CVEs from 2026
Total
14,798
critical
critical 1,335
high
high 5,011
medium
medium 4,834
low
low 504
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-8244 | medium | 5.3 | 5.3 | 28d ago | A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVe… | |||
| CVE-2026-8243 | medium | 5.3 | 5.3 | 28d ago | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to… | |||
| CVE-2026-8241 | medium | 5.3 | 5.3 | 28d ago | A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component RMI Interface. Such manipulation lea… | |||
| CVE-2026-8215 | medium | 5.3 | 5.3 | 29d ago | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Interface. This manipulation of… | |||
| CVE-2026-8214 | medium | 5.3 | 5.3 | 29d ago | A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results… | |||
| CVE-2026-8210 | medium | 5.3 | 5.3 | 29d ago | A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of the file helper.go of the component Update H… | |||
| CVE-2026-8198 | medium | 5.3 | 5.3 | 29d ago | The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including… | |||
| CVE-2026-32683 | medium | 5.3 | 5.3 | 29d ago | Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to… | |||
| CVE-2026-7652 | medium | 5.3 | 5.3 | 29d ago | The LatePoint plugin for WordPress is vulnerable to Account Takeover via Weak Password Recovery Mechanism in the unauthenticated guest booking flow in versions up to, and including, 5.5.0 This is due… | |||
| CVE-2026-44656 | medium | 5.3 | 5.3 | 1mo ago | Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick… | |||
| CVE-2026-42190 | medium | 5.3 | 5.3 | 1mo ago | RedwoodSDK has Same-site CSRF through lack of origin validation in its server actions | |||
| CVE-2026-41495 | medium | 5.3 | 5.3 | 1mo ago | n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests | |||
| CVE-2026-42028 | medium | 5.3 | 5.3 | 1mo ago | novaGallery is a php image gallery. Prior to version 2.1.1, a path traversal vulnerability has been identified in novaGallery. This allows unauthenticated users to read image files outside the intend… | |||
| CVE-2026-44500 | medium | 5.3 | 5.3 | 1mo ago | Zebra Vulnerable to Allocation Amplification in Inbound Network Deserializers | |||
| CVE-2026-41423 | medium | 5.3 | 5.3 | 1mo ago | Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server | |||
| CVE-2026-41161 | medium | 5.3 | 5.3 | 1mo ago | Sync-in Server has Username Enumeration via Timing Attack | |||
| CVE-2026-44928 | medium | 5.3 | 5.3 | 1mo ago | In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal. | |||
| CVE-2026-44927 | medium | 5.3 | 5.3 | 1mo ago | In uriparser before 1.0.2, there is pointer difference truncation to int in various places. | |||
| CVE-2026-41645 | medium | 5.3 | 5.3 | 1mo ago | Nuclei: Environment variable disclosure via Response-Derived DSL Expressions | |||
| CVE-2026-8115 | medium | 5.3 | 5.3 | 1mo ago | short-video-maker has a path traversal vulnerability | |||
| CVE-2026-41928 | medium | 5.3 | 5.3 | 1mo ago | Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the application's secret cron key. Attackers can access … | |||
| CVE-2026-42241 | medium | 5.3 | 5.3 | 1mo ago | ParquetSharp: Possible Stack Overflow When Reading a ParquetFile with Large Decimal Type Width | |||
| CVE-2026-39825 | medium | 5.3 | 5.3 | 1mo ago | ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitize… | |||
| CVE-2026-39819 | medium | 5.3 | 5.3 | 1mo ago | The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one… | |||
| CVE-2026-42878 | medium | 5.3 | 5.3 | 1mo ago | FacturaScripts is an open source accounting and invoicing software. Prior to v2026, an unauthenticated information disclosure vulnerability in the Installer controller allows any remote attacker to t… | |||
| CVE-2026-27416 | medium | 5.3 | 5.3 | 1mo ago | Missing Authorization vulnerability in bPlugins PDF Poster allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF Poster: from n/a through 2.4.1. | |||
| CVE-2026-27329 | medium | 5.3 | 5.3 | 1mo ago | Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooC… | |||
| CVE-2026-25468 | medium | 5.3 | 5.3 | 1mo ago | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Happy Addons… | |||
| CVE-2026-25436 | medium | 5.3 | 5.3 | 1mo ago | Missing Authorization vulnerability in WProyal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal Elementor Addons: from n/a bef… | |||
| CVE-2026-44600 | medium | 5.3 | 5.3 | 1mo ago | Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010. | |||
| CVE-2026-44599 | medium | 5.3 | 5.3 | 1mo ago | Tor before 0.4.9.7 can attempt or accept BEGIN_DIR via conflux legs, aka TROVE-2026-008. | |||
| CVE-2026-6222 | medium | 5.3 | 5.3 | 1mo ago | The Forminator Forms plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.51.1. This is due to the `processRequest()` method in `Forminator_Admin_Module_Edit_… | |||
| CVE-2026-41417 | medium | 5.3 | 5.3 | 1mo ago | Netty: Start-Line Injection in DefaultHttpRequest.setUri() Allows HTTP Request Smuggling and RTSP Request Injection | |||
| CVE-2026-41310 | medium | 5.3 | 5.3 | 1mo ago | OpenTelemetry's Zipkin remote endpoint cache could grow without bounds and increase memory pressure | |||
| CVE-2026-44306 | medium | 5.3 | 5.3 | 1mo ago | Statamic CMS vulnerable to email enumeration via forgot password endpoint | |||
| CVE-2026-8033 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. This affects an unknown function of the file /cdemos/echs/api/v2/ of the component Response Header Handler. Such man… | |||
| CVE-2026-8031 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was detected in PicoTronica e-Clinic Healthcare System ECHS 5.7. The affected element is an unknown function of the file /cdemos/echs/api/v2/patient-records of the component API Endpo… | |||
| CVE-2026-8020 | medium | 5.3 | 5.3 | 1mo ago | Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process… | |||
| CVE-2026-7960 | medium | 5.3 | 5.3 | 1mo ago | Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted… | |||
| CVE-2026-7955 | medium | 5.3 | 5.3 | 1mo ago | Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via… | |||
| CVE-2026-41931 | medium | 5.3 | 5.3 | 1mo ago | Vvveb before version 1.0.8.2 contains an information disclosure vulnerability that allows unauthenticated attackers to obtain sensitive server information by triggering unhandled exceptions in the pa… | |||
| CVE-2026-20195 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device. This vulnerability exist… | |||
| CVE-2026-8026 | medium | 5.3 | 5.3 | 1mo ago | Flowise: Bcrypt Password Hash Exposure | |||
| CVE-2026-6860 | medium | 5.3 | 5.3 | 1mo ago | Vert.x has a DoS via unbounded server-side SNI SslContext cache growth | |||
| CVE-2026-3208 | medium | 5.3 | 5.3 | 1mo ago | The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mp_pix_image' WooCommerce API endpoint in all ver… | |||
| CVE-2026-43881 | medium | 5.3 | 5.3 | 1mo ago | AVideo: Unauthenticated User Enumeration in objects/users.json.php via isCompany Parameter Allows Bypass of the Admin-Only Listing Restriction | |||
| CVE-2026-43880 | medium | 5.3 | 5.3 | 1mo ago | AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Enables Phishing from the Site’s Legitimate From Address | |||
| CVE-2026-34527 | medium | 5.3 | 5.3 | 1mo ago | Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high… | |||
| CVE-2026-33420 | medium | 5.3 | 5.3 | 1mo ago | Vaultwarden is a Bitwarden-compatible server written in Rust. In version 1.35.4 and earlier, the get_org_collections_details endpoint (GET /api/organizations/{org_id}/collections/details) is missing … | |||
| CVE-2026-6907 | medium | 5.3 | 5.3 | 1mo ago | Django Uses Cache Containing Sensitive Information | |||
| CVE-2026-43002 | medium | 5.3 | 5.3 | 1mo ago | OpenStack Horizon has Incorrect Behavior Order | |||
| CVE-2026-5766 | medium | 5.3 | 5.3 | 1mo ago | Django has an Improper Handling of Length Parameter Inconsistency | |||
| CVE-2026-43572 | medium | 5.3 | 5.3 | 1mo ago | OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks | |||
| CVE-2026-43868 | medium | 5.3 | 5.3 | 1mo ago | Apache Thrift has a Memory Allocation with Excessive Size Value Vulnerability | |||
| CVE-2026-2729 | medium | 5.3 | 5.3 | 1mo ago | The Forminator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.52.0. This is due to the plugin not properly verifying that a user is authorized to p… | |||
| CVE-2026-44029 | medium | 5.3 | 5.3 | 1mo ago | An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.… | |||
| CVE-2026-41572 | medium | 5.3 | 5.3 | 1mo ago | Note Mark: Unauthenticated read of notes and assets in soft-deleted public books | |||
| CVE-2026-33007 | medium | 5.3 | 5.3 | 1mo ago | A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. … | |||
| CVE-2026-34032 | medium | 5.3 | 5.3 | 1mo ago | Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which f… | |||
| CVE-2026-33857 | medium | 5.3 | 5.3 | 1mo ago | Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the… | |||
| CVE-2026-5335 | medium | 5.3 | 5.3 | 1mo ago | The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information. | |||
| CVE-2026-7722 | medium | 5.3 | 5.3 | 1mo ago | Prefect Auth Bypass via endswith() Health Check Exemption | |||
| CVE-2026-7702 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview E… | |||
| CVE-2026-7686 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activa… | |||
| CVE-2026-40561 | medium | 5.3 | 5.3 | 1mo ago | Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both head… | |||
| CVE-2026-3504 | medium | 5.3 | 5.3 | 1mo ago | The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/… | |||
| CVE-2026-4024 | medium | 5.3 | 5.3 | 1mo ago | The Royal Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `wpr_update_form_action_meta` AJAX action in all versio… | |||
| CVE-2026-6449 | medium | 5.3 | 5.3 | 1mo ago | The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circ… | |||
| CVE-2026-4650 | medium | 5.3 | 5.3 | 1mo ago | The FundPress – WordPress Donation Plugin for WordPress is vulnerable to authorization bypass in versions up to and including 2.0.8. This is due to missing authorization and nonce verification in the… | |||
| CVE-2026-7638 | medium | 5.3 | 5.3 | 1mo ago | The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to miss… | |||
| CVE-2026-7589 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was determined in ghantakiran splunk-mcp-integration up to 0b86b09d5e5adf0433acd43c975951224613a1a6. Impacted is the function create_csv_export of the file services/csv-export-service… | |||
| CVE-2026-7588 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get_style_guide/get_best_practices of the file server.py. The manipulation of the argument Language results i… | |||
| CVE-2026-7582 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was detected in AcademySoftwareFoundation OpenImageIO up to 3.2.0.1-dev. This vulnerability affects unknown code of the file src/dds.imageio/ddsinput.cpp of the component DDS Image Ha… | |||
| CVE-2026-3143 | medium | 5.3 | 5.3 | 1mo ago | The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax… | |||
| CVE-2026-7580 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was detected in Exiftool up to 13.53. Impacted is the function Process_mrld of the file lib/Image/ExifTool/GM.pm of the component JPEG/QuickTime/MOV/MP4. The manipulation of the argum… | |||
| CVE-2026-7536 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsf_sess_add_by_ip_address of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a… | |||
| CVE-2026-40686 | medium | 5.3 | 5.3 | 1mo ago | In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present (malformed UTF-8 header data). Information might be divulged with… | |||
| CVE-2026-6498 | medium | 5.3 | 5.3 | 1mo ago | The Five Star Restaurant Reservations plugin for WordPress is vulnerable to a payment bypass via PHP type juggling in versions up to, and including, 2.7.16 This is due to the valid_payment() function… | |||
| CVE-2026-42800 | medium | 5.3 | 5.3 | 1mo ago | NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/s… | |||
| CVE-2026-7403 | medium | 5.3 | 5.3 | 1mo ago | A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function list_rules/fetch_rule of the file src/gel_mcp/server.py. The manipulation of the argument rule_name results in … | |||
| CVE-2026-7396 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was identified in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/wecom.py of the component WeChat Work Platform Ad… | |||
| CVE-2026-42644 | medium | 5.3 | 5.3 | 1mo ago | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper BetterDocs betterdocs allows Retrieve Embedded Sensitive Data.This issue affects BetterDocs: fr… | |||
| CVE-2026-42642 | medium | 5.3 | 5.3 | 1mo ago | Missing Authorization vulnerability in StellarWP GiveWP give allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GiveWP: from n/a through <= 4.14.5. | |||
| CVE-2026-22745 | medium | 5.3 | 5.3 | 1mo ago | Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources | |||
| CVE-2026-4019 | medium | 5.3 | 5.3 | 1mo ago | The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to unauthorized data access in all versions up to, and including, 7.4.5 This is due to the REST API endpoint at /wp-json/co… | |||
| CVE-2026-42427 | medium | 5.3 | 5.3 | 1mo ago | OpenClaw: HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS missing from exec env denylist — RCE via build tool env injection (GHSA-cm8v-2vh9-cxf3 class) | |||
| CVE-2026-41407 | medium | 5.3 | 5.3 | 1mo ago | OpenClaw: Shared-secret comparison call sites leaked length information through timing | |||
| CVE-2026-41374 | medium | 5.3 | 5.3 | 1mo ago | OpenClaw runs Discord audio preflight transcription before member authorization | |||
| CVE-2026-40969 | medium | 5.3 | 5.3 | 1mo ago | Spring gRPC AuthenticationException messages are reflected to remote client | |||
| CVE-2026-7271 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability was detected in DV0x creative-ad-agent up to 751b9e5146604dc65049bd0f62dcbdad6212f8a3. Impacted is an unknown function of the file server/sdk-server.ts of the component creative-ad-ag… | |||
| CVE-2026-41606 | medium | 5.3 | 5.3 | 1mo ago | Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. | |||
| CVE-2026-7235 | medium | 5.3 | 5.3 | 1mo ago | A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file … | |||
| CVE-2026-4911 | medium | 5.3 | 5.3 | 1mo ago | The Booking Package plugin for WordPress is vulnerable to Price Manipulation in versions up to, and including, 1.7.06 This is due to the intentForStripe() function passing user-controlled $_POST['amo… | |||
| CVE-2026-7217 | medium | 5.3 | 5.3 | 1mo ago | A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function read_docx/read_xlsx/read_pptx/list_xlsx_sheets/read_pdf of the file packages/mcp-of… | |||
| CVE-2026-7183 | medium | 5.3 | 5.3 | 1mo ago | A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rls_pdu.cpp of the component Radio Link Simulati… | |||
| CVE-2026-7179 | medium | 5.3 | 5.3 | 1mo ago | A security vulnerability has been detected in OSPG binwalk up to 2.4.3. This vulnerability affects the function read_null_terminated_string of the file src/binwalk/plugins/winceextract.py of the comp… | |||
| CVE-2026-7135 | medium | 5.3 | 5.3 | 1mo ago | A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master. Affected by this vulnerability is the function elng_box_read of the file src/isomedia/box_code_base.c of the comp… | |||
| CVE-2026-42037 | medium | 5.3 | 5.3 | 1mo ago | Axios: CRLF Injection in multipart/form-data body via unsanitized blob.type in formDataToStream | |||
| CVE-2026-42036 | medium | 5.3 | 5.3 | 1mo ago | Axios: HTTP adapter streamed responses bypass maxContentLength | |||
| CVE-2026-42034 | medium | 5.3 | 5.3 | 1mo ago | Axios' HTTP adapter-streamed uploads bypass maxBodyLength when maxRedirects: 0 |