212 Total CVEs
63 AI Analyzed
0 CISA KEV
21 Critical
All Vendors
Showing 1-212 of 212 CVEs
CVE-2026-8967
Analyzed
7.5
Infor Multiple Products

Information disclosure in the Graphics: WebGPU component

2026-05-21
CVE-2026-8966
Analyzed
7.5
Infor Multiple Products

Information disclosure in the IP Protection component

2026-05-21
CVE-2026-8965
Analyzed
7.5
Infor Multiple Products

Information disclosure in the DOM: Security component

2026-05-21
CVE-2026-8958
Analyzed
8.6
Infor Multiple Products

Information disclosure, sandbox escape in the Security: Process Sandboxing component

2026-05-20
CVE-2026-8759
Analyzed
7.3
Infor Multiple Products

A vulnerability was identified in xiandafu beetl up to 3

2026-05-18
CVE-2026-8756
Analyzed
7.3
Infor Multiple Products

A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c

2026-05-18
CVE-2026-8696
Analyzed
7.5
Infor Multiple Products

radare2 6

2026-05-17
CVE-2026-8598
Analyzed
9.1
Infor CCTV Cameras

Certain ZKTeco CCTV cameras expose an undocumented, unauthenticated configuration export port that reveals sensitive information, including account cr...

2026-05-21
CVE-2026-7810
7.3
Infor Multiple Products

A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b5fa7be26e0d4369894c2

2026-05-05
CVE-2026-7788
7.3
Infor Multiple Products

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0

2026-05-05
CVE-2026-7785
7.3
Infor Multiple Products

A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89

2026-05-05
CVE-2026-7784
7.3
Infor Multiple Products

A vulnerability has been found in RTGS2017 NagaAgent up to 5

2026-05-05
CVE-2026-7644
7.3
Infor Multiple Products

A vulnerability has been found in ChatGPTNextWeb NextChat up to 2

2026-05-03
CVE-2026-7594
7.3
Infor Multiple Products

A vulnerability was detected in Flux159 mcp-game-asset-gen 0

2026-05-02
CVE-2026-7593
7.3
Infor Multiple Products

A security vulnerability has been detected in Sunwood-ai-labs command-executor-mcp-server up to 0

2026-05-02
CVE-2026-7590
7.3
Infor Multiple Products

A vulnerability was identified in eyal-gor p_69_branch_monkey_mcp up to 69bc71874ce40050ef45fde5a435855f18af3373

2026-05-02
CVE-2026-7571
Analyzed
7.1
Infor Multiple Products

A flaw was found in Keycloak

2026-05-20
CVE-2026-7504
Analyzed
8.1
Infor Multiple Products

A flaw was found in Keycloak's URL validation logic during redirect operations

2026-05-20
CVE-2026-7443
7.3
Infor Multiple Products

A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1

2026-05-01
CVE-2026-7416
7.3
Infor Multiple Products

A vulnerability was found in PolarVista xcode-mcp-server 1

2026-05-01
CVE-2026-7404
7.3
Infor Multiple Products

A weakness has been identified in getsimpletool mcpo-simple-server up to 0

2026-05-01
CVE-2026-7398
7.3
Infor Multiple Products

A weakness has been identified in florensiawidjaja BioinfoMCP up to 7ada7918b9e515604d3c0ae264d3a9af10bf6e54

2026-05-01
CVE-2026-7320
7.5
Infor Multiple Products

Information disclosure due to incorrect boundary conditions in the Audio/Video component

2026-04-29
CVE-2026-7234
7.3
Infor Multiple Products

A weakness has been identified in BrowserOperator browser-operator-core up to 0

2026-04-29
CVE-2026-7223
7.3
Infor Multiple Products

A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2

2026-04-29
CVE-2026-7216
7.3
Infor Multiple Products

A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd

2026-04-29
CVE-2026-7215
7.3
Infor Multiple Products

A security flaw has been discovered in egtai gmx-vmd-mcp up to 0

2026-04-28
CVE-2026-7213
7.3
Infor Multiple Products

A vulnerability was detected in ef10007 MLOps_MCP 1

2026-04-28
CVE-2026-7212
7.3
Infor Multiple Products

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0

2026-04-28
CVE-2026-7178
7.3
Infor Multiple Products

A weakness has been identified in ChatGPTNextWeb NextChat up to 2

2026-04-28
CVE-2026-7177
7.3
Infor Multiple Products

A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2

2026-04-28
CVE-2026-7158
7.3
Infor Multiple Products

A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6

2026-04-28
CVE-2026-7157
7.3
Infor Multiple Products

A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc

2026-04-28
CVE-2026-7149
7.3
Infor Multiple Products

A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d

2026-04-28
CVE-2026-7147
7.3
Infor Multiple Products

A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1

2026-04-28
CVE-2026-7146
7.3
Infor Multiple Products

A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d

2026-04-28
CVE-2026-7094
7.3
Infor Multiple Products

A vulnerability was determined in ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78

2026-04-27
CVE-2026-7066
7.3
Infor Multiple Products

A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036

2026-04-27
CVE-2026-7065
7.3
Infor Multiple Products

A vulnerability has been found in BidingCC BuildingAI up to 26

2026-04-27
CVE-2026-7064
7.3
Infor Multiple Products

A flaw has been found in AgentDeskAI browser-tools-mcp up to 1

2026-04-27
CVE-2026-7060
7.3
Infor Multiple Products

A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec

2026-04-27
CVE-2026-7039
7.8
Infor Multiple Products

A security vulnerability has been detected in tufantunc ssh-mcp up to 1

2026-04-27
CVE-2026-6987
7.3
Infor Multiple Products

A vulnerability was detected in PicoClaw up to 0

2026-04-26
CVE-2026-6980
7.3
Infor Multiple Products

A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd

2026-04-26
CVE-2026-6795
Analyzed
9.6
Infor Multiple Products

URL redirection to untrusted site ('open redirect') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Parameter Injection....

2026-05-08
CVE-2026-6782
7.5
Infor Multiple Products

Information disclosure in the IP Protection component

2026-04-22
CVE-2026-6749
7.5
Infor Multiple Products

Information disclosure due to uninitialized memory in the Graphics: Canvas2D component

2026-04-22
CVE-2026-6356
Analyzed
9.6
Infor Multiple Products

A privilege escalation vulnerability in Infor web applications allows standard users to gain super administrator access via parameter manipulation.

2026-04-23
CVE-2026-6130
7.3
Infor Multiple Products

A flaw has been found in chatboxai chatbox up to 1

2026-04-13
CVE-2026-6129
7.3
Infor Multiple Products

A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2

2026-04-13
CVE-2026-6110
7.3
Infor Multiple Products

A vulnerability was identified in FoundationAgents MetaGPT up to 0

2026-04-12
CVE-2026-5943
7.8
Infor Multiple Products

Document structural anomalies caused inconsistencies between page element relationships and internal index states

2026-04-28
CVE-2026-5791
Analyzed
9.6
Infor DivvyDrive

A Cross-Site Request Forgery (CSRF) vulnerability in DivvyDrive versions 4.8.2.9 through 4.8.3.1 allows unauthorized actions to be performed on behalf...

2026-05-08
CVE-2026-5627
Analyzed
9.1
Infor Multiple Products

A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the `AgentFlows` component. The vulnera...

2026-04-08
CVE-2026-5577
7.3
Infor Multiple Products

A vulnerability has been found in Song-Li cross_browser up to ca690f0fe6954fd9bcda36d071b68ed8682a786a

2026-04-06
CVE-2026-5367
Analyzed
8.6
Infor Multiple Products

A flaw was found in OVN (Open Virtual Network)

2026-04-25
CVE-2026-5016
7.3
Infor Multiple Products

A vulnerability was identified in elecV2 elecV2P up to 3

2026-03-29
CVE-2026-5012
7.3
Infor Multiple Products

A flaw has been found in elecV2 elecV2P up to 3

2026-03-29
CVE-2026-4712
7.5
Infor Multiple Products

Information disclosure in the Widget: Cocoa component

2026-03-26
CVE-2026-4636
Analyzed
8.1
Infor Multiple Products

A flaw was found in Keycloak

2026-04-03
CVE-2026-44516
7.6
Infor Multiple Products

Valtimo is an open-source business process automation platform

2026-05-16
CVE-2026-44291
8.1
Infor Multiple Products

protobufjs compiles protobuf definitions into JavaScript (JS) functions

2026-05-15
CVE-2026-44066
Analyzed
7.1
Infor Multiple Products

Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Netatalk 3

2026-05-22
CVE-2026-44064
Analyzed
7.1
Infor Multiple Products

An out-of-bounds read in ASP session ID handling in Netatalk 1

2026-05-22
CVE-2026-42611
8.9
Infor Multiple Products

Grav is a file-based Web platform

2026-05-12
CVE-2026-42477
7.1
Infor Multiple Products

A heap-based out-of-bounds read vulnerability in RWObj_Reader::read in the OBJ file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows user-as...

2026-05-02
CVE-2026-42476
7.1
Infor Multiple Products

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 exist in RWStl_Reader::Rea...

2026-05-02
CVE-2026-42047
8.6
Infor Multiple Products

Inngest is a platform for running event-driven and scheduled background functions with queueing, retries, and step orchestration

2026-05-08
CVE-2026-4201
7.3
Infor Multiple Products

A weakness has been identified in glowxq glowxq-oj up to 6f7c723090472057252040fd2bbbdaa1b5ed2393

2026-03-17
CVE-2026-4155
7.5
Infor Multiple Products

ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability

2026-04-12
CVE-2026-40972
7.5
Infor Multiple Products

An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret

2026-04-28
CVE-2026-40062
7.5
Infor Multiple Products

A path Traversal vulnerability exists in Ziostation2 v2

2026-04-24
CVE-2026-40035
Analyzed
9.1
Infor Unfurl

Unfurl contains an improper input validation vulnerability in configuration parsing that enables Flask debug mode by default, potentially leading to r...

2026-04-09
CVE-2026-35093
8.8
Infor Multiple Products

A flaw was found in libinput

2026-04-02
CVE-2026-34911
Analyzed
7.7
Infor Multiple Products

A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files...

2026-05-22
CVE-2026-34003
Analyzed
7.8
Infor Multiple Products

A flaw was found in the X

2026-04-24
CVE-2026-3396
7.5
Infor Multiple Products

WCAPF – WooCommerce Ajax Product Filter plugin is vulnerable to time-based SQL Injection via the 'post-author' parameter in all versions up to, and in...

2026-04-10
CVE-2026-33845
7.5
Infor Multiple Products

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reasse...

2026-05-01
CVE-2026-33530
7.7
Infor Multiple Products

InvenTree is an Open Source Inventory Management System

2026-03-28
CVE-2026-33461
7.7
Infor Multiple Products

Incorrect Authorization (CWE-863) in Kibana can lead to information disclosure via Privilege Abuse (CAPEC-122)

2026-04-09
CVE-2026-33250
7.5
Infor Multiple Products

Freeciv21 is a free open source, turn-based, empire-building strategy game

2026-03-24
CVE-2026-3323
7.5
Infor Multiple Products

An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed cre...

2026-04-29
CVE-2026-33180
7.5
Infor Multiple Products

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java

2026-03-22
CVE-2026-32864
7.8
Infor Multiple Products

There is a memory corruption vulnerability due to an out-of-bounds read in mgcore_SH_25_3!aligned_free() in NI LabVIEW

2026-04-09
CVE-2026-32863
7.8
Infor Multiple Products

There is a memory corruption vulnerability due to an out-of-bounds read in sentry_transaction_context_set_operation() in NI LabVIEW

2026-04-09
CVE-2026-32862
7.8
Infor Multiple Products

There is a memory corruption vulnerability due to an out-of-bounds write in ResFileFactory::InitResourceMgr() in NI LabVIEW

2026-04-09
CVE-2026-32861
7.8
Infor Multiple Products

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW

2026-04-09
CVE-2026-32860
7.8
Infor Multiple Products

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW

2026-04-08
CVE-2026-32613
Analyzed
9.9
Infor Multiple Products

Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL (Spring Expression Language) to proces...

2026-04-21
CVE-2026-32610
8.1
Infor Multiple Products

Glances is an open-source system cross-platform monitoring tool

2026-03-19
CVE-2026-32596
7.5
Infor Multiple Products

Glances is an open-source system cross-platform monitoring tool

2026-03-19
CVE-2026-32300
8.1
Infor Multiple Products

Connect-CMS is a content management system

2026-03-24
CVE-2026-32299
7.5
Infor Multiple Products

Connect-CMS is a content management system

2026-03-24
CVE-2026-31973
7.5
Infor Multiple Products

SAMtools is a program for reading, manipulating and writing bioinformatics file formats

2026-03-20
CVE-2026-31971
8.1
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31970
8.1
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31969
8.1
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31968
8.1
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31965
8.2
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31964
7.5
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31963
8.1
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31962
8.8
Infor Multiple Products

HTSlib is a library for reading and writing bioinformatics file formats

2026-03-20
CVE-2026-31844
8.8
Infor Multiple Products

An authenticated SQL Injection vulnerability (CWE-89) exists in the Koha staff interface in the /cgi-bin/koha/suggestion/suggestion

2026-03-11
CVE-2026-30884
Analyzed
9.6
Infor Custom Certificate (mod_customcert)

A critical flaw in the Moodle Custom Certificate plugin allows teachers to read or overwrite certificate elements from any other course in the system.

2026-03-18
CVE-2026-30689
7.5
Infor Multiple Products

A blog

2026-03-29
CVE-2026-3038
7.5
Infor Multiple Products

The rtsock_msg_buffer() function serializes routing information into a buffer

2026-03-10
CVE-2026-30282
Analyzed
9
Infor Cast to TV Screen Mirroring

UXGROUP LLC Cast to TV Screen Mirroring v2.2.77 is vulnerable to an arbitrary file overwrite during the import process, leading to code execution or d...

2026-04-01
CVE-2026-30244
7.5
Infor Multiple Products

Plane is an an open-source project management tool

2026-03-08
CVE-2026-29871
7.5
Infor Multiple Products

A path traversal vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-19) in the Beifong A...

2026-03-29
CVE-2026-29858
7.5
Infor Multiple Products

A lack of path validation in aaPanel v7

2026-03-20
CVE-2026-2940
7.3
Infor Multiple Products

A vulnerability was determined in Zaher1307 tiny_web_server up to 8d77b1044a0ca3a5297d8726ac8aa2cf944d481b

2026-02-23
CVE-2026-28766
Analyzed
9.3
Infor Gardyn

A critical vulnerability in a Gardyn endpoint allows unauthenticated access to all registered user account information. This flaw permits total data e...

2026-04-04
CVE-2026-28761
8.1
Infor Multiple Products

Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203

2026-05-16
CVE-2026-28369
Analyzed
8.7
Infor Multiple Products

A flaw was found in Undertow

2026-03-28
CVE-2026-2803
7.5
Infor Multiple Products

Information disclosure, mitigation bypass in the Settings UI component

2026-02-26
CVE-2026-27579
7.4
Infor Multiple Products

CollabPlatform is a full-stack, real-time doc collaboration platform

2026-02-22
CVE-2026-2754
7.5
Infor Multiple Products

Navtor NavBox exposes sensitive configuration and operational data due to missing authentication on HTTP API endpoints

2026-03-08
CVE-2026-2753
7.5
Infor Multiple Products

An Absolute Path Traversal vulnerability exists in Navtor NavBox

2026-03-08
CVE-2026-27464
7.7
Infor Multiple Products

Metabase is an open-source data analytics platform

2026-02-21
CVE-2026-26318
8.8
Infor Multiple Products

systeminformation is a System and OS information library for node

2026-02-20
CVE-2026-2629
7.3
Infor Multiple Products

A weakness has been identified in jishi node-sonos-http-api up to 3776f0ee2261c924c7b7204de121a38100a08ca7

2026-02-18
CVE-2026-26289
8.2
Infor Multiple Products

PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information n...

2026-05-13
CVE-2026-26280
8.4
Infor Multiple Products

systeminformation is a System and OS information library for node

2026-02-20
CVE-2026-26164
7.5
Infor Multiple Products

Improper neutralization of special elements in output used by a downstream component ('injection') in M365 Copilot allows an unauthorized attacker to...

2026-05-09
CVE-2026-26133
7.1
Infor Multiple Products

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network

2026-03-17
CVE-2026-26129
7.5
Infor Multiple Products

Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network

2026-05-09
CVE-2026-25584
Analyzed
7.8
Infor ICC Color Management Libraries

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles

2026-02-05
CVE-2026-2549
Analyzed
7.3
Infor LibrarySystem

A vulnerability has been found in zhanghuanhao LibrarySystem 图书馆管理系统 up to 1

2026-02-17
CVE-2026-2493
7.5
Infor Multiple Products

IceWarp collaboration Directory Traversal Information Disclosure Vulnerability

2026-03-17
CVE-2026-24908
Analyzed
9.9
Infor OpenEMR

An SQL injection vulnerability in the OpenEMR Patient REST API allows authenticated users to execute arbitrary queries and access protected health inf...

2026-02-26
CVE-2026-24901
8.1
Infor Multiple Products

Outline is a service that allows for collaborative documentation

2026-03-18
CVE-2026-2328
7.5
Infor Multiple Products

An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path travers...

2026-03-30
CVE-2026-2103
7.1
Infor SyteLine ERP

Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and...

2026-02-07
CVE-2026-2092
7.7
Infor Multiple Products

A flaw was found in Keycloak

2026-03-18
CVE-2026-0957
7.8
Infor Multiple Products

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYLab

2026-03-14
CVE-2026-0956
7.8
Infor Multiple Products

There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab

2026-03-14
CVE-2026-0955
7.8
Infor Multiple Products

There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab

2026-03-14
CVE-2026-0954
7.8
Infor Multiple Products

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted DSB file in Digilent DASYLab

2026-03-14
CVE-2026-0047
8.4
Infor Multiple Products

In dumpBitmapsProto of ActivityManagerService

2026-03-03
CVE-2026-0025
8.4
Infor Multiple Products

In hasImage of Notification

2026-03-04
CVE-2025-70949
7.5
Infor Multiple Products

An observable timing discrepancy in @perfood/couch-auth v0

2026-03-07
CVE-2025-70082
Analyzed
9.8
Infor Multiple Products

An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrx_evo component

2026-03-12
CVE-2025-70029
7.5
Infor Multiple Products

An issue in Sunbird-Ed SunbirdEd-portal v1

2026-02-13
CVE-2025-69808
Analyzed
9.1
Infor Multiple Products

An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to access sensitive information and cause a Denia...

2026-03-17
CVE-2025-6830
Analyzed
9.8
Infor Xpoda Studio

Xpoda Studio is vulnerable to SQL injection due to improper neutralization of special elements, potentially allowing unauthorized database access and...

2026-02-10
CVE-2025-67848
8.1
Infor Multiple Products

A flaw was found in Moodle

2026-02-04
CVE-2025-67752
8.1
Infor Multiple Products

OpenEMR is a free and open source electronic health records and medical practice management application

2026-02-25
CVE-2025-67733
8.5
Infor Multiple Products

Valkey is a distributed key-value database

2026-02-24
CVE-2025-65127
7.5
Infor Multiple Products

A lack of session validation in the web API component of Shenzhen Zhibotong Electronics ZBT WE2001 23

2026-02-13
CVE-2025-65104
7.9
Infor Multiple Products

Firebird is an open-source relational database management system

2026-04-18
CVE-2025-61917
Analyzed
7.7
Infor n8n Workflow Automation Platform

n8n is an open source workflow automation platform

2026-02-05
CVE-2025-59542
Analyzed
9
Infor Chamilo LMS

Chamilo LMS prior to 1.11.34 contains a stored XSS vulnerability in the learning path Settings field, allowing low-privileged trainers to hijack admin...

2026-03-07
CVE-2025-55262
8.3
Infor Multiple Products

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the databa...

2026-03-27
CVE-2025-54756
8.4
Infor Multiple Products

BrightSign players running BrightSign OS series 4 prior to v8

2026-02-13
CVE-2025-5319
Analyzed
9.8
Infor DIGITA Efficiency Management System

The DIGITA Efficiency Management System is vulnerable to a critical SQL Injection flaw. An unauthenticated attacker can execute arbitrary SQL commands...

2026-02-04
CVE-2025-48650
8.4
Infor Multiple Products

In multiple locations, there is a possible information disclosure due to SQL injection

2026-03-03
CVE-2025-48630
7.4
Infor Multiple Products

In drawLayersInternal of SkiaRenderEngine

2026-03-04
CVE-2025-40899
8.9
Infor Multiple Products

A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter

2026-04-16
CVE-2025-15381
8.1
Infor Multiple Products

In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validat...

2026-03-28
CVE-2025-14821
7.8
Infor Multiple Products

A flaw was found in libssh

2026-04-08
CVE-2025-14320
Analyzed
9.8
Infor Multiple Products

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trad...

2026-05-05
CVE-2025-14014
Analyzed
9.8
Infor Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in NTN Information Processing Services Computer Software Hardware Industry and Trade Ltd...

2026-02-13
CVE-2025-12107
Analyzed
10
Infor Multiple Products

Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template...

2026-02-20
CVE-2024-56373
8.4
Infor Multiple Products

DAG Author (who already has quite a lot of permissions) could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server...

2026-02-25
CVE-2024-44219
Analyzed
7.5
Infor Multiple Products

A permissions issue was addressed with additional restrictions

2026-04-03
CVE-2024-43384
8
Infor Multiple Products

A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer

2026-05-08
CVE-2024-26480
7.5
Infor Multiple Products

An issue in Statping-ng v

2026-02-13
CVE-2024-26477
7.5
Infor Multiple Products

An issue in Statping-ng v

2026-02-13
CVE-2024-1524
7.7
Infor Multiple Products

When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider (IDP) there is a risk that a local user store user's...

2026-02-24
CVE-2020-37163
8.2
Infor Multiple Products

QuickDate 1

2026-02-07
CVE-2020-37150
7.5
Infor Multiple Products

Edimax EW-7438RPn-v3 Mini 1

2026-02-06
CVE-2020-37104
7.5
Infor Multiple Products

ASTPP 4

2026-02-13
CVE-2020-37097
Analyzed
7.5
Infor Multiple Products

Edimax EW-7438RPn 1

2026-02-04
CVE-2020-37094
Analyzed
9.8
Infor Multiple Products

EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Atta...

2026-02-04
CVE-2020-37093
Analyzed
7.5
Infor Multiple Products

Netis E1+ 1

2026-02-04
CVE-2020-37033
8.2
Infor Multiple Products

Infor Storefront B2B 1

2026-01-31
CVE-2019-25713
7.1
Infor Multiple Products

MyT-PM 1

2026-04-13
CVE-2019-25706
7.5
Infor Multiple Products

Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom-0 backup file containing sens...

2026-04-13
CVE-2019-25704
Analyzed
8.2
Infor Kados R10 GreenBee

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filt...

2026-04-06
CVE-2019-25702
Analyzed
8.2
Infor Kados R10 GreenBee

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the id_p...

2026-04-06
CVE-2019-25700
Analyzed
8.2
Infor Kados R10 GreenBee

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the sort...

2026-04-06
CVE-2019-25698
Analyzed
8.2
Infor Kados R10 GreenBee

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the id_t...

2026-04-06
CVE-2019-25696
Analyzed
8.2
Infor Kados R10 GreenBee

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the lang...

2026-04-06
CVE-2019-25694
Analyzed
8.2
Infor Kados R10 GreenBee

Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code...

2026-04-06
CVE-2019-25692
Analyzed
8.2
Infor Kados R10 GreenBee

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id_...

2026-04-06
CVE-2019-25690
Analyzed
8.2
Infor Kados R10 GreenBee

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the mng_...

2026-04-06
CVE-2019-25688
Analyzed
8.2
Infor Kados R10 GreenBee

Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code...

2026-04-06
CVE-2019-25672
8.2
Infor Multiple Products

PilusCart 1

2026-04-06
CVE-2019-25663
7.1
Infor Multiple Products

SuiteCRM 7

2026-04-06
CVE-2019-25635
8.2
Infor Multiple Products

Zeeways Matrimony CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the...

2026-03-25
CVE-2019-25538
8.2
Infor Multiple Products

202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code thr...

2026-03-13
CVE-2019-25505
7.1
Infor Multiple Products

Tradebox 5

2026-03-05
CVE-2019-25504
8.2
Infor Multiple Products

NCrypted Jobgator contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code t...

2026-03-05
CVE-2019-25489
Analyzed
8.2
Infor Multiple Products

Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through...

2026-02-28
CVE-2019-25486
8.2
Infor Multiple Products

Varient 1

2026-03-12
CVE-2019-25479
8.2
Infor Multiple Products

Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code th...

2026-03-13
CVE-2019-25462
Analyzed
8.2
Infor Rent a Car

Web Ofisi Rent a Car v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL...

2026-02-23
CVE-2019-25460
Analyzed
8.2
Infor Platinum E-Ticaret

Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by inject...

2026-02-23
CVE-2019-25459
Analyzed
8.2
Infor Emlak

Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries...

2026-02-23
CVE-2019-25458
Analyzed
8.2
Infor Firma Rehberi

Web Ofisi Firma Rehberi v1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting S...

2026-02-23
CVE-2019-25457
Analyzed
8.2
Infor Firma

Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code...

2026-02-23
CVE-2019-25456
Analyzed
8.2
Infor Emlak

Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code...

2026-02-23
CVE-2019-25455
Analyzed
8.2
Infor E-Ticaret

Web Ofisi E-Ticaret v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL c...

2026-02-23
CVE-2019-25439
Analyzed
8.2
Infor CMS

NoviSmart CMS contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code throug...

2026-02-23
CVE-2019-25359
8.2
Infor Multiple Products

SD

2026-02-19
CVE-2019-25346
7.1
Infor Multiple Products

TheSystem 1

2026-02-14
CVE-2019-25298
7.1
Infor Multiple Products

html5_snmp 1

2026-02-07
CVE-2018-25339
Analyzed
8.2
Infor Multiple Products

Zechat 1

2026-05-18
CVE-2018-25338
Analyzed
8.2
Infor Multiple Products

Zechat 1

2026-05-18
CVE-2018-25208
8.2
Infor Multiple Products

qdPM 9

2026-03-27
CVE-2018-25171
8.2
Infor Multiple Products

EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code thro...

2026-03-07
CVE-2017-20223
Analyzed
9.8
Infor SKT LTE Router SDT-CS3B1

An Insecure Direct Object Reference (IDOR) vulnerability in Telesquare SDT-CS3B1 routers allows attackers to bypass authorization and access sensitive...

2026-03-17