CVEs from 2026
Total
14,786
critical
critical 1,335
high
high 5,004
medium
medium 4,828
low
low 503
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42275 | high | 8.7 | 8.7 | 1mo ago | zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write | |||
| CVE-2026-6973 | high | 7.2 | 8.7 | 1mo ago | Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution. | |||
| CVE-2026-41505 | high | 8.7 | 8.7 | 1mo ago | RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make_sign_in_key() function and exam.py's gen_ticket_code() functi… | |||
| CVE-2026-36355 | high | 7.7 | 8.7 | 1mo ago | The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4.14B) does not perform any access control checks on the write_mem (ioctl 0x89F5) and read_mem (ioct… | |||
| CVE-2026-35228 | high | 8.7 | 8.7 | 1mo ago | Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects (component: helper tool). The supported versions that is affected is 1.0.1-1.0.156. Easily exploitable vulner… | |||
| CVE-2026-33317 | high | 8.7 | 8.7 | 1mo ago | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In versions 3.13.0 through 4.10.0, mi… | |||
| CVE-2026-35569 | high | 8.7 | 8.7 | 2mo ago | Stored XSS in SEO Fields Leads to Authenticated API Data Exposure in ApostropheCMS | |||
| CVE-2026-27928 | high | 8.7 | 8.7 | 2mo ago | Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network. | |||
| CVE-2026-30587 | high | 8.7 | 8.7 | 2mo ago | Seafile Server has multiple stored XSS vulnerabilities | |||
| CVE-2026-11158 | high | 8.6 | 8.6 | 2d ago | Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox escape via a crafted AppleScript comma… | |||
| CVE-2026-49202 | high | 8.6 | 8.6 | 3d ago | Internal multimedia session archives are accessible without authentication, exacerbated by loose Cross-Origin Resource Sharing (CORS) rules that allow cross-site theft. | |||
| CVE-2026-46273 | high | 8.6 | 8.6 | 3d ago | In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when … | |||
| CVE-2026-20230 | high | 8.6 | 8.6 | 3d ago | A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attack… | |||
| CVE-2026-37232 | high | 8.6 | 8.6 | 5d ago | An issue was discovered in OpenAirInterface5G 2.4.0 (nr-softmodem) in the E2SM-KPM RAN Function's PRB utilization metric calculation. The functions fill_RRU_PrbTotDl() and fill_RRU_PrbTotUl() in open… | |||
| CVE-2026-49127 | high | 8.6 | 8.6 | 9d ago | Music Player Daemon (MPD) before version 0.24.11 contains a stack buffer overflow vulnerability in the pcm_unpack_24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt st… | |||
| CVE-2026-44466 | high | 8.6 | 8.6 | 9d ago | Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash arithmetic expansion $((...)), allowing execution of arbitrary commands nested inside an allowli… | |||
| CVE-2026-44465 | high | 8.6 | 8.6 | 9d ago | Zed is a code editor. Prior to 0.227.1, Zed IDE executes arbitrary commands when opening a folder with a malicious .git/config file that abuses the core.fsmonitor Git configuration option. This allow… | |||
| CVE-2026-44461 | high | 8.6 | 8.6 | 9d ago | Zed is a code editor. Prior to 0.227.1, Zed builds SSH/WSL remote commands as a shell command string that starts with exec env ..., but environment variable keys are inserted without shell quoting or… | |||
| CVE-2026-7862 | high | 8.6 | 8.6 | 10d ago | The Eupago Gateway For Woocommerce WordPress plugin before 4.7.2 does not properly restrict access to its refund request handler, allowing unauthenticated attackers to initiate refunds against any Wo… | |||
| CVE-2026-42737 | high | 8.6 | 8.6 | 10d ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Path Traversal.This issue affects VikB… | |||
| CVE-2026-8958 | high | 8.6 | 8.6 | 11d ago | Important: thunderbird security update | |||
| CVE-2026-45298 | high | 8.6 | 8.6 | 11d ago | Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is re… | |||
| CVE-2026-44680 | high | 7.6 | 8.6 | 11d ago | MikroORM has SQL injection via runtime-controlled identifiers and JSON-path keys | |||
| CVE-2026-5843 | high | 8.6 | 8.6 | 15d ago | The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the model_file configur… | |||
| CVE-2026-5817 | high | 8.6 | 8.6 | 15d ago | The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trust_remote_code=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoT… | |||
| CVE-2026-42000 | high | 8.6 | 8.6 | 16d ago | Insufficient Validation of Names During AXFR | |||
| CVE-2026-39310 | high | 8.6 | 8.6 | 17d ago | Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Clipper API in Trilium Desktop (v0.101.3… | |||
| CVE-2026-47358 | high | 8.6 | 8.6 | 18d ago | Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM … | |||
| CVE-2026-47357 | high | 8.6 | 8.6 | 18d ago | Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the remote_url parameter in the remote directory scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/remote/dir/sca… | |||
| CVE-2026-47356 | high | 8.6 | 8.6 | 18d ago | Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the webhook_url parameter in the file scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/local/file/scan) when run… | |||
| CVE-2026-6379 | high | 8.6 | 8.6 | 20d ago | The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection at… | |||
| CVE-2026-2652 | high | 8.6 | 8.6 | 23d ago | MLflow: unauthenticated access to certain FastAPI routes | |||
| CVE-2026-20224 | high | 8.6 | 8.6 | 23d ago | A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system.… | |||
| CVE-2026-42595 | high | 8.6 | 8.6 | 23d ago | Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass | |||
| CVE-2026-42281 | high | 8.6 | 8.6 | 23d ago | MagicMirror vulnerable to unauthenticated SSRF via /cors endpoint | |||
| CVE-2026-29205 | high | 8.6 | 8.6 | 24d ago | Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints. | |||
| CVE-2026-44578 | high | 8.6 | 8.6 | 24d ago | Next.js vulnerable to server-side request forgery in applications using WebSocket upgrades | |||
| CVE-2026-44001 | high | 8.6 | 8.6 | 24d ago | vm2 has a Sandbox Escape via Promise Constructor Unhandled Rejection (Process Crash DoS) | |||
| CVE-2026-44697 | high | 8.6 | 8.6 | 25d ago | Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress (data/batch/batch.go) allows any p… | |||
| CVE-2026-33362 | high | 8.6 | 8.6 | 26d ago | In Meari IoT SDK builds embedded in CloudEdge 5.5.0 (build 220), Arenti 1.8.1 (build 220), and white-label Android apps <= 1.8.x (latest observed), multiple security-critical secrets are hardcoded an… | |||
| CVE-2026-41705 | high | 8.6 | 8.6 | 29d ago | Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs | |||
| CVE-2026-42352 | high | 8.6 | 8.6 | 29d ago | pygeoapi 0.23.x: Unauthenticated SSRF via OGC API - Processes Subscriber | |||
| CVE-2026-29201 | high | 8.6 | 8.6 | 29d ago | Insufficient input validation of the feature file name in `feature::LOADFEATUREFILE` adminbin call can cause arbitrary file read when a relative file path is passed. | |||
| CVE-2026-41690 | high | 8.6 | 8.6 | 29d ago | i18next-http-middleware: Prototype pollution and path traversal via user-controlled language and namespace parameters | |||
| CVE-2026-41683 | high | 8.6 | 8.6 | 29d ago | i18next-http-middleware: HTTP response splitting and DoS via unsanitised Content-Language header | |||
| CVE-2026-44339 | high | 8.6 | 8.6 | 29d ago | PraisonAI has unsafe tool resolution in `ToolExecutionMixin.execute_tool`: undeclared `__main__` callables execute | |||
| CVE-2026-4935 | high | 8.6 | 8.6 | 1mo ago | The OttoKit: All-in-One Automation Platform WordPress plugin before 1.1.23 does not properly sanitize user input before using it in a SQL statement, which could allow unauthenticated attackers to per… | |||
| CVE-2026-35435 | high | 8.6 | 8.6 | 1mo ago | Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network. | |||
| CVE-2026-42047 | high | 8.6 | 8.6 | 1mo ago | Inngest TypeScript SDK exposes environment variables via serve() handler on unhandled HTTP methods | |||
| CVE-2026-44116 | high | 8.6 | 8.6 | 1mo ago | OpenClaw validates Zalo outbound photo URLs through the SSRF guard | |||
| CVE-2026-43139 | high | 8.6 | 8.6 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6_get_saddr() xfrm6_get_saddr() does not check the return value of ipv6_dev_get_saddr(). Wh… | |||
| CVE-2026-7412 | high | 8.6 | 8.6 | 1mo ago | Eclipse BaSyx Java Server SDK vulnerable to Server-Side Request Forgery | |||
| CVE-2026-43533 | high | 8.6 | 8.6 | 1mo ago | OpenClaw: QQBot media tags could read arbitrary local files through reply text | |||
| CVE-2026-42079 | high | 8.6 | 8.6 | 1mo ago | PPTAgent: Arbitrary Code Execution via Python eval() of LLM-Generated Code with Builtins in Scope | |||
| CVE-2026-42469 | high | 8.6 | 8.6 | 1mo ago | Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_canswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to… | |||
| CVE-2026-24222 | high | 8.6 | 8.6 | 1mo ago | NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that cause… | |||
| CVE-2026-40967 | high | 8.6 | 8.6 | 1mo ago | Spring AI has a VectorStore FilterExpression Converter injection | |||
| CVE-2026-31611 | high | 8.6 | 8.6 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ksmbd: require 3 sub-authorities before reading sub_auth[2] parse_dacl() compares each ACE SID against sid_unix_NFS_mode and on m… | |||
| CVE-2026-5367 | high | 8.6 | 8.6 | 1mo ago | A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT packets with an inflated Client ID length, could ca… | |||
| CVE-2026-26150 | high | 8.6 | 8.6 | 1mo ago | Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network. | |||
| CVE-2026-33805 | high | 8.6 | 8.6 | 2mo ago | @fastify/reply-from v12.6.1 and earlier and @fastify/http-proxy v11.4.3 and earlier process the client's Connection header after the proxy has added its own headers via rewriteRequestHeaders. This al… | |||
| CVE-2026-4931 | high | 8.6 | 8.6 | 2mo ago | Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost. | |||
| CVE-2026-5577 | high | 8.6 | 8.6 | 2mo ago | A vulnerability has been found in Song-Li cross_browser up to ca690f0fe6954fd9bcda36d071b68ed8682a786a. This affects an unknown part of the file flask/uniquemachine_app.py of the component details En… | |||
| CVE-2026-23457 | high | 8.6 | 8.6 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() sip_help_tcp() parses the SIP Content-Length hea… | |||
| CVE-2026-32173 | high | 8.6 | 8.6 | 2mo ago | Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2026-22742 | high | 8.6 | 8.6 | 2mo ago | Spring AI: Insufficient Validation causes SSRF when processing multimodal messages with user-supplied URLs | |||
| CVE-2026-32857 | high | 8.6 | 8.6 | 2mo ago | Firecrawl version 2.8.0 and prior contain a server-side request forgery (SSRF) protection bypass vulnerability in the Playwright scraping service where network policy validation is applied only to th… | |||
| CVE-2026-27764 | high | 8.6 | 8.6 | 3mo ago | The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predi… | |||
| CVE-2026-20748 | high | 8.6 | 8.6 | 3mo ago | The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predi… | |||
| CVE-2026-24912 | high | 8.6 | 8.6 | 3mo ago | The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predi… | |||
| CVE-2026-20082 | high | 8.6 | 8.6 | 3mo ago | A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause incomin… | |||
| CVE-2026-49120 | high | 8.5 | 8.5 | 4d ago | Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHI… | |||
| CVE-2026-9330 | high | 8.5 | 8.5 | 5d ago | IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component. This could result in remo… | |||
| CVE-2026-35563 | high | 8.5 | 8.5 | 6d ago | It was identified that the LDAP client implementation in version 2.1.7 does not verify if the server certificate matches the intended LDAP hostname. While the underlying code validates the certifica… | |||
| CVE-2026-49489 | high | 8.5 | 8.5 | 6d ago | OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can in… | |||
| CVE-2026-47201 | high | 8.5 | 8.5 | 8d ago | authentik's XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user | |||
| CVE-2026-46820 | high | 8.5 | 8.5 | 9d ago | Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable v… | |||
| CVE-2026-48153 | high | 8.5 | 8.5 | 10d ago | Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check th… | |||
| CVE-2026-49046 | high | 8.5 | 8.5 | 10d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Pa… | |||
| CVE-2026-42730 | high | 8.5 | 8.5 | 10d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Blind SQL Injection.Th… | |||
| CVE-2026-44706 | high | 8.5 | 8.5 | 11d ago | Chatwoot is a customer engagement suite. From 2.2.0 to before 4.11.2, a SQL injection vulnerability exists in the conversation and contact filter APIs. When filtering by a custom attribute of type da… | |||
| CVE-2026-48837 | high | 8.5 | 8.5 | 12d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elemen… | |||
| CVE-2026-3515 | high | 8.5 | 8.5 | 14d ago | A vulnerability in the `GitHubRepository` block of the `prefect-github` integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the `reference` field… | |||
| CVE-2026-46372 | high | 8.5 | 8.5 | 18d ago | SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0,… | |||
| CVE-2026-45401 | high | 8.5 | 8.5 | 22d ago | Open WebUI has a SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints (not addressed by CVE-2025-65958) | |||
| CVE-2026-45400 | high | 8.5 | 8.5 | 22d ago | Open WebUI has a Server-Side Request Forgery (SSRF) bypass in `validate_url` | |||
| CVE-2026-45331 | high | 8.5 | 8.5 | 23d ago | Open WebUI has a full SSRF Vulnerability in the RAG Web Search Feature | |||
| CVE-2026-44850 | high | 8.5 | 8.5 | 23d ago | Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before … | |||
| CVE-2026-43998 | high | 8.5 | 8.5 | 24d ago | vm2 has a NodeVM require.root bypass via symlink traversal that allows sandbox escape | |||
| CVE-2026-44797 | high | 8.5 | 8.5 | 24d ago | Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, Nautobot's Webhook data model and associated feature set could be configured by users with sufficient… | |||
| CVE-2026-43989 | high | 8.5 | 8.5 | 25d ago | JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the upload_wasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved t… | |||
| CVE-2026-45214 | high | 8.5 | 8.5 | 25d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xp… | |||
| CVE-2026-45211 | high | 8.5 | 8.5 | 25d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affe… | |||
| CVE-2026-42742 | high | 8.5 | 8.5 | 25d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This issue affects Views… | |||
| CVE-2026-42741 | high | 8.5 | 8.5 | 25d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Ninja Forms Views – Display & Edit Ninja Forms Submissions on your site frontend v… | |||
| CVE-2026-42449 | high | 8.5 | 8.5 | 1mo ago | n8n-mcp's IPv4-mapped IPv6 addresses bypass SSRF protection in validateUrlSync(), enabling full SSRF for SDK embedders | |||
| CVE-2026-34474 | high | 7.5 | 8.5 | 1mo ago | Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. I… | |||
| CVE-2026-34473 | high | 7.5 | 8.5 | 1mo ago | Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H208N, H367N, H181A, and H196Q. A denial-of-service condition can be triggered a… | |||
| CVE-2026-42860 | high | 8.5 | 8.5 | 1mo ago | edx-enterprise has SSRF via SAML metadata URL in sync_provider_data endpoint | |||
| CVE-2026-42439 | high | 8.5 | 8.5 | 1mo ago | OpenClaw: Browser tabs action select and close routes bypassed SSRF policy |