17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 4801-4850 of 17426 CVEs Page 97 of 349
CVE-2026-32318
7.6
Unknown Multiple Products

Cryptomator for IOS offers multi-platform transparent client-side encryption for files in the cloud

2026-03-21
CVE-2026-32317
7.6
Google Multiple Products

Cryptomator for Android offers multi-platform transparent client-side encryption for files in the cloud

2026-03-21
CVE-2026-32316
8.2
Unknown Multiple Products

jq is a command-line JSON processor

2026-04-14
CVE-2026-32313
8.2
HP for working

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures

2026-03-17
CVE-2026-32308
Analyzed
7.6
Unknown Multiple Products

OneUptime is a solution for monitoring and managing online services

2026-03-14
CVE-2026-32306
Analyzed
9.9
OneUptime OneUptime

OneUptime versions prior to 10.0.23 are vulnerable to SQL injection in the telemetry aggregation API due to improper interpolation of user-controlled...

2026-03-14
CVE-2026-32304
Analyzed
9.8
Locutus Locutus

The Locutus library prior to version 3.0.14 is vulnerable to arbitrary code execution because the `create_function` implementation passes unsanitized...

2026-03-14
CVE-2026-32303
7.6
Hub Multiple Products

Cryptomator encrypts data being stored on cloud infrastructure

2026-03-21
CVE-2026-32302
Analyzed
8.1
Unknown Multiple Products

OpenClaw is a personal AI assistant

2026-03-14
CVE-2026-32301
Analyzed
9.3
Centrifugo Centrifugo

Centrifugo versions prior to 6.7.0 are vulnerable to Server-Side Request Forgery (SSRF) when using dynamic JWKS endpoints, allowing unauthenticated at...

2026-03-14
CVE-2026-32300
8.1
Infor Multiple Products

Connect-CMS is a content management system

2026-03-24
CVE-2026-32299
7.5
Infor Multiple Products

Connect-CMS is a content management system

2026-03-24
CVE-2026-32298
Analyzed
9.1
Angeet ES3 KVM

The Angeet ES3 KVM contains an OS command injection vulnerability in the 'cfg.lua' script, allowing authenticated attackers to execute arbitrary syste...

2026-03-18
CVE-2026-32297
Analyzed
7.5
Unknown Multiple Products

The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including configuration files or system binaries

2026-03-18
CVE-2026-32296
8.2
NanoKVM Multiple Products

Sipeed NanoKVM before 2

2026-03-18
CVE-2026-32295
7.5
JetKVM Multiple Products

JetKVM before 0

2026-03-18
CVE-2026-32292
7.5
Unknown Multiple Products

The GL-iNet Comet (GL-RM1) KVM web interface does not limit login requests, enabling brute-force attempts to guess credentials

2026-03-18
CVE-2026-32278
8.2
Unknown Multiple Products

Connect-CMS is a content management system

2026-03-24
CVE-2026-32277
8.7
Unknown Multiple Products

Connect-CMS is a content management system

2026-03-24
CVE-2026-32276
8.8
Unknown Multiple Products

Connect-CMS is a content management system

2026-03-24
CVE-2026-32260
Analyzed
8.1
Unknown Multiple Products

Deno is a JavaScript, TypeScript, and WebAssembly runtime

2026-03-13
CVE-2026-32256
7.5
Unknown Multiple Products

music-metadata is a metadata parser for audio and video media files

2026-03-19
CVE-2026-32255
Analyzed
8.6
Nginx Kan Project Management Tool

Kan is an open-source project management tool

2026-03-19
CVE-2026-32254
7.1
Kubernetes networking

Kube-router is a turnkey solution for Kubernetes networking

2026-03-19
CVE-2026-32252
Analyzed
7.7
Unknown Multiple Products

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts

2026-04-11
CVE-2026-32247
8.1
Arch Multiple Products

Graphiti is a framework for building and querying temporal context graphs for AI agents

2026-03-13
CVE-2026-32246
8.5
Unknown Multiple Products

Tinyauth is an authentication and authorization server

2026-03-13
CVE-2026-32242
7.4
Parse Multiple Products

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node

2026-03-14
CVE-2026-32241
7.5
Kubernetes Node annotations

Flannel is a network fabric for containers, designed for Kubernetes

2026-03-29
CVE-2026-32238
Analyzed
9.1
Unknown Multiple Products

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.2 contain a Command i...

2026-03-20
CVE-2026-32231
8.2
Unknown Multiple Products

ZeptoClaw is a personal AI assistant

2026-03-13
CVE-2026-32225
8.8
Microsoft Multiple Products

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network

2026-04-15
CVE-2026-32221
8.4
Microsoft Graphics Component

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally

2026-04-15
CVE-2026-32213
Analyzed
10
Microsoft AI Foundry

Improper authorization in Azure AI Foundry allows unauthenticated network attackers to escalate privileges, potentially compromising AI models and sen...

2026-04-03
CVE-2026-32211
Analyzed
9.1
Microsoft MCP Server

A missing authentication vulnerability in Azure MCP Server allows unauthenticated attackers to disclose sensitive information over a network.

2026-04-03
CVE-2026-32210
Analyzed
9.3
Microsoft Dynamics

A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Dynamics 365 (Online) allows an unauthorized attacker to perform spoofing over a netwo...

2026-04-24
CVE-2026-32208
Analyzed
8.8
Microsoft Edge

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an authorized attacker...

2026-06-20
CVE-2026-32207
8.8
Microsoft Machine Learning

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perf...

2026-05-08
CVE-2026-32202
KEV
9.5
Microsoft Windows

Microsoft Windows Protection Mechanism Failure Vulnerability - Active in CISA KEV catalog.

2026-04-29
CVE-2026-32201
KEV
9.5
Microsoft SharePoint Server

Microsoft SharePoint Server Improper Input Validation Vulnerability - Active in CISA KEV catalog.

2026-04-15
CVE-2026-3220
Analyzed
8.8
WordPress plugin before

The Autoptimize WordPress plugin before 3

2026-05-19
CVE-2026-32194
Analyzed
9.8
Microsoft Bing Images

A command injection vulnerability in Microsoft Bing Images allows an unauthorized attacker to execute arbitrary code via network-based requests.

2026-03-20
CVE-2026-32193
Analyzed
8.8
Microsoft Azure Kubernetes Service

Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure Kubernetes Service allows an authorized attacker to...

2026-06-10
CVE-2026-32191
Analyzed
9.8
Microsoft Bing Images

An OS command injection vulnerability in Microsoft Bing Images allows an unauthenticated attacker to execute arbitrary code over a network.

2026-03-20
CVE-2026-32190
8.4
Microsoft Office allows

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally

2026-04-15
CVE-2026-32173
Analyzed
8.6
Microsoft SRE Agent

Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network

2026-04-03
CVE-2026-32172
8
Microsoft Power Apps

Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network

2026-04-24
CVE-2026-32171
8.8
Microsoft Logic Apps

Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network

2026-04-15
CVE-2026-32169
Analyzed
10
Microsoft Cloud Shell

A server-side request forgery (SSRF) vulnerability in Azure Cloud Shell allows an unauthenticated attacker to elevate privileges over a network.

2026-03-20
CVE-2026-32162
8.4
Microsoft Multiple Products

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally

2026-04-15