CVE-2026-3102 - A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function Set

CVE-2026-3101 - A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of

CVE-2026-27732 - WWBN AVideo is an open source video platform. Prior to version 22.0, the `aVideoEncoder.json.php` AP

CVE-2026-27584 - Actual is a local-first personal finance tool. Prior to version 26.2.1, missing authentication middl

CVE-2026-27568 - WWBN AVideo is an open source video platform. Prior to version 21.0, AVideo allows Markdown in video

CVE-2026-27567 - Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side

CVE-2026-27483 - MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25

CVE-2026-27208 - bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an

CVE-2026-0402 - A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash

CVE-2026-0401 - A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to

CVE-2026-0400 - A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fir

CVE-2026-0399 - Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management i

CVE-2025-67445 - TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cstec

CVE-2025-10010 - The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user auth

CVE-2026-2807 - Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of

CVE-2026-2806 - Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148 and T

CVE-2026-2805 - Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thun

CVE-2026-2804 - Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 an

CVE-2026-2803 - Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects F

CVE-2026-2802 - Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunder

CVE-2026-2801 - Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects F

CVE-2026-2800 - Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox

CVE-2026-2799 - Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thund

CVE-2026-2798 - Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thund

CVE-2026-2797 - Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunder

CVE-2026-2796 - JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 14

CVE-2026-2795 - Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunder

CVE-2026-2794 - Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vu

CVE-2026-2793 - Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox

CVE-2026-2792 - Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird

CVE-2026-2791 - Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Fire

CVE-2026-2790 - Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148

CVE-2026-2789 - Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefo

CVE-2026-2788 - Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox

CVE-2026-2787 - Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148,

CVE-2026-2786 - Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox

CVE-2026-2785 - Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo

CVE-2026-2784 - Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148, Firefox

CVE-2026-2783 - Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulne

CVE-2026-2782 - Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox

CVE-2026-2781 - Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefo

CVE-2026-2780 - Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox

CVE-2026-2779 - Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox <

CVE-2026-2778 - Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerab

CVE-2026-2777 - Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, Fi

CVE-2026-2776 - Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software.

CVE-2026-2775 - Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firef

CVE-2026-2774 - Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR

CVE-2026-2773 - Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148,

CVE-2026-2772 - Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Fir

CVE-2026-2771 - Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Fire

CVE-2026-2770 - Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Fi

CVE-2026-2769 - Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefo

CVE-2026-2768 - Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefo

CVE-2026-2767 - Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, F

CVE-2026-2766 - Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Fi

CVE-2026-2765 - Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox

CVE-2026-2764 - JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affec

CVE-2026-2763 - Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox

CVE-2026-2762 - Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox <

CVE-2026-2761 - Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firef

CVE-2026-2760 - Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulne

CVE-2026-2759 - Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefo

CVE-2026-2758 - Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ES

CVE-2026-2757 - Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firef

CVE-2026-2634 - Malicious scripts could cause desynchronization between the address bar and web content before a res

CVE-2026-2460 - A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and a

CVE-2026-2459 - A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter t

CVE-2026-23984 - An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated us

CVE-2026-23983 - A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to re

CVE-2026-23982 - An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user

CVE-2026-23980 - Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') vulnerability in

CVE-2026-23969 - Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execut

CVE-2026-1773 - IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product

CVE-2026-1772 - RTU500 web interface: An unprivileged user can read user management information. The information can

CVE-2025-14577 - Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injection. An unauthenticated remote a

CVE-2026-2664 - An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker

CVE-2025-27555 - Airflow versions before 2.11.1 have a vulnerability that allows authenticated users with audit log a

CVE-2024-56373 - DAG Author (who already has quite a lot of permissions) could manipulate database of Airflow 2 in th

CVE-2025-11165 - A sandbox escape vulnerability exists in dotCMS’s Velocity scripting engine (VTools) that allows aut

CVE-2024-1524 - When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider (ID

CVE-2026-1229 - The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect valu

CVE-2025-40541 - An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, giv

CVE-2025-40540 - A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ab

CVE-2025-40539 - A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ab

CVE-2025-40538 - A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor

CVE-2026-24314 - Under certain conditions SAP S/4HANA (Manage Payment Media) allows an authenticated attacker to acce

CVE-2025-15589 - A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_dir_file of the file

CVE-2025-15386 - The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated

CVE-2026-3070 - A vulnerability was detected in SourceCodester Modern Image Gallery App 1.0. Affected by this vulner

CVE-2026-3069 - A security vulnerability has been detected in itsourcecode Document Management System 1.0. Affected

CVE-2026-3068 - A weakness has been identified in itsourcecode Document Management System 1.0. This impacts an unkno

CVE-2026-3067 - A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTar

CVE-2026-3066 - A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedComman

CVE-2026-27461 - Pimcore is an Open Source Data & Experience Management Platform. In versions up to and including 11.

CVE-2026-3091 - An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows

CVE-2026-3065 - A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commo

CVE-2026-3064 - A security vulnerability has been detected in HummerRisk up to 1.5.0. Affected by this issue is some

CVE-2026-3057 - A security flaw has been discovered in a54552239 pearProjectApi up to 2.8.10. Affected is the functi

CVE-2026-3054 - A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The m

CVE-2026-27129 - Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 thro

CVE-2026-27128 - Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 thro

CVE-2026-27127 - Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 thro

CVE-2026-27126 - Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 thro

CVE-2026-26983 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-26981 - OpenEXR provides the specification and reference implementation of the EXR file format, an image sto

CVE-2026-26331 - yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version

CVE-2026-26284 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-26283 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-26198 - Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing aggregate qu

CVE-2026-26066 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25989 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-1459 - A post-authentication command injection vulnerability in the TR-369 certificate download CGI program

CVE-2025-13943 - A post-authentication command injection vulnerability in the log file download function of the Zyxel

CVE-2025-13942 - A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions thro

CVE-2025-11848 - A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B fi

CVE-2025-11847 - A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B fi

CVE-2026-3053 - A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterce

CVE-2026-3052 - A vulnerability was found in DataLinkDC dinky up to 1.2.5. The impacted element is the function prox

CVE-2026-25988 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25987 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25986 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25985 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25983 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25982 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25971 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25970 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25969 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25968 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25967 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25966 - ImageMagick is free and open-source software used for editing and manipulating digital images. The s

CVE-2026-25965 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25898 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25897 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2025-11846 - A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T5

CVE-2025-11845 - A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3

CVE-2026-3051 - A vulnerability has been found in DataLinkDC dinky up to 1.2.5. The affected element is the function

CVE-2026-3050 - A flaw has been found in horilla-opensource horilla up to 1.0.2. Impacted is an unknown function of

CVE-2026-3049 - A vulnerability was detected in horilla-opensource horilla up to 1.0.2. This issue affects the funct

CVE-2026-3046 - A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System f

CVE-2026-27729 - Astro is a web framework. In versions 9.0.0 through 9.5.3, Astro server actions have no default requ

CVE-2026-27643 - free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generat

CVE-2026-27642 - free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th gener

CVE-2026-26025 - free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generat

CVE-2026-26024 - free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generat

CVE-2026-25802 - New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management sys

CVE-2026-25799 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25798 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25797 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25796 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25795 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25794 - ImageMagick is free and open-source software used for editing and manipulating digital images. `Writ

CVE-2026-25638 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25637 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25591 - New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management sys

CVE-2026-25576 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25545 - Astro is a web framework. Prior to version 9.5.4, Server-Side Rendered pages that return an error wi

CVE-2026-25501 - free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generat

CVE-2026-24485 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-24484 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-24481 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-21864 - Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter (Module) data type into the V

CVE-2025-9120 - Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Carbonite Safe

CVE-2025-69253 - free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and i

CVE-2026-3044 - A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFi

CVE-2026-3043 - A flaw has been found in itsourcecode Event Management System 1.0. The impacted element is an unknow

CVE-2026-3042 - A vulnerability was detected in itsourcecode Event Management System 1.0. The affected element is an

CVE-2025-69252 - free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th gener

CVE-2025-69251 - free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th gener

CVE-2025-69250 - free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th gener

CVE-2024-58041 - Smolder versions through 1.51 for Perl uses insecure rand() function for cryptographic functions. S

CVE-2026-3063 - Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacke

CVE-2026-3062 - Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.7632.116 allowed a remot

CVE-2026-3061 - Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a remote attacker to pe

CVE-2026-21665 - The Print Service component of Fiserv Originate Loans Peripherals (formerly Velocity Services) in un

CVE-2026-3041 - A security vulnerability has been detected in xingfuggz BaykeShop up to 1.3.20. Impacted is an unkno

CVE-2026-3040 - A vulnerability was identified in DrayTek Vigor 300B up to 1.5.1.6. This affects the function cgiGet

CVE-2026-3028 - A vulnerability was determined in erzhongxmu JEEWMS up to 3.7. This vulnerability affects the functi

CVE-2026-27742 - Bludit version 3.16.2 contains a stored cross-site scripting (XSS) vulnerability in the post content

CVE-2026-27741 - Bludit version 3.16.1 contains a cross-site request forgery (CSRF) vulnerability in the /admin/unins

CVE-2026-27163 - Rejected reason: This CVE was assigned in error.

CVE-2026-25984 - Rejected reason: This CVE was assigned in error.

CVE-2026-25649 - Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain an issue

CVE-2025-69248 - free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and i

CVE-2025-69247 - free5GC go-upf is the User Plane Function (UPF) implementation for 5G networks that is part of the f

CVE-2025-69232 - free5GC is an open-source project for 5th generation (5G) mobile core networks. free5GC go-upf versi

CVE-2025-69208 - free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generat

CVE-2026-3075 - Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Sta

CVE-2026-3027 - A vulnerability was found in erzhongxmu JEEWMS up to 3.7. This affects an unknown part of the file s

CVE-2026-3026 - A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown func

CVE-2026-3025 - A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by thi

CVE-2026-25648 - Versions of the Traccar open-source GPS tracking system starting with 6.11.1 contain an issue in whi

CVE-2026-23694 - Aruba HiSpeed Cache (aruba-hispeed-cache) WordPress plugin versions prior to 3.0.5 contain a cross-s

CVE-2026-23693 - ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor (elementskit-lite)

CVE-2026-23521 - Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain an issue

CVE-2025-71056 - Improper session management in GCOM EPON 1GE ONU version C00R371V00B01 allows attackers to execute a

CVE-2025-70328 - TOTOLINK X6000R v9.4.0cu.1498_B20250826 contains an OS command injection vulnerability in the NTPSyn

CVE-2025-70327 - TOTOLINK X5000R v9.1.0cu_2415_B20250515 contains an argument injection vulnerability in the setDiagn

CVE-2025-68930 - Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain a Cross-S

CVE-2026-27623 - Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a

CVE-2026-21863 - Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a mal

CVE-2025-70329 - TOTOLink X5000R v9.1.0cu_2415_B20250515 contains an OS command injection vulnerability in the setIpt

CVE-2025-67733 - Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a mal

CVE-2025-63946 - A privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Wind

CVE-2025-63945 - A privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows

CVE-2025-61147 - strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component d

CVE-2025-61146 - saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.

CVE-2025-61145 - libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

CVE-2025-61144 - libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer

CVE-2025-61143 - libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/

CVE-2026-26464 - Stored Cross-Site Scripting (XSS) was found in the /admin/edit_user.php page of Society Management S

CVE-2026-2698 - An improper access control vulnerability exists where an authenticated user could access areas outsi

CVE-2026-27514 - Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a sensitive information expos

CVE-2026-27513 - Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a cross-site request forgery

CVE-2026-27512 - Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a content-type confusion vuln

CVE-2026-27511 - Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a clickjacking vulnerability

CVE-2026-22568 - Improper neutralization of special elements in user-supplied input within the ZIA Admin UI could all

CVE-2026-22567 - Improper validation of user-supplied input in the ZIA Admin UI could allow an authenticated administ

CVE-2026-3016 - A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. The affected element is the fun

CVE-2026-3015 - A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Impacted is the function strcpy

CVE-2026-2697 - An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to es

CVE-2025-70058 - An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0.

CVE-2025-70045 - An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master.

CVE-2025-70044 - An issue pertaining to CWE-295: Improper Certificate Validation was discovered in fofolee uTools-qui

CVE-2025-70043 - An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To maste

CVE-2025-14905 - A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `sche

CVE-2026-21420 - Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path Element

CVE-2025-69700 - Tenda FH1203 V2.0.1.6 contains a stack-based buffer overflow vulnerability in the modify_add_client_

CVE-2026-2985 - A security flaw has been discovered in Tiandy Video Surveillance System 视频监控平台 7.17.0. This impacts

CVE-2026-2984 - A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects

CVE-2025-59873 - An information exposure vulnerability exists in Vulnerability in HCL Software ZIE for Web. The app

CVE-2025-40986 - Reflected Cross-Site Scripting (XSS) vulnerability in PideTuCita. This vulnerability allows an attac

CVE-2025-40701 - Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows a

CVE-2026-2983 - A vulnerability was determined in SourceCodester Student Result Management System 1.0. The impacted

CVE-2025-41002 - SQL injection vulnerability in Infoticketing. This vulnerability allows an unauthenticated attacker

CVE-2026-2981 - A vulnerability was found in UTT HiPER 810G up to 1.7.7-1711. The affected element is the function s

CVE-2026-2980 - A vulnerability has been found in UTT HiPER 810G up to 1.7.7-1711. Impacted is the function strcpy o

CVE-2026-2979 - A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function user_avatar_uploa

CVE-2026-26365 - Akamai Ghost on Akamai CDN edge servers before 2026-02-06 mishandles processing of custom hop-by-hop

CVE-2026-25747 - Deserialization of Untrusted Data vulnerability in Apache Camel LevelDB component. The Camel-LevelD

CVE-2026-23552 - Cross-Realm Token Acceptance Bypass in KeycloakSecurityPolicy Apache Camel Keycloak component.  The

CVE-2026-2978 - A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function up

CVE-2026-2977 - A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function up

CVE-2026-1367 - Zohocorp ManageEngine ADSelfService Plus versions 6522 and below are vulnerable to authenticated SQL

CVE-2026-2976 - A weakness has been identified in FastApiAdmin up to 2.2.0. Affected by this issue is the function d

CVE-2026-2975 - A security flaw has been discovered in FastApiAdmin up to 2.2.0. Affected by this vulnerability is t

CVE-2026-2974 - A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability aff

CVE-2026-2972 - A vulnerability was determined in a466350665 Smart-SSO up to 2.1.1. This affects the function Save o

CVE-2026-2971 - A vulnerability was found in a466350665 Smart-SSO up to 2.1.1. Affected by this issue is some unknow

CVE-2026-2970 - A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability