17783 Total CVEs
9072 AI Analyzed
270 CISA KEV
3625 Critical
All Vendors
Showing 3451-3500 of 17783 CVEs Page 70 of 356
CVE-2026-41327
Analyzed
9.1
Unknown Multiple Products

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacke...

2026-04-25
CVE-2026-41324
7.5
FTP Multiple Products

basic-ftp is an FTP client for Node

2026-04-24
CVE-2026-41323
8.1
Microsoft Multiple Products

Kyverno is a policy engine designed for cloud native platform engineering teams

2026-04-24
CVE-2026-4132
7.2
WordPress is vulnerable

The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code Execution in all versions up to an...

2026-04-24
CVE-2026-41316
8.1
Unknown Multiple Products

ERB is a templating system for Ruby

2026-04-24
CVE-2026-41311
7.5
GitHub Pages compatible

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript

2026-05-10
CVE-2026-41309
8.2
HP Multiple Products

Open Source Social Network (OSSN) is open-source social networking software developed in PHP

2026-04-24
CVE-2026-41303
8.8
Discord text approval

OpenClaw before 2026

2026-04-21
CVE-2026-41302
7.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41299
7.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41297
7.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41296
8.2
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41295
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41294
8.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41292
Analyzed
7.5
Unknown Multiple Products

NLnet Labs Unbound up to and including version 1

2026-05-21
CVE-2026-41283
Analyzed
9.9
OpenStack Mistral

OpenStack Mistral allows arbitrary remote code execution via exposed API endpoints, potentially leading to the exfiltration of sensitive service crede...

2026-06-04
CVE-2026-41279
7.5
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-25
CVE-2026-41278
7.5
Docker validation revealed

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-25
CVE-2026-41277
8.8
DocumentStore Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-25
CVE-2026-41275
7.5
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-25
CVE-2026-41273
8.2
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-25
CVE-2026-41272
7.1
AWS allow attackers

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-24
CVE-2026-41271
7.1
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-24
CVE-2026-41270
7.1
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-24
CVE-2026-41269
7.1
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-24
CVE-2026-41268
7.7
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-24
CVE-2026-41267
8.1
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-24
CVE-2026-41266
7.5
Unknown Multiple Products

Flowise is a drag & drop user interface to build a customized large language model flow

2026-04-25
CVE-2026-41258
Analyzed
9.1
Apache Velocity templates

OpenMRS Core fails to properly sandbox Apache Velocity templates, allowing authenticated users with specific privileges to achieve arbitrary Java refl...

2026-05-16
CVE-2026-41249
Analyzed
8.2
Pimcore CoreShop

CoreShop is a Pimcore enhanced eCommerce solution

2026-06-09
CVE-2026-41248
Analyzed
9.1
Clerk Multiple Products

Clerk JavaScript is the official JavaScript repository for Clerk authentication. createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro ca...

2026-04-25
CVE-2026-41246
8.1
Kubernetes ingress controller

Contour is a Kubernetes ingress controller using Envoy proxy

2026-04-24
CVE-2026-41241
8.7
Arch in the

pretalx is a conference planning tool

2026-04-24
CVE-2026-41236
Analyzed
8.8
Froxlor Server Administration Software

Froxlor is open source server administration software

2026-06-05
CVE-2026-41231
7.5
Unknown Multiple Products

Froxlor is open source server administration software

2026-04-24
CVE-2026-41230
8.5
Unknown Multiple Products

Froxlor is open source server administration software

2026-04-23
CVE-2026-41229
Analyzed
9.1
HP string literals

An injection vulnerability in Froxlor's `PhpHelper` allows administrators to inject and execute arbitrary PHP code via unescaped string literals.

2026-04-23
CVE-2026-41228
Analyzed
9.9
HP code execution

A path traversal flaw in the Froxlor API allows authenticated customers to execute arbitrary PHP code via the `def_language` parameter.

2026-04-23
CVE-2026-41220
7.8
Acronis DeviceLock DLP

Local privilege escalation due to improper input validation

2026-04-30
CVE-2026-41208
8.8
Unknown Multiple Products

Paperclip is a Node

2026-04-23
CVE-2026-41201
Analyzed
9.1
Arch CI4MS

CI4MS contains a stored DOM-based XSS vulnerability in the backup module that can be leveraged for full account takeover.

2026-05-07
CVE-2026-41193
Analyzed
9.1
Arch Multiple Products

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, FreeScout's module installation feature extracts ZIP archives...

2026-04-22
CVE-2026-4119
Analyzed
9.1
WordPress is vulnerable

The Create DB Tables plugin for WordPress is vulnerable to authorization bypass, allowing authenticated attackers to drop or create database tables.

2026-04-23
CVE-2026-41180
7.5
Unknown Multiple Products

PsiTransfer is an open source, self-hosted file sharing solution

2026-04-24
CVE-2026-41175
8.1
Unknown Multiple Products

Statamic is a Laravel and Git powered content management system (CMS)

2026-04-23
CVE-2026-41167
Analyzed
9.1
PostgreSQL host via

Jellystat is vulnerable to SQL injection and subsequent remote code execution due to improper sanitization of user-supplied data in API endpoints.

2026-04-23
CVE-2026-41166
7
Unknown Multiple Products

OpenRemote is an open-source internet-of-things platform

2026-04-24
CVE-2026-41143
8.8
HP at line

YesWiki is a wiki system written in PHP

2026-05-07
CVE-2026-41142
8.8
Unknown Multiple Products

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry

2026-05-07
CVE-2026-41139
8.8
Unknown Multiple Products

Math

2026-05-07