CVE-2026-5604 - A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function form

CVE-2026-5603 - A vulnerability was identified in elgentos magento2-dev-mcp up to 1.0.2. The affected element is the

CVE-2026-5602 - A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerToo

CVE-2026-5601 - A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some un

CVE-2026-5597 - A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file gript

CVE-2026-4272 - Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows Aut

CVE-2026-35679 - Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, whic

CVE-2026-5596 - A vulnerability was detected in griptape-ai griptape 0.19.4. Affected by this issue is some unknown

CVE-2019-25704 - Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate datab

CVE-2019-25702 - Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate datab

CVE-2019-25700 - Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate datab

CVE-2019-25698 - Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate datab

CVE-2019-25696 - Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate datab

CVE-2019-25694 - Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to

CVE-2019-25692 - Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate datab

CVE-2019-25690 - Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate datab

CVE-2019-25688 - Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to

CVE-2019-25687 - Pegasus CMS 1.0 contains a remote code execution vulnerability in the extra_fields.php plugin that a

CVE-2019-25686 - Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows un

CVE-2019-25685 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2019-25684 - OpenDocMan 1.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to ma

CVE-2019-25683 - FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that a

CVE-2019-25682 - CMSsite 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform una

CVE-2019-25681 - Xlight FTP Server 3.9.1 contains a structured exception handler (SEH) overwrite vulnerability that a

CVE-2019-25680 - Advance Gift Shop Pro Script 2.0.3 contains an SQL injection vulnerability that allows unauthenticat

CVE-2019-25679 - RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vul

CVE-2019-25678 - C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that all

CVE-2019-25677 - WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the appl

CVE-2019-25676 - Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow u

CVE-2019-25675 - eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to b

CVE-2019-25674 - CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipul

CVE-2019-25673 - UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability

CVE-2019-25672 - PilusCart 1.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to mani

CVE-2019-25671 - VA MAX 8.3.4 contains a remote code execution vulnerability that allows authenticated attackers to e

CVE-2019-25670 - River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability

CVE-2019-25669 - qdPM 9.1 contains an SQL injection vulnerability that allows attackers to manipulate database querie

CVE-2019-25668 - News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attack

CVE-2019-25667 - TaskInfo 8.2.0.280 contains a local buffer overflow vulnerability that allows attackers to crash the

CVE-2019-25666 - SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder comp

CVE-2019-25665 - River Past Ringtone Converter 2.7.6.1601 contains a local buffer overflow vulnerability that allows

CVE-2019-25664 - SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the Use

CVE-2019-25663 - SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to manipu

CVE-2019-25662 - ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to e

CVE-2019-25661 - Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attacker

CVE-2019-25660 - LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the app

CVE-2019-25659 - ASPRunner Professional 6.0.766 contains a local buffer overflow vulnerability that allows attackers

CVE-2019-25658 - a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers

CVE-2019-25657 - AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash the

CVE-2019-25656 - R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allow

CVE-2018-25256 - IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allo

CVE-2026-5595 - A security vulnerability has been detected in griptape-ai griptape 0.19.4. Affected by this vulnerab

CVE-2026-5594 - A weakness has been identified in premAI-io premsql up to 0.2.1. Affected is the function eval of th

CVE-2026-5587 - A vulnerability was identified in wbbeyourself MAC-SQL up to 31a9df5e0d520be4769be57a4b9022e5e34a14f

CVE-2026-5586 - A vulnerability was determined in zhongyu09 openchatbi up to 0.2.1. The impacted element is an unkno

CVE-2026-5585 - A vulnerability was found in Tencent AI-Infra-Guard 4.0. The affected element is an unknown function

CVE-2026-5584 - A vulnerability has been found in Fosowl agenticSeek 0.1.0. Impacted is the function PyInterpreter.e

CVE-2026-5583 - A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This af

CVE-2026-5580 - A vulnerability was identified in CodeAstro Online Classroom 1.0. Impacted is an unknown function of

CVE-2026-5579 - A vulnerability was determined in CodeAstro Online Classroom 1.0. This issue affects some unknown pr

CVE-2026-5578 - A vulnerability was found in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code

CVE-2026-5577 - A vulnerability has been found in Song-Li cross_browser up to ca690f0fe6954fd9bcda36d071b68ed8682a78

CVE-2026-5576 - A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is

CVE-2026-5575 - A vulnerability was detected in SourceCodester/jkev Record Management System 1.0. Affected by this v

CVE-2026-5574 - A security vulnerability has been detected in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Affected

CVE-2026-5573 - A weakness has been identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. This impacts an unkn

CVE-2026-5572 - A security flaw has been discovered in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. This affects an

CVE-2026-5571 - A vulnerability was identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The impacted element

CVE-2026-5570 - A vulnerability was determined in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The affected element

CVE-2026-5569 - A vulnerability was found in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Impacted is an unknown fu

CVE-2026-5599 - A user with API access and "manage users" permission in any venueless world is able to trigger dele

CVE-2026-5568 - A vulnerability has been found in Akaunting up to 3.1.21. This issue affects some unknown processing

CVE-2026-5567 - A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData

CVE-2026-5566 - A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects the functio

CVE-2026-5565 - A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by t

CVE-2026-5564 - A weakness has been identified in code-projects Simple Laundry System 1.0. Affected by this vulnerab

CVE-2026-5563 - A security flaw has been discovered in AutohomeCorp frostmourne up to 1.0. Affected is the function

CVE-2026-5562 - A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validate

CVE-2026-5561 - A vulnerability was determined in Campcodes Complete POS Management and Inventory System up to 4.0.6

CVE-2026-5560 - A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is

CVE-2026-5559 - A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected eleme

CVE-2026-5558 - A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is

CVE-2026-5557 - A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown proce

CVE-2026-5556 - A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affe

CVE-2026-5555 - A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects

CVE-2026-5554 - A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected

CVE-2026-5553 - A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnera

CVE-2026-5552 - A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects

CVE-2026-5551 - A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerab

CVE-2026-5550 - A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function from

CVE-2026-5549 - A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some

CVE-2026-5548 - A vulnerability was found in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this vulnerability is t

CVE-2026-5547 - A vulnerability has been found in Tenda AC10 16.03.10.10_multi_TDE01. Affected is the function formA

CVE-2026-5546 - A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the

CVE-2026-5544 - A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted elem

CVE-2026-5543 - A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.

CVE-2026-5542 - A vulnerability was determined in code-projects Simple Laundry System 1.0. Impacted is an unknown fu

CVE-2026-5541 - A vulnerability was found in code-projects Simple Laundry System 1.0. This issue affects some unknow

CVE-2026-5540 - A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affect

CVE-2026-5590 - A race condition during TCP connection teardown can cause tcp_recv() to operate on a connection that

CVE-2026-5539 - A flaw has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of th

CVE-2026-5538 - A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the func

CVE-2026-5537 - A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affected by this vulnerab

CVE-2026-5536 - A weakness has been identified in FedML-AI FedML up to 0.8.9. Affected is the function sendMessage o

CVE-2026-5535 - A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function

CVE-2026-5534 - A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown

CVE-2026-5533 - A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown functi

CVE-2026-5532 - A vulnerability was found in ScrapeGraphAI scrapegraph-ai up to 1.74.0. The affected element is the

CVE-2026-5531 - A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is a

CVE-2026-5530 - A flaw has been found in Ollama up to 18.1. This issue affects some unknown processing of the file s

CVE-2026-5529 - A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the funct

CVE-2026-5528 - A security vulnerability has been detected in MoussaabBadla code-screenshot-mcp up to 0.1.0. This af

CVE-2026-5527 - A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issu

CVE-2026-5526 - A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affecte

CVE-2018-25246 - Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to c

CVE-2016-20054 - Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthor

CVE-2018-25255 - 10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handli

CVE-2018-25254 - NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows

CVE-2018-25253 - Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field t

CVE-2018-25252 - FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash t

CVE-2018-25251 - Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that

CVE-2018-25250 - MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerabil

CVE-2018-25249 - MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authe

CVE-2018-25248 - MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows reg

CVE-2018-25247 - MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers

CVE-2018-25245 - 7 Tik 1.0.1.0 contains a denial of service vulnerability that allows attackers to crash the applicat

CVE-2018-25244 - Eco Search 1.0.2.0 contains a denial of service vulnerability that allows local attackers to crash t

CVE-2018-25243 - FastTube 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the

CVE-2018-25242 - One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash t

CVE-2018-25241 - VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows unauthenticated attacker

CVE-2018-25240 - Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the a

CVE-2018-25239 - Smart VPN 1.1.3.0 contains a denial of service vulnerability that allows local attackers to crash th

CVE-2018-25238 - VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the app

CVE-2016-20061 - sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that all

CVE-2016-20060 - Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary tha

CVE-2016-20059 - IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and Li

CVE-2016-20058 - Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiA

CVE-2016-20057 - NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGReg

CVE-2016-20056 - Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth an

CVE-2016-20055 - IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSyst

CVE-2016-20053 - Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attac

CVE-2016-20052 - Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attacke

CVE-2016-20051 - Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change ad

CVE-2016-20050 - NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows

CVE-2026-3666 - The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to

CVE-2026-3309 - The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict C

CVE-2026-2936 - The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scr

CVE-2026-1233 - The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress is vulnerable to sensitive in

CVE-2026-0626 - The WPFunnels – Easy Funnel Builder To Optimize Buyer Journeys And Get More Leads & Sales plugin for

CVE-2025-14938 - The Listeo Core plugin for WordPress is vulnerable to unauthenticated arbitrary media upload in all

CVE-2026-5425 - The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting

CVE-2026-3445 - The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict C

CVE-2026-2826 - The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to

CVE-2026-2437 - The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerab

CVE-2026-4896 - The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plu

CVE-2026-2600 - The ElementsKit Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Si

CVE-2026-0738 - The WP Shortcodes Plugin - Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Si

CVE-2026-0737 - The WP Shortcodes Plugin - Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Si

CVE-2026-0664 - The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via

CVE-2026-0552 - The Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the p

CVE-2025-15064 - The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Mem

CVE-2025-13368 - The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site

CVE-2026-2949 - The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site

CVE-2026-2924 - The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable

CVE-2026-3571 - The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnera

CVE-2026-35616 - A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an

CVE-2026-34780 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34955 - PraisonAI is a multi-agent teams system. Prior to version 4.5.97, SubprocessSandbox in all modes (BA

CVE-2026-34779 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34778 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34777 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34776 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34775 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34774 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34773 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34772 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34771 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34770 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34769 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34768 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34767 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-34766 - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C

CVE-2026-35468 - nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the A

CVE-2026-34954 - PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in prais

CVE-2026-34953 - PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() retu

CVE-2026-34952 - PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accep

CVE-2026-34939 - PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compil

CVE-2026-34938 - PraisonAI is a multi-agent teams system. Prior to version 1.5.90, execute_code() in praisonai-agents

CVE-2026-34937 - PraisonAI is a multi-agent teams system. Prior to version 1.5.90, run_python() in praisonai construc

CVE-2026-34936 - PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough() and apassthrough() i

CVE-2026-34935 - PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI

CVE-2026-34934 - PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the get_all_user_threads function

CVE-2026-34933 - Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protoco

CVE-2026-34824 - Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3

CVE-2026-34788 - Emlog is an open source website building system. In versions 2.6.2 and prior, a SQL injection vulner

CVE-2026-34787 - Emlog is an open source website building system. In versions 2.6.2 and prior, a Local File Inclusion

CVE-2026-34612 - Kestra is an open-source, event-driven orchestration platform. Prior to version 1.3.7, Kestra (defau

CVE-2026-34607 - Emlog is an open source website building system. In versions 2.6.2 and prior, a path traversal vulne

CVE-2026-34229 - Emlog is an open source website building system. Prior to version 2.6.8, there is a stored cross-sit

CVE-2026-34228 - Emlog is an open source website building system. Prior to version 2.6.8, the backend upgrade interfa

CVE-2026-34061 - nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the A

CVE-2026-34052 - LTI JupyterHub Authenticator is a JupyterHub authenticator for LTI. Prior to version 1.6.3, the LTI

CVE-2026-33184 - nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the A

CVE-2021-4477 - Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec

CVE-2018-25236 - Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE cont

CVE-2017-20238 - Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an

CVE-2017-20236 - ProSoft Technology ICX35-HWC versions 1.3 and prior cellular gateways contain an input validation vu

CVE-2017-20235 - ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypas

CVE-2017-20234 - GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that al

CVE-2017-20233 - Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability

CVE-2026-34990 - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.

CVE-2026-34980 - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.

CVE-2026-34979 - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.

CVE-2026-34978 - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.

CVE-2026-34947 - Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2

CVE-2026-33709 - JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to

CVE-2026-33175 - OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with Jupy

CVE-2026-28797 - RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions 0.24.0 and prior,

CVE-2026-27885 - Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injec

CVE-2026-27834 - Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injec

CVE-2026-27833 - Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the pwg.his

CVE-2026-27634 - Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the four da

CVE-2026-27481 - Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2

CVE-2026-27456 - util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Che

CVE-2026-27447 - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.

CVE-2018-25237 - Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the

CVE-2016-15058 - Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and

CVE-2015-10148 - Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are sh

CVE-2026-5485 - OS command injection in the browser-based authentication component in Amazon Athena ODBC driver befo

CVE-2026-35562 - Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before

CVE-2026-35561 - Insufficient authentication security controls in the browser-based authentication components in Amaz

CVE-2026-35560 - Improper certificate validation in the identity provider connection components in Amazon Athena ODBC

CVE-2026-35559 - Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 m

CVE-2026-35558 - Improper neutralization of special elements in the authentication components in Amazon Athena ODBC d

CVE-2026-34511 - OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth f

CVE-2026-32662 - Development and test API endpoints are present that mirror production functionality.

CVE-2026-32646 - A specific administrative endpoint is accessible without proper authentication, exposing device mana

CVE-2026-28767 - A specific administrative endpoint notifications is accessible without proper authentication.

CVE-2026-28766 - A specific endpoint exposes all user account information for registered Gardyn users without requiri

CVE-2026-26058 - Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, ./manage

CVE-2026-25742 - Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team

CVE-2026-25197 - A specific endpoint allows authenticated users to pivot to other user profiles by modifying the id n

CVE-2026-22665 - prompts.chat prior to commit 1464475, contains an identity confusion vulnerability due to inconsiste

CVE-2026-22664 - prompts.chat prior to commit 30a8f04 contains a server-side request forgery vulnerability in the Fal

CVE-2026-22663 - prompts.chat prior to commit 7b81836 contains multiple authorization bypass vulnerabilities due to m

CVE-2026-22662 - prompts.chat prior to commit 1464475 contains a blind server-side request forgery vulnerability in t

CVE-2026-22661 - prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling

CVE-2025-10681 - Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not ad

CVE-2022-4987 - Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability

CVE-2020-37216 - Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerabi

CVE-2017-20237 - Hirschmann Industrial HiVision versions prior to 06.0.07 and 07.0.03 contains an authentication bypa