CVEs from 2026
Total
14,443
critical
critical 1,273
high
high 4,904
medium
medium 4,598
low
low 500
% Critical
8.8%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 522
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44580 | medium | 6.1 | 6.1 | 23d ago | Next.js has cross-site scripting in beforeInteractive scripts with untrusted input | |||
| CVE-2026-45028 | medium | 6.1 | 6.1 | 23d ago | Astro: Server island encrypted parameters vulnerable to cross-component replay | |||
| CVE-2026-44665 | medium | 6.1 | 6.1 | 23d ago | fast-xml-builder allows attribute values with unwanted quotes to bypass malicious or unwanted attributes | |||
| CVE-2026-44664 | medium | 6.1 | 6.1 | 23d ago | fast-xml-builder Comment Value regex can be bypassed | |||
| CVE-2026-44455 | medium | 6.1 | 6.1 | 23d ago | hono/jsx has Unvalidated JSX Tag Names that May Allow HTML Injection | |||
| CVE-2026-44245 | medium | 6.1 | 6.1 | 24d ago | Kyverno policy-reporter-ui has XSS via Stored Property Values in PropertyCard Component | |||
| CVE-2026-42338 | medium | 6.1 | 6.1 | 24d ago | ip-address has XSS in Address6 HTML-emitting methods | |||
| CVE-2026-20771 | medium | 6.1 | 6.1 | 24d ago | Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an… | |||
| CVE-2026-33862 | medium | 6.1 | 6.1 | 24d ago | A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All … | |||
| CVE-2026-7561 | medium | 6.1 | 6.1 | 24d ago | The Tm – WordPress Redirection plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on a fu… | |||
| CVE-2026-7464 | medium | 6.1 | 6.1 | 24d ago | The WP Google Maps Integration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `page` parameter in all versions up to, and including, 1.2. This is due to insufficient inp… | |||
| CVE-2026-7437 | medium | 6.1 | 6.1 | 24d ago | The AzonPost plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `editpos_hidden` parameter in all versions up to, and including, 1.3. This is due to insufficient input sanit… | |||
| CVE-2026-6808 | medium | 6.1 | 6.1 | 24d ago | The Pricing Tables for WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.1.0. This is due to insufficient input … | |||
| CVE-2026-1681 | medium | 6.1 | 6.1 | 24d ago | Issuing an ICMP ping via the `net ping` shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the d… | |||
| CVE-2026-40137 | medium | 6.1 | 6.1 | 24d ago | SAP TAF_APPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially e… | |||
| CVE-2026-27682 | medium | 6.1 | 6.1 | 24d ago | Due to a reflected cross-site scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Business Server Pages), an unauthenticated attacker could craft a URL that … | |||
| CVE-2026-42554 | medium | 6.1 | 6.1 | 25d ago | Fiber vulnerable to XSS in AutoFormat Content Negotiation | |||
| CVE-2026-42872 | medium | 6.1 | 6.1 | 25d ago | WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a reflected Cross-Site Scripting (XSS) vulnerability exists in lista_arquivos_etapa.php due to improper handling of use… | |||
| CVE-2026-45222 | medium | 6.1 | 6.1 | 25d ago | @steipete/summarize allows local attackers to read bearer tokens and API credentials stored in ~/.summarize/daemon.json | |||
| CVE-2026-34095 | medium | 6.1 | 6.1 | 25d ago | Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/ActionEntryPoint.Php, includes/Request/FauxResponse.Php. This issue affects … | |||
| CVE-2026-36906 | medium | 6.1 | 6.1 | 25d ago | Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function | |||
| CVE-2026-6735 | medium | 6.1 | 6.1 | 26d ago | Important: php:8.2 security update | |||
| CVE-2026-42030 | medium | 6.1 | 6.1 | 28d ago | MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker t… | |||
| CVE-2026-42794 | medium | 6.1 | 6.1 | 28d ago | absinthe_plug Has a Cross-site Scripting vulnerability | |||
| CVE-2026-41575 | medium | 6.1 | 6.1 | 28d ago | In th30d4y/IP from version 1.0.1 to before version 2.0.1, a DOM-Based Cross-Site Scripting (XSS) vulnerability was identified in an IP Reputation Checker application. Unsanitized user input was direc… | |||
| CVE-2026-40295 | medium | 6.1 | 6.1 | 29d ago | Devise has an Open Redirect via Unvalidated `request.referrer` in Timeoutable Session Timeout Handler | |||
| CVE-2026-8106 | medium | 6.1 | 6.1 | 29d ago | A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirect_to query parameter on the /setup/… | |||
| CVE-2026-41929 | medium | 6.1 | 6.1 | 29d ago | Vvveb before 1.0.8.2 contains an unauthenticated reflected cross-site scripting vulnerability in the visual editor preview renderer that allows attackers to execute arbitrary JavaScript by manipulati… | |||
| CVE-2026-39826 | medium | 6.1 | 6.1 | 29d ago | If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape a… | |||
| CVE-2026-39823 | medium | 6.1 | 6.1 | 29d ago | CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune ins… | |||
| CVE-2026-44742 | medium | 6.1 | 6.1 | 29d ago | Postorius is vulnerable to XSS | |||
| CVE-2026-41650 | medium | 6.1 | 6.1 | 29d ago | fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters | |||
| CVE-2026-7953 | medium | 6.1 | 6.1 | 1mo ago | Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chro… | |||
| CVE-2026-42509 | medium | 6.1 | 6.1 | 1mo ago | Apache Wicket has a Cross-site Scripting issue | |||
| CVE-2026-35254 | medium | 6.1 | 6.1 | 1mo ago | Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with netw… | |||
| CVE-2026-38947 | medium | 6.1 | 6.1 | 1mo ago | FluentCMS 1.2.3 is vulnerable to Cross Site Scripting (XSS) in TextHTML plugin. | |||
| CVE-2026-42207 | medium | 6.1 | 6.1 | 1mo ago | Magento LTS Vulnerable to Open Redirect via Unvalidated `uenc` Parameter in `stockAction()` | |||
| CVE-2026-43878 | medium | 6.1 | 6.1 | 1mo ago | Video: Reflected XSS in plugin/Meet/iframe.php via Unescaped user and pass Parameters in JavaScript String Literal | |||
| CVE-2026-38432 | medium | 6.1 | 6.1 | 1mo ago | ERPNext v15.103.1 and before is vulnerable to Cross Site Scripting (XSS) in the Email Template engine. An attacker with permission to create or edit email templates can inject malicious JavaScript co… | |||
| CVE-2026-34002 | medium | 6.1 | 6.1 | 1mo ago | A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit … | |||
| CVE-2026-6704 | medium | 6.1 | 6.1 | 1mo ago | The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitizati… | |||
| CVE-2026-6702 | medium | 6.1 | 6.1 | 1mo ago | The Publish 2 Ping.fm plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the '/wp-admi… | |||
| CVE-2026-6696 | medium | 6.1 | 6.1 | 1mo ago | The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email', 'first_name', 'last_name', and 'phone' parameters on the plugin's sign-up admin page in… | |||
| CVE-2026-42230 | medium | 6.1 | 6.1 | 1mo ago | n8n has Open Redirect in MCP OAuth Consent Flow | |||
| CVE-2026-42144 | medium | 6.1 | 6.1 | 1mo ago | CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory all… | |||
| CVE-2026-42138 | medium | 6.1 | 6.1 | 1mo ago | Dify is an open-source LLM app development platform. Prior to version 1.13.1, using the method POST /api/files/upload, any unauthenticated user can upload an SVG file with XSS. The method POST /v1/fi… | |||
| CVE-2026-38669 | medium | 6.1 | 6.1 | 1mo ago | wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog. | |||
| CVE-2026-7371 | medium | 6.1 | 6.1 | 1mo ago | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an ar… | |||
| CVE-2026-42366 | medium | 6.1 | 6.1 | 1mo ago | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an ar… | |||
| CVE-2026-36763 | medium | 6.1 | 6.1 | 1mo ago | A stored cross-site scripting (XSS) vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted… | |||
| CVE-2026-36761 | medium | 6.1 | 6.1 | 1mo ago | A stored cross-site scripting (XSS) vulnerability in the /msg/msgInner/save endpoint of JeeSite v5.15.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into th… | |||
| CVE-2026-38940 | medium | 6.1 | 6.1 | 1mo ago | Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detail_produk.php component | |||
| CVE-2026-38939 | medium | 6.1 | 6.1 | 1mo ago | Cross Site Scripting vulnerability in andrewtch88 mvc-ecommerce v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the product_catalogue.php component | |||
| CVE-2026-41661 | medium | 6.1 | 6.1 | 1mo ago | Admidio vulnerable to reflected XSS in msg_window.php via Square Bracket to HTML Tag Conversion | |||
| CVE-2026-2902 | medium | 6.1 | 6.1 | 1mo ago | The WP Meteor Website Speed Optimization Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'frontend_rewrite' function's 'WPMETEOR[N]WPMETEOR' placeholder content in all… | |||
| CVE-2026-37750 | medium | 6.1 | 6.1 | 1mo ago | A reflected Cross-Site Scripting (XSS) vulnerability in School Management System by mahmoudai1 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim's browsers via the uns… | |||
| CVE-2026-41915 | medium | 6.1 | 6.1 | 1mo ago | OpenClaw: GIT_DIR and related git plumbing env vars missing from exec env denylist (GHSA-m866-6qv5-p2fg variant) | |||
| CVE-2026-41391 | medium | 6.1 | 6.1 | 1mo ago | OpenClaw: PIP_INDEX_URL and UV_INDEX_URL bypass host exec env sanitization and redirect Python package-index traffic | |||
| CVE-2026-41373 | medium | 6.1 | 6.1 | 1mo ago | OpenClaw: Incomplete host-env-security-policy allows untrusted model to substitute compiler binaries via env overrides | |||
| CVE-2026-40979 | medium | 6.1 | 6.1 | 1mo ago | Spring AI's ONNX model cache defaults to world-writable predictable /tmp directory | |||
| CVE-2026-7233 | medium | 6.1 | 6.1 | 1mo ago | A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulatio… | |||
| CVE-2026-29971 | medium | 6.1 | 6.1 | 1mo ago | A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version before 2.32.0 and fixed in v.2.32.0. User-controlled input is reflected into HTML and JavaScript contexts without pro… | |||
| CVE-2026-41472 | medium | 6.1 | 6.1 | 1mo ago | CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows una… | |||
| CVE-2026-41426 | medium | 6.1 | 6.1 | 1mo ago | pretalx is a conference planning tool. Prior to 2026.1.0, an unauthenticated attacker can send arbitrary HTML-rendered emails from a pretalx instance's configured sender address by embedding malforme… | |||
| CVE-2026-41430 | medium | 6.1 | 6.1 | 1mo ago | Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Redirect parameter on login page is vulnerable to reflected XSS… | |||
| CVE-2026-41240 | medium | 6.1 | 6.1 | 1mo ago | DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions prior to 3.4.0 have an inconsistency between FORBID_TAGS and FORBID_ATTR handling when function-based ADD_TA… | |||
| CVE-2026-6019 | medium | 6.1 | 6.1 | 1mo ago | http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence </script> inside the gen… | |||
| CVE-2026-6835 | medium | 6.1 | 6.1 | 1mo ago | The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including HTML documents, which may result … | |||
| CVE-2026-33812 | medium | 6.1 | 6.1 | 2mo ago | Parsing a malicious font file can cause excessive memory allocation. | |||
| CVE-2026-33436 | medium | 6.1 | 6.1 | 2mo ago | Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. In versions prior to 2.0.0, file upload endpoints render user-supplied filenames directly into HTML … | |||
| CVE-2026-20059 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. T… | |||
| CVE-2026-33822 | medium | 6.1 | 6.1 | 2mo ago | Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |||
| CVE-2026-32196 | medium | 6.1 | 6.1 | 2mo ago | Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2026-32088 | medium | 6.1 | 6.1 | 2mo ago | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical a… | |||
| CVE-2026-26169 | medium | 6.1 | 6.1 | 2mo ago | Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally. | |||
| CVE-2026-34257 | medium | 6.1 | 6.1 | 2mo ago | Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the pa… | |||
| CVE-2026-27674 | medium | 6.1 | 6.1 | 2mo ago | Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an unauthenticated attacker could supply crafted input that is interpreted by the application and cau… | |||
| CVE-2026-35667 | medium | 6.1 | 6.1 | 2mo ago | OpenClaw has incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in `!stop` Chat Command via `shell-utils.ts` | |||
| CVE-2026-35404 | medium | 6.1 | 6.1 | 2mo ago | Open edX Platform enables the authoring and delivery of online learning at any scale. The view_survey endpoint accepts a redirect_url GET parameter that is passed directly to HttpResponseRedirect() w… | |||
| CVE-2026-22675 | medium | 6.1 | 6.1 | 2mo ago | OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript by submitting malicious User… | |||
| CVE-2026-5467 | medium | 6.1 | 6.1 | 2mo ago | Casdoor vulnerable to Open Redirect | |||
| CVE-2026-35466 | medium | 6.1 | 6.1 | 2mo ago | XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services | |||
| CVE-2026-5332 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cros… | |||
| CVE-2026-30526 | medium | 6.1 | 6.1 | 2mo ago | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Zoo Management System v1.0. The vulnerability is located in the login page, specifically within the msg parameter. The ap… | |||
| CVE-2026-5255 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability was detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /delstaffinfo.php of the component Parameter Handler. The manipulation of the argumen… | |||
| CVE-2026-30567 | medium | 6.1 | 6.1 | 2mo ago | A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_product.php file via the "limit" parameter. The application fails to sanitize … | |||
| CVE-2026-29969 | medium | 6.1 | 6.1 | 2mo ago | A cross-site scripting (XSS) vulnerability in the wff_cols_pref.css.aspx endpoint of staffwiki v7.0.1.19219 allows attackers to execute arbitrary Javascript in the context of the user's browser via a… | |||
| CVE-2026-34071 | medium | 6.1 | 6.1 | 2mo ago | Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. In version 2.7.3, the /api/v1/convert/eml/pdf endpoint with parameter downloadHtml=true re… | |||
| CVE-2026-33397 | medium | 6.1 | 6.1 | 2mo ago | Protocol-Relative URL Injection via Single Backslash Bypass in Angular SSR | |||
| CVE-2026-29934 | medium | 6.1 | 6.1 | 2mo ago | A reflected cross-site scripting (XSS) vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying… | |||
| CVE-2026-4849 | medium | 6.1 | 6.1 | 2mo ago | A vulnerability was identified in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file /modify.php of the component Parameter Handler. The manipulation of the argumen… | |||
| CVE-2026-32851 | medium | 6.1 | 6.1 | 2mo ago | MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser b… | |||
| CVE-2026-4474 | medium | 6.1 | 6.1 | 3mo ago | A flaw has been found in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /admin_single_student_update.php. This manipulation of the argument st_name causes … | |||
| CVE-2026-22217 | medium | 6.1 | 6.1 | 3mo ago | OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL | |||
| CVE-2026-20994 | medium | 6.1 | 6.1 | 3mo ago | URL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token. | |||
| CVE-2026-3884 | medium | 6.1 | 6.1 | 3mo ago | Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the spin() function that allows a creation of more than 1 alert for each 'target' element. An attacker wo… | |||
| CVE-2026-23817 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL. | |||
| CVE-2026-22614 | medium | 6.1 | 6.1 | 3mo ago | The encryption mechanism used in Eaton's EasySoft project file was insecure and susceptible to brute force attacks, an attacker with access to this file and the local host machine could potentially r… | |||
| CVE-2026-3812 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manage_employee_allowances.php. This manipulation of the argument ID causes … | |||
| CVE-2026-3763 | medium | 6.1 | 6.1 | 3mo ago | A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. The affected element is an unknown function of the file showhistory.php. The manipulation results in cross site scr… |