products

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities

2026-05-09
CVE-2026-42450
Analyzed
8.4
Unknown OpenColorIO

OpenColorIO is a color management framework for visual effects and animation

2026-06-25
CVE-2026-42449
8.5
MCP Multiple Products

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations

2026-05-08
CVE-2026-42440
Analyzed
7.5
Apache OpenNLP AbstractModelReader

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader  Versions Affected:  before 2

2026-05-06
CVE-2026-42439
8.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-42438
7.7
OpenClaw Multiple Products

OpenClaw versions 2026

2026-05-06
CVE-2026-42437
7.5
OpenClaw Multiple Products

OpenClaw versions 2026

2026-05-06
CVE-2026-42436
7.7
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-42435
8.8
Unknown Multiple Products

OpenClaw versions from 2026

2026-05-06
CVE-2026-42434
8.8
OpenClaw Multiple Products

OpenClaw versions 2026

2026-05-06
CVE-2026-42432
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-42431
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-42426
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-42423
7.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-42422
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-42411
Analyzed
8.1
WordPress CloudSecure WP Security

Unauthenticated Broken Authentication in CloudSecure WP Security <= 1

2026-06-16
CVE-2026-42406
8.7
Certificate Multiple Products

A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can m...

2026-05-14
CVE-2026-42403
7.5
Apache Neethi does

Apache Neethi does not properly detect circular references in policy definitions

2026-05-02
CVE-2026-42402
7.5
Apache Neethi is

Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization

2026-05-02
CVE-2026-42383
Analyzed
7.6
YITH YITH WooCommerce Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Bli...

2026-05-21
CVE-2026-42382
Analyzed
8.1
Elated-Themes Audrey

Unauthenticated Local File Inclusion in Audrey <= 1

2026-07-03
CVE-2026-42379
7.7
WPDeveloper Multiple Products

Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data

2026-04-28
CVE-2026-42376
Analyzed
9.8
D-Link DIR

D-Link DIR-456U Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0...

2026-05-05
CVE-2026-42375
Analyzed
9.8
D-Link DIR

D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh...

2026-05-05
CVE-2026-42374
Analyzed
9.8
D-Link DIR

D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh...

2026-05-05
CVE-2026-42373
Analyzed
9.8
D-Link DIR

D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telne...

2026-05-05
CVE-2026-42372
8.8
D-Link DIR

D-Link DIR-605L Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor

2026-05-05
CVE-2026-42370
Analyzed
9
GeoVision GV-VMS

A stack overflow in the WebCam Server Login functionality of GeoVision GV-VMS 20.0.2 allows unauthenticated remote attackers to achieve arbitrary code...

2026-05-04
CVE-2026-4237
7.3
HP Multiple Products

A flaw has been found in itsourcecode Free Hotel Reservation System 1

2026-03-17