17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 4351-4400 of 17426 CVEs Page 88 of 349
CVE-2026-33943
8.8
Happy Multiple Products

Happy DOM is a JavaScript implementation of a web browser without its graphical user interface

2026-03-28
CVE-2026-33942
Analyzed
9.8
HP library that

Saloon versions prior to 4.0.0 are vulnerable to PHP Object Injection via insecure use of unserialize() in the AccessTokenAuthenticator class, potenti...

2026-03-27
CVE-2026-33941
8.2
Handlebars Multiple Products

Handlebars provides the power necessary to let users build semantic templates

2026-03-28
CVE-2026-33940
8.1
Handlebars Multiple Products

Handlebars provides the power necessary to let users build semantic templates

2026-03-28
CVE-2026-33939
7.5
Handlebars Multiple Products

Handlebars provides the power necessary to let users build semantic templates

2026-03-29
CVE-2026-33938
8.1
Handlebars Multiple Products

Handlebars provides the power necessary to let users build semantic templates

2026-03-28
CVE-2026-33937
Analyzed
9.8
Handlebars Handlebars.js

Handlebars.js allows Remote Code Execution when `Handlebars.compile()` processes a crafted AST object containing unsanitized numeric literals.

2026-03-28
CVE-2026-33932
7.6
CCDA Multiple Products

OpenEMR is a free and open source electronic health records and medical practice management application

2026-03-26
CVE-2026-33918
7.6
HP Multiple Products

OpenEMR is a free and open source electronic health records and medical practice management application

2026-03-26
CVE-2026-33917
8.8
Unknown Multiple Products

OpenEMR is a free and open source electronic health records and medical practice management application

2026-03-26
CVE-2026-33913
7.7
Unknown Multiple Products

OpenEMR is a free and open source electronic health records and medical practice management application

2026-03-26
CVE-2026-33908
7.5
Unknown Multiple Products

ImageMagick is free and open-source software used for editing and manipulating digital images

2026-04-14
CVE-2026-33906
7.2
Ella Multiple Products

Ella Core is a 5G core designed for private networks

2026-03-29
CVE-2026-33901
7.5
Unknown Multiple Products

ImageMagick is free and open-source software used for editing and manipulating digital images

2026-04-14
CVE-2026-33898
8.8
Unknown Multiple Products

Incus is a system container and virtual machine manager

2026-03-27
CVE-2026-33897
Analyzed
9.9
Incus Incus

Incus versions prior to 6.23.0 contain a critical sandbox escape in the pongo2 template implementation that allows arbitrary file reads and writes as...

2026-03-27
CVE-2026-33896
7.4
Forge Multiple Products

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript

2026-03-29
CVE-2026-33895
7.5
Canon Multiple Products

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript

2026-03-29
CVE-2026-33894
7.5
Forge Multiple Products

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript

2026-03-29
CVE-2026-33891
7.5
LG Multiple Products

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript

2026-03-29
CVE-2026-33875
Analyzed
9.3
Gematik Authenticator Authenticator

Gematik Authenticator is vulnerable to authentication flow hijacking via malicious deep links, allowing attackers to impersonate victim users.

2026-03-28
CVE-2026-33874
7.8
Gematik Multiple Products

Gematik Authenticator securely authenticates users for login to digital health applications

2026-03-28
CVE-2026-33870
7.5
Unknown Multiple Products

Netty is an asynchronous, event-driven network application framework

2026-03-29
CVE-2026-33858
8.8
Apache Airflow

Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitr...

2026-04-14
CVE-2026-33856
7.5
Google Multiple Products

Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherry Android-ImageMagick7

2026-03-24
CVE-2026-33854
8.8
Google Multiple Products

Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7

2026-03-24
CVE-2026-33852
7.5
Google Multiple Products

Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherry Android-ImageMagick7

2026-03-24
CVE-2026-33851
7.8
Unknown Multiple Products

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in joncampbell123 doslib

2026-03-24
CVE-2026-33850
7.8
WujekFoliarz Multiple Products

Out-of-bounds Write vulnerability in WujekFoliarz DualSenseY-v2

2026-03-24
CVE-2026-33849
8.8
Unknown Multiple Products

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms

2026-03-24
CVE-2026-33848
8.8
Unknown Multiple Products

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms

2026-03-24
CVE-2026-33847
7.8
Unknown Multiple Products

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms

2026-03-24
CVE-2026-33846
7.5
Unknown Multiple Products

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS

2026-05-05
CVE-2026-33845
7.5
Infor Multiple Products

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reasse...

2026-05-01
CVE-2026-33844
Analyzed
9
Microsoft Cassandra allows

Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.

2026-05-08
CVE-2026-33833
8.2
Microsoft Machine Learning

Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an unauthorized at...

2026-05-13
CVE-2026-33827
8.1
Microsoft Multiple Products

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execu...

2026-04-15
CVE-2026-33826
8
Microsoft Multiple Products

Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network

2026-04-15
CVE-2026-33825
KEV
9.5
Microsoft Defender

Microsoft Defender Insufficient Granularity of Access Control Vulnerability - Active in CISA KEV catalog.

2026-04-23
CVE-2026-33824
Analyzed
9.8
Microsoft Multiple Products

Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.

2026-04-15
CVE-2026-33823
Analyzed
9.6
Microsoft Teams allows

Improper authorization in Microsoft Teams permits an authorized attacker to perform unauthorized information disclosure over a network.

2026-05-08
CVE-2026-33819
Analyzed
10
Microsoft Bing allows

A deserialization vulnerability in Microsoft Bing allows an unauthorized remote attacker to execute arbitrary code via the network.

2026-04-24
CVE-2026-33814
7.5
Unknown Multiple Products

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE...

2026-05-09
CVE-2026-33813
7.5
Unknown Multiple Products

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms

2026-04-23
CVE-2026-33811
7.5
Unknown Multiple Products

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash

2026-05-09
CVE-2026-3381
Analyzed
9.8
Perl (CPAN) Compress::Raw::Zlib

Compress::Raw::Zlib for Perl bundles an insecure version of the zlib library (CVE-2026-27171). Updating to version 2.220 resolves these underlying sec...

2026-03-06
CVE-2026-33807
Analyzed
9.1
Unknown Multiple Products

@fastify/express v4.0.4 and earlier contains a path handling bug in the onRegister function that causes middleware paths to be doubled when inherited...

2026-04-16
CVE-2026-33805
Analyzed
8.6
Fastify @fastify/reply-from and @fastify/http-proxy

@fastify/reply-from v12

2026-06-02
CVE-2026-33804
7.4
Unknown Multiple Products

@fastify/middie versions 9

2026-04-17
CVE-2026-3380
Analyzed
8.8
Tenda F453

A vulnerability was found in Tenda F453 1

2026-03-01