17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 3901-3950 of 17426 CVEs Page 79 of 349
CVE-2026-35569
8.7
SEO Multiple Products

ApostropheCMS is an open-source Node

2026-04-16
CVE-2026-35567
8.8
HP is used

ChurchCRM is an open-source church management system

2026-04-08
CVE-2026-35563
Analyzed
8.5
Apache Directory LDAP API

It was identified that the LDAP client implementation in version 2

2026-06-04
CVE-2026-35562
Analyzed
7.5
Unknown Athena ODBC Driver

Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2

2026-04-04
CVE-2026-35561
Analyzed
7.4
Intel Athena ODBC Driver

Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2

2026-04-04
CVE-2026-35560
Analyzed
7.4
Unknown Athena ODBC Driver

Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2

2026-04-04
CVE-2026-3556
8.8
Philips Hue Bridge

Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability

2026-03-17
CVE-2026-35558
Analyzed
7.8
Unknown Athena ODBC driver

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2

2026-04-04
CVE-2026-35554
8.7
Apache Kafka Java

A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics

2026-04-08
CVE-2026-3555
8
Philips Hue Bridge

Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability

2026-03-17
CVE-2026-35548
8.5
Plugins of valid

An issue was discovered in guardsix (formerly Logpoint) ODBC Enrichment Plugins before 5

2026-04-23
CVE-2026-35547
Analyzed
9.1
Unknown libnv

A heap-based buffer overflow in libnv, caused by improper message size validation, allows for system crashes or potential privilege escalation.

2026-05-01
CVE-2026-35546
Analyzed
9.8
Arch Multiple Products

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, enabling attackers to plant a...

2026-04-18
CVE-2026-35535
Analyzed
7.4
Linux Sudo

In Sudo through 1

2026-04-04
CVE-2026-35534
7.6
HP due to

ChurchCRM is an open-source church management system

2026-04-09
CVE-2026-35533
7.7
Terraform Multiple Products

mise manages dev tools like node, python, cmake, and terraform

2026-04-09
CVE-2026-35526
7.5
Strawberry Multiple Products

Strawberry GraphQL is a library for creating GraphQL APIs

2026-04-09
CVE-2026-35523
7.5
Strawberry Multiple Products

Strawberry GraphQL is a library for creating GraphQL APIs

2026-04-09
CVE-2026-35521
8.8
DHCP Multiple Products

FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface

2026-04-08
CVE-2026-35520
8.8
DHCP Multiple Products

FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface

2026-04-08
CVE-2026-35519
8.8
DNS Multiple Products

FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface

2026-04-08
CVE-2026-35518
8.8
DNS Multiple Products

FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface

2026-04-08
CVE-2026-35517
8.8
Unknown Multiple Products

FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface

2026-04-08
CVE-2026-35503
Analyzed
9.8
SenseLive X3050 Multiple Products

A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hard...

2026-04-24
CVE-2026-35490
Analyzed
9.8
Unknown changedetection.io

An improper decorator ordering in changedetection.io causes authentication wrappers to be bypassed, exposing sensitive routes to unauthenticated acces...

2026-04-08
CVE-2026-35488
8.1
Tandoor Multiple Products

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists

2026-04-08
CVE-2026-35486
7.5
Unknown Multiple Products

text-generation-webui is an open-source web interface for running Large Language Models

2026-04-09
CVE-2026-35485
7.5
Unknown Multiple Products

text-generation-webui is an open-source web interface for running Large Language Models

2026-04-09
CVE-2026-35478
8.3
Unknown Multiple Products

InvenTree is an Open Source Inventory Management System

2026-04-09
CVE-2026-35471
Analyzed
9.8
Unknown goshs

The goshs SimpleHTTPServer exhibits a path traversal flaw in the file deletion function due to improper handling of return values.

2026-04-07
CVE-2026-35470
8.8
HP files across

OpenSTAManager is an open source management software for technical assistance and invoicing

2026-04-07
CVE-2026-3547
7.5
Apache Multiple Products

Out-of-bounds read in ALPN parsing due to incomplete validation

2026-03-20
CVE-2026-35467
Analyzed
7.5
Unknown Temporary Browser Client

The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of t...

2026-04-04
CVE-2026-35465
7.5
SecureDrop Multiple Products

SecureDrop Client is a desktop app for journalists to securely communicate with sources and handle submissions on the SecureDrop Workstation

2026-04-18
CVE-2026-35464
7.5
Unknown Multiple Products

pyLoad is a free and open-source download manager written in Python

2026-04-09
CVE-2026-35463
8.8
Unknown Multiple Products

pyLoad is a free and open-source download manager written in Python

2026-04-08
CVE-2026-35457
8.2
Unknown Multiple Products

libp2p-rust is the official rust language Implementation of the libp2p networking stack

2026-04-08
CVE-2026-35446
7.7
Arch and Imaging

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging r...

2026-04-09
CVE-2026-35442
8.1
Unknown Multiple Products

Directus is a real-time API and App dashboard for managing SQL database content

2026-04-07
CVE-2026-3544
8.8
Google Chrome prior

Heap buffer overflow in WebCodecs in Google Chrome prior to 145

2026-03-06
CVE-2026-35439
8.8
Microsoft Office SharePoint

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network

2026-05-13
CVE-2026-35438
Analyzed
8.3
Microsoft Multiple Products

Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network

2026-05-13
CVE-2026-35436
Analyzed
8.8
Microsoft Office Click

Insufficient granularity of access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally

2026-05-13
CVE-2026-35435
8.6
Microsoft AI Foundry

Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network

2026-05-08
CVE-2026-35431
Analyzed
10
Microsoft Entra ID

A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Entra ID Entitlement Management allows unauthorized attackers to perform spoofing over...

2026-04-24
CVE-2026-35430
Analyzed
8.8
Microsoft Privileged Identity Management

Authorization bypass through user-controlled key in Azure Privileged Identity Management (PIM) allows an authorized attacker to elevate privileges ove...

2026-05-27
CVE-2026-3543
8.8
Google Chrome prior

Inappropriate implementation in V8 in Google Chrome prior to 145

2026-03-06
CVE-2026-35428
Analyzed
9.6
Microsoft Cloud Shell

A command injection vulnerability in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network.

2026-05-08
CVE-2026-3542
8.8
Google Chrome prior

Inappropriate implementation in WebAssembly in Google Chrome prior to 145

2026-03-06
CVE-2026-3541
8.8
Google Chrome prior

Inappropriate implementation in CSS in Google Chrome prior to 145

2026-03-06