17783 Total CVEs
9072 AI Analyzed
270 CISA KEV
3625 Critical
All Vendors
Showing 4051-4100 of 17783 CVEs Page 82 of 356
CVE-2026-36670
Analyzed
8.8
OpenSIPS Control Panel (opensips-cp)

A Time-Based Blind SQL Injection vulnerability in the alias_management module of OpenSIPS Control Panel (opensips-cp) prior to version 9

2026-06-17
CVE-2026-3666
Analyzed
8.8
WordPress is vulnerable

The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2

2026-04-05
CVE-2026-36608
Analyzed
8.8
Mercusys AC12G (EU) V1 Router

Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interfa...

2026-06-04
CVE-2026-36607
Analyzed
8.8
Mercusys AC12G (EU) V1 Router

Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint (code...

2026-06-04
CVE-2026-3660
Analyzed
9.8
IBM Engineering Lifecycle Management

IBM Engineering Lifecycle Management allows unauthenticated remote attackers to update server property files, potentially resulting in unauthorized ac...

2026-05-27
CVE-2026-3658
7.5
WordPress is vulnerable

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the 'fields' pa...

2026-03-20
CVE-2026-36576
Analyzed
9.8
F5 docker-wkhtmltopdf-aas

An OS command injection vulnerability in the app.py component allows unauthenticated attackers to execute arbitrary commands via a crafted POST reques...

2026-06-04
CVE-2026-3655
Analyzed
9.8
WordPress OTP Login With Phone Number, OTP Verification Plugin

The OTP Login With Phone Number plugin for WordPress is vulnerable to authentication bypass, allowing unauthenticated attackers to hijack user account...

2026-05-29
CVE-2026-3643
7.2
WordPress is vulnerable

The Accessibly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in all versions up to, and including, 3

2026-04-17
CVE-2026-36365
7.8
Unknown Multiple Products

An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via t...

2026-05-06
CVE-2026-36356
Analyzed
9.1
MeiG Smart FORGE_SLT711

The GoAhead web server on MeiG Smart FORGE_SLT711 devices allows unauthenticated remote attackers to perform OS command injection via the /action/SetR...

2026-05-06
CVE-2026-36355
Analyzed
7.7
F5 rtl819x Jungle SDK

The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3

2026-05-06
CVE-2026-36340
8.1
Unknown Multiple Products

An issue in Krayin CRM v

2026-05-01
CVE-2026-3631
7.5
Delta Electronics COMMGR2

Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability

2026-03-09
CVE-2026-3630
Analyzed
9.8
Delta Electronics COMMGR2

Delta Electronics COMMGR2 is affected by a stack-based buffer overflow vulnerability that could lead to arbitrary code execution or system crashes.

2026-03-09
CVE-2026-3629
Analyzed
8.1
WordPress is vulnerable

The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1

2026-03-22
CVE-2026-3621
7.5
IBM WebSphere Application

IBM WebSphere Application Server - Liberty 17

2026-04-24
CVE-2026-3614
8.8
WordPress is vulnerable

The AcyMailing plugin for WordPress is vulnerable to privilege escalation in all versions From 9

2026-04-16
CVE-2026-3611
Analyzed
10
Honeywell IQ4x building

Honeywell IQ4x controllers allow unauthenticated remote attackers to create administrative accounts and take full control of building management syste...

2026-03-13
CVE-2026-3605
8.1
Unknown Multiple Products

An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or...

2026-04-17
CVE-2026-36044
Analyzed
8.8
Unknown Multiple Products

@pensar/apex <= 0

2026-05-28
CVE-2026-3599
7.5
WordPress is vulnerable

The Riaxe Product Customizer plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter keys within 'product_data' of the /wp-jso...

2026-04-17
CVE-2026-3596
Analyzed
9.8
WordPress is vulnerable

The Riaxe Product Customizer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.2. The plugin regist...

2026-04-16
CVE-2026-3593
Analyzed
7.4
Unknown Multiple Products

A use-after-free vulnerability exists within the DNS-over-HTTPS implementation

2026-05-22
CVE-2026-3589
7.5
WordPress plugin from

The WooCommerce WordPress plugin from versions 5

2026-03-07
CVE-2026-3588
7.5
IKEA Dirigera Multiple Products

A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2

2026-03-10
CVE-2026-3587
Analyzed
10
Linux based OS

An unauthenticated remote attacker can escape a restricted CLI interface in certain Linux-based operating systems to gain root access.

2026-03-23
CVE-2026-3584
Analyzed
9.8
WordPress is vulnerable

The Kali Forms WordPress plugin is vulnerable to Remote Code Execution (RCE) via the form_process function, allowing unauthenticated attackers to exec...

2026-03-21
CVE-2026-35682
8.8
Anviz Multiple Products

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution (e

2026-04-18
CVE-2026-35676
Analyzed
8.2
HP Multiple Products

phpMyFAQ before 4

2026-05-29
CVE-2026-35675
Analyzed
8.2
HP Multiple Products

phpMyFAQ before 4

2026-05-29
CVE-2026-35674
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-30
CVE-2026-35671
Analyzed
8.8
HP Multiple Products

phpMyFAQ before 4

2026-05-29
CVE-2026-35669
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35668
7.7
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35666
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35663
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35660
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35653
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35650
7.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-12
CVE-2026-35645
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-10
CVE-2026-35643
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35641
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-3564
Analyzed
9
ConnectWise ScreenConnect

A critical flaw in ScreenConnect allows attackers with access to server-level cryptographic material to obtain unauthorized access and elevated privil...

2026-03-18
CVE-2026-35639
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-10
CVE-2026-35638
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-10
CVE-2026-35625
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-10
CVE-2026-35616
KEV Analyzed
9.8
Fortinet FortiClientEMS

Fortinet FortiClientEMS versions 7.4.5 and 7.4.6 contain an improper access control vulnerability. Unauthenticated attackers can execute unauthorized...

2026-04-04
CVE-2026-35611
7.5
Unknown Multiple Products

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library

2026-04-09
CVE-2026-35610
8.8
Unknown Multiple Products

PolarLearn is a free and open-source learning program

2026-04-08