17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 4901-4950 of 17426 CVEs Page 99 of 349
CVE-2026-31969
8.1
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31968
8.1
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31965
8.2
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31964
7.5
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31963
8.1
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31962
8.8
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31957
Analyzed
10
Microsoft Azure Entra

Himmelblau allows unauthenticated remote attackers to bypass tenant-scoped authentication when no tenant domain is configured, enabling unauthorized a...

2026-03-12
CVE-2026-31952
7.6
Microsoft Multiple Products

Xibo is an open source digital signage platform with a web content management system and Windows display player software

2026-04-24
CVE-2026-31946
Analyzed
9.8
OpenOlat OpenOlat (e-learning platform)

OpenOlat fails to verify JWT signatures in its OpenID Connect implicit flow implementation, allowing attackers to bypass authentication by providing f...

2026-03-31
CVE-2026-31945
Analyzed
7.7
GitHub Multiple Products

LibreChat is a ChatGPT clone with additional features

2026-03-28
CVE-2026-31944
Analyzed
7.6
Atlassian LibreChat

LibreChat is a ChatGPT clone with additional features

2026-03-14
CVE-2026-31943
Analyzed
8.5
AWS LibreChat

LibreChat is a ChatGPT clone with additional features

2026-03-28
CVE-2026-31941
7.7
Social Multiple Products

Chamilo LMS is a learning management system

2026-04-11
CVE-2026-31940
7.5
HP session ID

Chamilo LMS is a learning management system

2026-04-12
CVE-2026-31939
8.3
HP leading to

Chamilo LMS is a learning management system

2026-04-11
CVE-2026-31938
Analyzed
9.6
Unknown jsPDF Library

jsPDF versions prior to 4.2.1 are vulnerable to HTML and script injection via the output function's options argument, leading to Cross-Site Scripting...

2026-03-18
CVE-2026-31937
Analyzed
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine

2026-04-03
CVE-2026-31935
Analyzed
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine

2026-04-03
CVE-2026-31934
Analyzed
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine

2026-04-03
CVE-2026-31933
Analyzed
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine

2026-04-03
CVE-2026-31932
Analyzed
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine

2026-04-03
CVE-2026-31931
Analyzed
7.5
NSM Multiple Products

Suricata is a network IDS, IPS and NSM engine

2026-04-03
CVE-2026-31928
Analyzed
8.1
Daktronics VFC-DMP-5000

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed dur...

2026-06-27
CVE-2026-31922
Analyzed
8.5
Ays Pro Fox LMS Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Fox LMS fox-lms allows Blind SQL Injecti...

2026-03-14
CVE-2026-31921
8.2
Devteam HaywoodTech Multiple Products

Missing Authorization vulnerability in Devteam HaywoodTech Product Rearrange for WooCommerce products-rearrange-woocommerce allows Exploiting Incorrec...

2026-03-27
CVE-2026-31917
Analyzed
8.5
Unknown Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP ERP erp allows SQL Injection

2026-03-14
CVE-2026-31913
8.6
Whitebox Multiple Products

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Whitebox-Studio Scape scape allows Path Traversal

2026-03-27
CVE-2026-31910
Analyzed
7.5
Apache OFBiz

Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz

2026-05-20
CVE-2026-31909
Analyzed
7.5
Apache OFBiz

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache OFBiz

2026-05-20
CVE-2026-31904
Analyzed
7.5
WebSocket API Provider WebSocket Application Programming Interface

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests

2026-03-22
CVE-2026-31903
Analyzed
7.5
WebSocket API Provider WebSocket Application Programming Interface

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests

2026-03-22
CVE-2026-31899
Analyzed
7.5
Unknown Multiple Products

CairoSVG is an SVG converter based on Cairo, a 2D graphics library

2026-03-14
CVE-2026-31898
Analyzed
8.1
Unknown jsPDF

jsPDF is a library to generate PDFs in JavaScript

2026-03-18
CVE-2026-31896
Analyzed
9.8
HP script uses

WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, a critical SQL injection vulnerability exists in the WeGIA application. Th...

2026-03-12
CVE-2026-31895
8.8
HP Multiple Products

WeGIA is a web manager for charitable institutions

2026-03-12
CVE-2026-31891
7.7
HP Multiple Products

Cockpit is a headless content management system

2026-03-18
CVE-2026-31889
8.9
Shopware Multiple Products

Shopware is an open commerce platform

2026-03-12
CVE-2026-31886
Analyzed
9.1
Linux Dagu

A path traversal vulnerability in Dagu's workflow engine allows attackers to manipulate the dagRunId field to delete arbitrary directories, including...

2026-03-14
CVE-2026-31882
7.5
Unknown Multiple Products

Dagu is a workflow engine with a built-in Web user interface

2026-03-14
CVE-2026-31874
Analyzed
9.8
Taskosaur Taskosaur

Taskosaur 1.0.0 allows unauthenticated attackers to register accounts with SUPER_ADMIN privileges by manually modifying the role parameter during the...

2026-03-12
CVE-2026-31862
Analyzed
9.1
Cloud Multiple Products

Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, multiple Git-related AP...

2026-03-12
CVE-2026-31852
Analyzed
10
Apple App Store

The jellyfin-ios GitHub Actions workflow is vulnerable to arbitrary code execution via pull requests, potentially leading to full repository takeover...

2026-03-12
CVE-2026-31845
Analyzed
9.3
HP CRM

A reflected XSS vulnerability in the Rukovoditel CRM Zadarma telephony API allows unauthenticated attackers to execute malicious scripts.

2026-04-12
CVE-2026-31844
8.8
Infor Multiple Products

An authenticated SQL Injection vulnerability (CWE-89) exists in the Koha staff interface in the /cgi-bin/koha/suggestion/suggestion

2026-03-11
CVE-2026-31843
Analyzed
9.8
HP payment hook

The pay-uz Laravel package contains an unauthenticated remote code execution vulnerability via the /payment/api/editable/update endpoint.

2026-04-17
CVE-2026-31842
7.5
Tinyproxy Multiple Products

Tinyproxy through 1

2026-04-09
CVE-2026-31839
8.2
Unknown Multiple Products

Striae is a firearms examiner's comparison companion

2026-03-12
CVE-2026-31836
8.1
Unknown Multiple Products

Checkmate is an open-source, self-hosted tool designed to track and monitor server hardware, uptime, response times, and incidents in real-time with b...

2026-03-21
CVE-2026-31828
8.8
Parse filters without

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node

2026-03-12
CVE-2026-31824
8.2
Unknown Multiple Products

Sylius is an Open Source eCommerce Framework on Symfony

2026-03-11