CVE-2026-5837 - A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the

CVE-2026-5836 - A vulnerability has been found in code-projects Online Shoe Store 1.0. Affected by this issue is som

CVE-2026-5835 - A flaw has been found in code-projects Online Shoe Store 1.0. Affected by this vulnerability is an u

CVE-2026-5834 - A vulnerability was detected in code-projects Online Shoe Store 1.0. Affected is an unknown function

CVE-2026-5833 - A security vulnerability has been detected in awwaiid mcp-server-taskwarrior up to 1.0.1. This impac

CVE-2026-5357 - The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sid'

CVE-2026-4429 - The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'm

CVE-2026-4124 - The Ziggeo plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and in

CVE-2026-3574 - The Experto Dashboard for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Script

CVE-2026-3568 - The MStore API plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versio

CVE-2026-5832 - A weakness has been identified in atototo api-lab-mcp up to 0.2.1. This affects the function analyze

CVE-2026-5831 - A security flaw has been discovered in Agions taskflow-ai up to 2.1.8. This impacts an unknown funct

CVE-2026-5830 - A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of th

CVE-2026-5829 - A vulnerability was determined in code-projects Simple IT Discussion Forum 1.0. The impacted element

CVE-2026-5828 - A vulnerability was found in code-projects Simple IT Discussion Forum 1.0. The affected element is a

CVE-2026-4326 - The Vertex Addons for Elementor plugin for WordPress is vulnerable to Missing Authorization in all v

CVE-2026-5827 - A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Impacted is an unkno

CVE-2026-5826 - A flaw has been found in code-projects Simple IT Discussion Forum 1.0. This issue affects some unkno

CVE-2026-5825 - A vulnerability was detected in code-projects Simple Laundry System 1.0. This vulnerability affects

CVE-2026-5824 - A security vulnerability has been detected in code-projects Simple Laundry System 1.0. This affects

CVE-2026-5823 - A weakness has been identified in itsourcecode Construction Management System 1.0. Affected by this

CVE-2026-5815 - A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function hedwigcgi_ma

CVE-2026-5814 - A security vulnerability has been detected in PHPGurukul Online Course Registration 3.1. This issue

CVE-2026-5813 - A weakness has been identified in PHPGurukul Online Course Registration 3.1. This vulnerability affe

CVE-2026-5812 - A security flaw has been discovered in SourceCodester Pharmacy Product Management System 1.0. This a

CVE-2026-5811 - A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this i

CVE-2026-5173 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.

CVE-2026-4916 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9

CVE-2026-4398 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2026-4332 - GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 bef

CVE-2026-3438 - A reflected cross-site scripting vulnerability exists in Sonatype Nexus Repository versions 3.0.0 th

CVE-2026-3199 - A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 throug

CVE-2026-2619 - GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.8.9, 18.9 bef

CVE-2026-2104 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9

CVE-2026-1752 - GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 bef

CVE-2026-1516 - GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 b

CVE-2026-1101 - GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 bef

CVE-2026-1092 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9

CVE-2025-9484 - GitLab has remediated an issue in GitLab EE affecting all versions from 16.6 before 18.8.9, 18.9 bef

CVE-2025-12664 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9

CVE-2026-5919 - Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 all

CVE-2026-5918 - Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote

CVE-2026-5915 - Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed

CVE-2026-5914 - Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a us

CVE-2026-5913 - Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to per

CVE-2026-5912 - Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perf

CVE-2026-5911 - Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to

CVE-2026-5910 - Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to poten

CVE-2026-5909 - Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to poten

CVE-2026-5908 - Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to poten

CVE-2026-5907 - Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attac

CVE-2026-5906 - Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote

CVE-2026-5905 - Incorrect security UI in Permissions in Google Chrome on Windows prior to 147.0.7727.55 allowed a re

CVE-2026-5904 - Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a use

CVE-2026-5903 - Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who

CVE-2026-5902 - Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had c

CVE-2026-5901 - Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attac

CVE-2026-5900 - Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypa

CVE-2026-5899 - Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowe

CVE-2026-5898 - Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote att

CVE-2026-5897 - Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker

CVE-2026-5896 - Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinc

CVE-2026-5895 - Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote att

CVE-2026-5894 - Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacke

CVE-2026-5893 - Race in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit

CVE-2026-5892 - Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote att

CVE-2026-5891 - Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remo

CVE-2026-5890 - Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potent

CVE-2026-5889 - Cryptographic Flaw in PDFium in Google Chrome prior to 147.0.7727.55 allowed an attacker to read pot

CVE-2026-5888 - Uninitialized Use in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to

CVE-2026-5887 - Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7

CVE-2026-5886 - Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attac

CVE-2026-5885 - Insufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.

CVE-2026-5884 - Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed

CVE-2026-5883 - Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute

CVE-2026-5882 - Incorrect security UI in Fullscreen in Google Chrome prior to 147.0.7727.55 allowed a remote attacke

CVE-2026-5881 - Policy bypass in LocalNetworkAccess in Google Chrome prior to 147.0.7727.55 allowed a remote attacke

CVE-2026-5880 - Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remo

CVE-2026-5879 - Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 a

CVE-2026-5878 - Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to

CVE-2026-5877 - Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to ex

CVE-2026-5876 - Side-channel information leakage in Navigation in Google Chrome prior to 147.0.7727.55 allowed a rem

CVE-2026-5875 - Policy bypass in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform

CVE-2026-5874 - Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who co

CVE-2026-5873 - Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker

CVE-2026-5872 - Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute

CVE-2026-5871 - Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute ar

CVE-2026-5870 - Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execut

CVE-2026-5869 - Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to o

CVE-2026-5868 - Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attack

CVE-2026-5867 - Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to o

CVE-2026-5866 - Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute

CVE-2026-5865 - Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute ar

CVE-2026-5864 - Heap buffer overflow in WebAudio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker t

CVE-2026-5863 - Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker

CVE-2026-5862 - Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker

CVE-2026-5861 - Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute ar

CVE-2026-5860 - Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execut

CVE-2026-5859 - Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to poten

CVE-2026-5858 - Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to e

CVE-2026-5810 - A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown funct

CVE-2026-5808 - A vulnerability was detected in openstatusHQ openstatus up to 1b678e71a85961ae319cbb214a8eae63405933

CVE-2026-5806 - A security vulnerability has been detected in code-projects Easy Blog Site 1.0. This affects an unkn

CVE-2026-5711 - The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 's

CVE-2026-40037 - OpenClaw before 2026.3.31 (patched in 2026.4.8) contains a request body replay vulnerability in fetc

CVE-2026-40036 - Unfurl before 2026.04 contains an unbounded zlib decompression vulnerability in parse_compressed.py

CVE-2026-40035 - Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that en

CVE-2026-40032 - UAC (Unix-like Artifacts Collector) before 3.3.0-rc1 contains a command injection vulnerability in t

CVE-2026-40031 - MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-l

CVE-2026-40030 - parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path ar

CVE-2026-40029 - parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file p

CVE-2026-40028 - Hayabusa versions prior to 3.8.0 contain a cross-site scripting (XSS) vulnerability in its HTML repo

CVE-2026-40027 - ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerabili

CVE-2026-40026 - The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem

CVE-2026-40025 - The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem ke

CVE-2026-40024 - The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an

CVE-2026-39901 - monetr is a budgeting application focused on planning for recurring expenses. Prior to 1.12.3, a tra

CVE-2026-5805 - A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an

CVE-2026-5803 - A security flaw has been discovered in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f38934

CVE-2026-5451 - The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via

CVE-2026-5436 - The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to

CVE-2026-39892 - cryptography is a package designed to expose cryptographic primitives and recipes to Python develope

CVE-2026-39891 - PraisonAI is a multi-agent teams system. Prior to 4.5.115, the create_agent_centric_tools() function

CVE-2026-39890 - PraisonAI is a multi-agent teams system. Prior to 4.5.115, the AgentService.loadAgentFromFile method

CVE-2026-39889 - PraisonAI is a multi-agent teams system. Prior to 4.5.115, the A2U (Agent-to-User) event stream serv

CVE-2026-39888 - PraisonAI is a multi-agent teams system. Prior to 1.5.115, execute_code() in praisonaiagents.tools.p

CVE-2026-39885 - FrontMCP is a TypeScript-first framework for the Model Context Protocol (MCP). Prior to 2.3.0, the m

CVE-2026-39883 - OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2

CVE-2026-39882 - OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to 1.43.0, the otlp HTTP exporters

CVE-2026-39881 - Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerabilit

CVE-2026-39860 - Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allow

CVE-2026-39844 - NiceGUI is a Python-based UI framework. Prior to 3.10.0, Since PurePosixPath only recognizes forward

CVE-2026-39429 - kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and containe

CVE-2026-39416 - AIL framework is an open-source platform to collect, crawl, process and analyse unstructured data. P

CVE-2026-39415 - Frappe Learning Management System (LMS) is a learning system that helps users structure their conten

CVE-2026-39414 - MinIO is a high-performance object storage system. From RELEASE.2018-08-18T03-49-57Z to before RELEA

CVE-2026-5802 - A vulnerability was identified in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of

CVE-2026-39880 - Remnawave Backend is the backend for the Remnawave proxy and user management solution. Prior to 2.7.

CVE-2026-39864 - Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an ou

CVE-2026-39863 - Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.

CVE-2026-39862 - Tophat is a mobile applications testing harness. Prior to 2.5.1, Tophat is affected by remote code e

CVE-2026-39859 - LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3

CVE-2026-39413 - LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.4.14, the LightRAG API

CVE-2026-39412 - LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.4

CVE-2026-39411 - LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow

CVE-2026-39362 - InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, when INVENTREE_DO

CVE-2026-35525 - LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3

CVE-2026-35479 - InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, any users who hav

CVE-2026-35478 - InvenTree is an Open Source Inventory Management System. From 0.16.0 to before 1.2.7, any authentica

CVE-2026-35477 - InvenTree is an Open Source Inventory Management System. From 1.2.3 to 1.2.6, the fix for CVE-2026-2

CVE-2026-35476 - InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, a non-staff authe

CVE-2026-23869 - A denial of service vulnerability exists in React Server Components, affecting the following package

CVE-2026-39851 - Saleor is an e-commerce platform. From 2.10.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, th

CVE-2026-35455 - immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStore

CVE-2026-35446 - LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provid

CVE-2026-35407 - Saleor is an e-commerce platform. From 2.10.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, a

CVE-2026-35403 - LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provid

CVE-2026-35401 - Saleor is an e-commerce platform. From 2.0.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, a m

CVE-2026-35400 - LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provid

CVE-2026-35169 - LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provid

CVE-2026-35165 - LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provid

CVE-2026-34985 - LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provid

CVE-2026-34837 - Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, he REST endpoint

CVE-2026-34782 - Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the RE

CVE-2026-34724 - Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side te

CVE-2026-34723 - Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauth

CVE-2026-34722 - Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the us

CVE-2026-34721 - Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the OA

CVE-2026-34720 - Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the SS

CVE-2026-34719 - Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the we

CVE-2026-34718 - Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the HT

CVE-2026-34392 - LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provid

CVE-2026-34248 - Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, customers in sha

CVE-2026-34166 - LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3

CVE-2026-33350 - LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provid

CVE-2026-30818 - An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an au

CVE-2026-30817 - An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an

CVE-2026-30816 - An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows

CVE-2026-30815 - An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an au

CVE-2026-30814 - A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenti

CVE-2026-2942 - The ProSolution WP Client plugin for WordPress is vulnerable to arbitrary file uploads due to missin

CVE-2026-27806 - Fleet is open source device management software. Prior to 4.81.1, the Orbit agent's FileVault disk e

CVE-2026-20709 - Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Processor Silver Serie

CVE-2026-0814 - The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due

CVE-2026-0811 - The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Cross-Site Request Forgery in a

CVE-2025-50673 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the

CVE-2025-50672 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of para

CVE-2025-50671 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of para

CVE-2025-50670 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of para

CVE-2025-50669 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to i

CVE-2025-50668 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the

CVE-2025-50667 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the

CVE-2025-50666 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of mult

CVE-2025-50665 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of inpu

CVE-2025-50664 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of para

CVE-2025-50663 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the

CVE-2025-50662 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the

CVE-2025-50661 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of mult

CVE-2025-50660 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the

CVE-2025-50659 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the

CVE-2025-50657 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the

CVE-2025-50655 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the

CVE-2025-50654 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of th

CVE-2025-50653 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the

CVE-2025-50652 - An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /savep

CVE-2025-50650 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of

CVE-2025-50649 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper input validation

CVE-2025-50648 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate input validati

CVE-2025-50647 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1, specifically in the handling of

CVE-2025-50646 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to insufficient input valida

CVE-2025-50645 - A vulnerability has been discovered in D-Link DI-8003 16.07.26A1, which can lead to a buffer overflo

CVE-2025-50644 - A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of us

CVE-2025-30650 - A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networ

CVE-2026-33756 - Saleor is an e-commerce platform. From 2.0.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, Sal

CVE-2026-33466 - Improper Limitation of a Pathname to a Restricted Directory (CWE-22) in Logstash can lead to arbitra

CVE-2026-33459 - Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to denial of service via Excessive Al

CVE-2026-33458 - Server-Side Request Forgery (CWE-918) in Kibana One Workflow can lead to information disclosure. An

CVE-2026-32591 - A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administr

CVE-2026-32590 - A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload p

CVE-2026-32589 - A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push a

CVE-2025-52222 - D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200

CVE-2025-52221 - Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the func

CVE-2025-45059 - D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fn parameter in the t

CVE-2025-45058 - D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fx parameter in the j

CVE-2025-45057 - D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the i

CVE-2026-4837 - An eval() injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions cou

CVE-2026-4498 - Execution with Unnecessary Privileges (CWE-250) in Kibana’s Fleet plugin debug route handlers can le

CVE-2026-33461 - Incorrect Authorization (CWE-863) in Kibana can lead to information disclosure via Privilege Abuse (

CVE-2026-33460 - Incorrect Authorization (CWE-863) in Kibana can lead to cross-space information disclosure via Privi

CVE-2026-31017 - A Server-Side Request Forgery (SSRF) vulnerability exists in the Print Format functionality of ERPNe

CVE-2026-30080 - OpenAirInterface v2.2.0 accepts Security Mode Complete without any integrity protection. Configurati

CVE-2026-30075 - OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport

CVE-2026-2377 - A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by provi

CVE-2025-57175 - Siklu EtherHaul 8010 siklu-uimage-nxp-enc-10_6_2-18707-ea552dc00b devices have a static root passwor

CVE-2025-14243 - A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, rem

CVE-2023-46945 - QD 20230821 is vulnerable to Server-side request forgery (SSRF) via a crafted request

CVE-2026-33753 - rfc3161-client is a Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161.

CVE-2026-33229 - XWiki Platform is a generic wiki platform offering runtime services for applications built on top of

CVE-2026-31040 - A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-s

CVE-2026-39865 - Axios is a promise based HTTP client for the browser and Node.js. Starting in version 1.13.0 and pri

CVE-2026-39410 - Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.

CVE-2026-39409 - Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.

CVE-2026-39408 - Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.

CVE-2026-39407 - Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.

CVE-2026-39406 - @hono/node-server allows running the Hono application on Node.js. Prior to 1.19.13, a path handling

CVE-2026-39394 - CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture w

CVE-2026-39393 - CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture w

CVE-2026-39392 - CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture w

CVE-2026-39391 - CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture w

CVE-2026-39390 - CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture w