17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 3501-3550 of 17426 CVEs Page 71 of 349
CVE-2026-40217
8.8
LiteLLM Multiple Products

LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/test_custom_code URI

2026-04-11
CVE-2026-4021
8.1
WordPress is vulnerable

The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in all versions up to, and includ...

2026-03-24
CVE-2026-40200
8.1
Unknown Multiple Products

An issue was discovered in musl libc 0

2026-04-11
CVE-2026-4020
7.5
WordPress is vulnerable

The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2

2026-03-31
CVE-2026-40196
8.1
Unknown Multiple Products

HomeBox is a home inventory and organization system

2026-04-18
CVE-2026-40193
8.2
Oracle or via

maddy is a composable, all-in-one mail server

2026-04-16
CVE-2026-40188
7.7
Unknown Multiple Products

goshs is a SimpleHTTPServer written in Go

2026-04-11
CVE-2026-40185
7.1
Unknown Multiple Products

TREK is a collaborative travel planner

2026-04-12
CVE-2026-40176
7.8
HP Multiple Products

Composer is a dependency manager for PHP

2026-04-17
CVE-2026-40175
Analyzed
10
AWS IMDSv2 bypass

Axios is vulnerable to a prototype pollution attack chain that can be escalated to remote code execution or AWS IMDSv2 bypass.

2026-04-11
CVE-2026-40173
Analyzed
9.4
Unknown Multiple Products

Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where...

2026-04-16
CVE-2026-40170
7.5
Unknown Multiple Products

ngtcp2 is a C implementation of the IETF QUIC protocol

2026-04-17
CVE-2026-40168
8.2
Unknown Multiple Products

Postiz is an AI social media scheduling tool

2026-04-11
CVE-2026-40165
Analyzed
8.7
Unknown Multiple Products

authentik is an open-source identity provider

2026-05-21
CVE-2026-40164
7.5
Unknown Multiple Products

jq is a command-line JSON processor

2026-04-14
CVE-2026-40163
Analyzed
8.2
Unknown Multiple Products

Saltcorn is an extensible, open source, no-code database application builder

2026-04-11
CVE-2026-40162
7.1
Unknown Multiple Products

Bugsink is a self-hosted error tracking tool

2026-04-12
CVE-2026-40161
7.7
GitLab token

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines

2026-04-22
CVE-2026-40158
8.6
Microsoft system

PraisonAI is a multi-agent teams system

2026-04-11
CVE-2026-40156
7.8
Microsoft system

PraisonAI is a multi-agent teams system

2026-04-11
CVE-2026-40154
Analyzed
9.3
Microsoft system

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI treats remotely fetched template files as trusted executable code without integri...

2026-04-10
CVE-2026-40150
7.7
Microsoft system

PraisonAIAgents is a multi-agent teams system

2026-04-10
CVE-2026-40149
7.9
Microsoft system

PraisonAI is a multi-agent teams system

2026-04-10
CVE-2026-40141
Analyzed
8.5
BeyondTrust Remote Support and Privileged Remote Access

A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processi...

2026-07-07
CVE-2026-40140
Analyzed
8.7
BeyondTrust Remote Support and Privileged Remote Access

BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsyste...

2026-07-07
CVE-2026-40139
Analyzed
9.2
BeyondTrust Remote Support and Privileged Remote Access

A pre-authentication vulnerability in BeyondTrust Remote Support and Privileged Remote Access allows unauthenticated attackers to bypass access contro...

2026-07-07
CVE-2026-40138
Analyzed
9.2
BeyondTrust Remote Support

A pre-authentication vulnerability in the BeyondTrust Remote Support and Privileged Remote Access authentication subsystem allows attackers to bypass...

2026-07-07
CVE-2026-40116
7.5
Microsoft system

PraisonAI is a multi-agent teams system

2026-04-11
CVE-2026-40113
8.4
Microsoft system

PraisonAI is a multi-agent teams system

2026-04-10
CVE-2026-40093
8.1
Unknown Multiple Products

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation

2026-04-10
CVE-2026-40092
Analyzed
7.5
Unknown Multiple Products

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation

2026-05-22
CVE-2026-40089
Analyzed
9.9
Docker Compose stack

Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The Sonicverse Radio Audio Streaming Stack dashboard contains a Server-Side...

2026-04-10
CVE-2026-40088
Analyzed
9.6
Microsoft system

PraisonAI is a multi-agent teams system. Prior to 4.5.121, the execute_command function and workflow shell execution are exposed to user-controlled in...

2026-04-10
CVE-2026-4008
8.8
Tenda W3

A flaw has been found in Tenda W3 1

2026-03-12
CVE-2026-40079
Analyzed
8.6
Cacti Cacti

Cacti is an open source performance and fault management framework

2026-06-25
CVE-2026-40070
8.1
Unknown Multiple Products

BSV Ruby SDK is the Ruby SDK for the BSV blockchain

2026-04-10
CVE-2026-4007
8.8
Tenda W3

A vulnerability was detected in Tenda W3 1

2026-03-12
CVE-2026-40069
7.5
Unknown Multiple Products

BSV Ruby SDK is the Ruby SDK for the BSV blockchain

2026-04-11
CVE-2026-40066
8.8
Anviz Multiple Products

Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded

2026-04-18
CVE-2026-40062
7.5
Infor Multiple Products

A path Traversal vulnerability exists in Ziostation2 v2

2026-04-24
CVE-2026-40061
8.7
Unknown Multiple Products

When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may allow an authenti...

2026-05-14
CVE-2026-40050
Analyzed
9.8
CrowdStrike LogScale

A critical unauthenticated path traversal vulnerability in CrowdStrike LogScale allows remote attackers to read arbitrary files from the server filesy...

2026-04-22
CVE-2026-40048
7.8
Apache Camel

The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of `<keyId>

2026-04-28
CVE-2026-40047
Analyzed
9.1
Apache Apache Camel

An argument injection vulnerability in the Apache Camel Docling component allows attackers to inject malicious CLI flags and perform directory travers...

2026-07-07
CVE-2026-40046
7.5
Apache ActiveMQ

Integer Overflow or Wraparound vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT

2026-04-11
CVE-2026-40044
Analyzed
9.8
HP object payloads

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialize...

2026-04-14
CVE-2026-40042
Analyzed
9.8
Pachno Multiple Products

Pachno 1.0.6 contains an XML external entity injection vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting unsaf...

2026-04-14
CVE-2026-40040
8.8
HP Multiple Products

Pachno 1

2026-04-14
CVE-2026-40038
7.2
Pachno Multiple Products

Pachno 1

2026-04-14
CVE-2026-40036
7.5
Unfurl Multiple Products

Unfurl before 2026

2026-04-10