CVE-2019-25446 - DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to m

CVE-2019-25443 - Inventory Webapp contains an SQL injection vulnerability that allows unauthenticated attackers to ma

CVE-2019-25442 - Web Wiz Forums 12.01 contains an SQL injection vulnerability that allows unauthenticated attackers t

CVE-2019-25440 - WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manip

CVE-2019-25439 - NoviSmart CMS contains an SQL injection vulnerability that allows remote attackers to execute arbitr

CVE-2019-25433 - XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to man

CVE-2019-25391 - Ashop Shopping Cart Software contains a time-based blind SQL injection vulnerability that allows att

CVE-2019-25366 - microASP Portal+ CMS contains an SQL injection vulnerability that allows unauthenticated attackers t

CVE-2026-2946 - A security vulnerability has been detected in rymcu forest up to 0.0.5. Affected by this issue is th

CVE-2026-2945 - A weakness has been identified in JeecgBoot 3.9.0. Affected by this vulnerability is an unknown func

CVE-2026-2944 - A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affect

CVE-2026-2943 - A vulnerability was identified in SapneshNaik Student Management System up to f4b4f0928f0b5551a28ee8

CVE-2026-2940 - A vulnerability was determined in Zaher1307 tiny_web_server up to 8d77b1044a0ca3a5297d8726ac8aa2cf94

CVE-2026-2939 - A vulnerability was found in itsourcecode Student Management System 1.0. The impacted element is an

CVE-2026-2938 - A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected

CVE-2026-2935 - A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. This issue affects the function

CVE-2026-2934 - A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function upda

CVE-2026-2385 - The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCom

CVE-2026-2933 - A weakness has been identified in YiFang CMS up to 2.0.5. This affects the function update of the fi

CVE-2026-2932 - A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function

CVE-2026-2930 - A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgi

CVE-2026-2929 - A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_453140 of th

CVE-2026-1369 - The Conditional CAPTCHA WordPress plugin through 4.0.0 does not validate a parameter before redirect

CVE-2026-2928 - A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_452CCC of

CVE-2026-2927 - A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function s

CVE-2026-2926 - A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4237AC of the file /

CVE-2026-2925 - A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_

CVE-2026-2913 - A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vips_so

CVE-2026-2912 - A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown functi

CVE-2026-2911 - A vulnerability has been found in Tenda FH451 up to 1.0.0.9. This issue affects some unknown process

CVE-2026-2910 - A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /b

CVE-2026-2909 - A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boafo

CVE-2026-2908 - A security vulnerability has been detected in Tenda HG9 300001138. Affected by this issue is some un

CVE-2026-2907 - A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown

CVE-2026-2906 - A security flaw has been discovered in Tenda HG9 300001138. Affected is an unknown function of the f

CVE-2026-2905 - A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file

CVE-2026-2904 - A vulnerability was determined in UTT HiPER 810G 1.7.7-171114. This affects the function strcpy of t

CVE-2026-2903 - A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_r

CVE-2026-2898 - A vulnerability was detected in funadmin up to 7.1.0-rc4. This issue affects the function getMember

CVE-2026-2897 - A security vulnerability has been detected in funadmin up to 7.1.0-rc4. This vulnerability affects u

CVE-2026-2896 - A weakness has been identified in funadmin up to 7.1.0-rc4. This affects the function setConfig of t

CVE-2026-2895 - A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the funct

CVE-2026-2894 - A vulnerability was identified in funadmin up to 7.1.0-rc4. Affected by this vulnerability is the fu

CVE-2026-2889 - A vulnerability was detected in CCExtractor up to 0.96.5. Affected is the function processmp4 in the

CVE-2026-2887 - A security vulnerability has been detected in aardappel lobster up to 2025.4. This impacts the funct

CVE-2026-2886 - A weakness has been identified in Tenda A21 1.0.0.0. This affects the function set_device_name of th

CVE-2026-2885 - A security flaw has been discovered in D-Link DWR-M960 1.01.07. The impacted element is the function

CVE-2026-2884 - A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element is the function sub_

CVE-2026-2883 - A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_427D74 of th

CVE-2026-2882 - A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_46385C of

CVE-2026-2881 - A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function s

CVE-2026-2877 - A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the fil

CVE-2026-2876 - A vulnerability was determined in Tenda A18 15.13.07.13. This affects the function parse_macfilter_r

CVE-2026-2874 - A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function form_fast_setting_wifi_set of t

CVE-2026-2873 - A vulnerability was detected in Tenda A21 1.0.0.0. This issue affects the function setSchedWifi of t

CVE-2026-2872 - A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the func

CVE-2026-2871 - A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of t

CVE-2026-2870 - A security flaw has been discovered in Tenda A21 1.0.0.0. Affected by this issue is the function set

CVE-2026-2869 - A vulnerability was identified in janet-lang janet up to 1.40.1. Affected by this vulnerability is t

CVE-2026-2867 - A vulnerability was determined in itsourcecode Vehicle Management System 1.0. Affected is an unknown

CVE-2026-27579 - CollabPlatform is a full-stack, real-time doc collaboration platform. In all versions of CollabPlatf

CVE-2026-27574 - OneUptime is a solution for monitoring and managing online services. In versions 9.5.13 and below, c

CVE-2026-27492 - Lettermint Node.js SDK is the official Node.js SDK for Lettermint. In versions 1.5.0 and below, emai

CVE-2026-1787 - The LearnPress Export Import – WordPress extension for LearnPress plugin for WordPress is vulnerable

CVE-2026-27576 - OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very la

CVE-2026-27488 - OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, Cron webhook delivery in src/g

CVE-2026-27487 - OpenClaw is a personal AI assistant. In versions 2026.2.13 and below, when using macOS, the Claude C

CVE-2026-27486 - OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the proces

CVE-2026-27485 - OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, skills/skill-creator/scripts/p

CVE-2026-27484 - OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the Discord moderation action

CVE-2026-27482 - Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-o

CVE-2026-27480 - Static Web Server (SWS) is a production-ready web server suitable for static web files or assets. In

CVE-2025-14339 - The weMail - Email Marketing, Lead Generation, Optin Forms, Email Newsletters, A/B Testing, and Auto

CVE-2026-27479 - Wallos is an open-source, self-hostable personal subscription tracker. Versions 4.6.0 and below cont

CVE-2026-2865 - A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. This impacts an u

CVE-2026-2864 - A vulnerability has been found in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757

CVE-2026-27470 - ZoneMinder is a free, open source closed-circuit television software application. In versions 1.36.3

CVE-2026-27469 - Isso is a lightweight commenting server written in Python and JavaScript. In commits before 0afbfe06

CVE-2026-27467 - BigBlueButton is an open-source virtual classroom. In versions 3.0.19 and below, when first joining

CVE-2026-27466 - BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official docume

CVE-2026-27464 - Metabase is an open-source data analytics platform. In versions prior to 0.57.13 and versions 0.58.x

CVE-2026-27471 - ERP is a free and open source Enterprise Resource Planning tool. In versions up to 15.98.0 and 16.0.

CVE-2026-27458 - LinkAce is a self-hosted archive to collect website links. Versions 2.4.2 and below have a Stored Cr

CVE-2026-27452 - ASN.1 TypeScript ESM library, including codecs for Basic Encoding Rules (BER) and Distinguished Enco

CVE-2026-27206 - Zumba Json Serializer is a library to serialize PHP variables in JSON format. In versions 3.2.2 and

CVE-2026-2863 - A flaw has been found in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070

CVE-2026-2861 - A vulnerability was detected in Foswiki up to 2.1.10. The affected element is an unknown function of

CVE-2026-27212 - Swiper is a free and mobile touch slider with hardware accelerated transitions and native behavior.

CVE-2026-27211 - Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevul

CVE-2026-27210 - Pannellum is a lightweight, free, and open source panorama viewer for the web. In versions 3.5.0 thr

CVE-2026-27205 - Flask is a web server gateway interface (WSGI) web application framework. In versions 3.1.2 and belo

CVE-2026-27199 - Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_join fu

CVE-2026-27198 - Formwork is a flat file-based Content Management System (CMS). In versions 2.0.0 through 2.3.3, the

CVE-2026-26047 - A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX

CVE-2026-26046 - A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitizat

CVE-2026-26045 - A flaw was identified in Moodle’s backup restore functionality where specially crafted backup files

CVE-2026-2860 - A security vulnerability has been detected in feng_ha_ha/megagao ssm-erp and production_ssm up to 42

CVE-2026-27534 - Rejected reason: Not used

CVE-2026-27533 - Rejected reason: Not used

CVE-2026-27532 - Rejected reason: Not used

CVE-2026-27531 - Rejected reason: Not used

CVE-2026-27530 - Rejected reason: Not used

CVE-2026-27529 - Rejected reason: Not used

CVE-2026-27528 - Rejected reason: Not used

CVE-2026-27527 - Rejected reason: Not used

CVE-2026-27197 - Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through

CVE-2026-27196 - Statmatic is a Laravel and Git powered content management system (CMS). Versions 5.73.8 and below in

CVE-2026-27194 - D-Tale is a visualizer for pandas data structures. Versions prior to 3.20.0 are vulnerable to Remote

CVE-2026-27193 - Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaSc

CVE-2026-27192 - Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaSc

CVE-2026-27191 - Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaSc

CVE-2025-65995 - When a DAG failed during parsing, Airflow’s error-reporting in the UI could include the full kwargs

CVE-2026-27203 - eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive ac

CVE-2026-27202 - GetSimple CMS is a content management system. All versions of GetSimple CMS have a flaw in the Uploa

CVE-2026-27189 - OpenSift is an AI study tool that sifts through large datasets using semantic search and generative

CVE-2026-27170 - OpenSift is an AI study tool that sifts through large datasets using semantic search and generative

CVE-2026-27169 - OpenSift is an AI study tool that sifts through large datasets using semantic search and generative

CVE-2026-27168 - SAIL is a cross-platform library for loading and saving images with support for animation, metadata,

CVE-2026-27161 - GetSimple CMS is a content management system. All versions of GetSimple CMS rely on .htaccess files

CVE-2026-27147 - GetSimple CMS is a content management system. All versions of GetSimple CMS are vulnerable to XSS th

CVE-2026-27146 - GetSimple CMS is a content management system. All versions of GetSimple CMS do not implement CSRF pr

CVE-2026-27134 - Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployme

CVE-2026-2635 - MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote

CVE-2026-2492 - TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. T

CVE-2026-2490 - RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability. This

CVE-2026-2048 - GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability al

CVE-2026-2047 - GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerab

CVE-2026-2045 - GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability al

CVE-2026-2044 - GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability a

CVE-2026-2043 - Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerabili

CVE-2026-2042 - Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability. This vulnerabili

CVE-2026-2041 - Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability. Thi

CVE-2026-2040 - PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnera

CVE-2026-2039 - GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability. This vulnerabilit

CVE-2026-2038 - GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability. This vulnerability

CVE-2026-2037 - GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability. This v

CVE-2026-2036 - GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability. This

CVE-2026-2035 - Deciso OPNsense diag_backup.php filename Command Injection Remote Code Execution Vulnerability. This

CVE-2026-2034 - Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vu

CVE-2026-2033 - MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. Thi

CVE-2026-27133 - Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployme

CVE-2026-27125 - svelte performance oriented web framework. Prior to 5.51.5, in server-side rendering, attribute spre

CVE-2026-27122 - svelte performance oriented web framework. Prior to 5.51.5, when using <svelte:element this={tag}> i

CVE-2026-27121 - svelte performance oriented web framework. Versions of svelte prior to 5.51.5 are vulnerable to cros

CVE-2026-27119 - svelte performance oriented web framework. From 5.39.3, <=5.51.4, in certain circumstances, the serv

CVE-2019-25454 - phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allows unauthenticated at

CVE-2019-25453 - phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated

CVE-2019-25451 - phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perfor

CVE-2019-25449 - OrientDB 3.0.17 contains a reflected cross-site scripting vulnerability that allows attackers to inj

CVE-2019-25448 - OrientDB 3.0.17 contains a stored cross-site scripting vulnerability that allows authenticated attac

CVE-2019-25447 - OrientDB 3.0.17 GA Community Edition contains cross-site request forgery vulnerabilities that allow

CVE-2019-25441 - thesystem 1.0 contains a command injection vulnerability that allows unauthenticated attackers to ex

CVE-2019-25438 - LabCollector 5.423 contains multiple SQL injection vulnerabilities that allow unauthenticated attack

CVE-2019-25437 - Foscam Video Management System 1.1.6.6 contains a buffer overflow vulnerability in the UID field tha

CVE-2019-25436 - Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows au

CVE-2019-25435 - Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management a

CVE-2019-25434 - SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers

CVE-2019-25432 - Part-DB 0.4 contains an authentication bypass vulnerability that allows unauthenticated attackers to

CVE-2019-25431 - delpino73 Blue-Smiley-Organizer 1.32 contains an SQL injection vulnerability in the datetime paramet

CVE-2018-25158 - Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users t

CVE-2026-2858 - A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of

CVE-2026-27120 - Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit

CVE-2026-27118 - SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Ve

CVE-2026-27113 - Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fc

CVE-2026-27112 - Kargo manages and automates the promotion of software artifacts. From 1.7.0 to before v1.7.8, v1.8.1

CVE-2026-27111 - Kargo manages and automates the promotion of software artifacts. From v1.9.0 to v1.9.2, Kargo's auth

CVE-2026-27026 - pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this v

CVE-2026-27025 - pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this v

CVE-2026-27024 - pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this v

CVE-2026-27022 - @langchain/langgraph-checkpoint-redis is the Redis checkpoint and store implementation for LangGraph

CVE-2026-0797 - GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerabi

CVE-2026-0777 - Xmind Attachment Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability all

CVE-2026-2857 - A vulnerability was determined in D-Link DWR-M960 1.01.07. Affected by this issue is the function su

CVE-2026-2856 - A vulnerability was found in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function

CVE-2026-27190 - Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.6.8, a command injection vulne

CVE-2026-27020 - Photobooth prior to 1.0.1 has a cross-site scripting (XSS) vulnerability in user input fields. Malic

CVE-2026-25896 - fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object wi

CVE-2026-24892 - openITCOCKPIT is an open source monitoring tool built for different monitoring engines like Nagios,

CVE-2026-2855 - A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub_4648F0 of th

CVE-2026-2854 - A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the function sub_4611CC of the file /

CVE-2026-2853 - A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub_462E14 of the

CVE-2026-2473 - Predictable bucket naming in Vertex AI Experiments in Google Cloud Vertex AI from version 1.21.0 up

CVE-2026-2472 - Stored Cross-Site Scripting (XSS) in the _genai/_evals_visualization component of Google Cloud Verte

CVE-2025-62326 - HCL Digital Experience is susceptible to stored cross-site scripting (XSS) in the administrative use

CVE-2026-2852 - A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. T

CVE-2021-35402 - PROLiNK PRC2402M 20190909 before 2021-06-13 allows live_api.cgi?page=satellite_list OS command injec

CVE-2019-25445 - Fiverr Clone Script 1.2.2 contains a cross-site scripting vulnerability that allows unauthenticated

CVE-2019-25444 - Fiverr Clone Script 1.2.2 contains an SQL injection vulnerability that allows unauthenticated attack

CVE-2026-2851 - A vulnerability was determined in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. T

CVE-2026-2850 - A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This a

CVE-2026-2832 - Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, pote

CVE-2026-27115 - ADB Explorer is a fluent UI for ADB on Windows. Versions 0.9.26020 and below have an unvalidated com

CVE-2026-24891 - openITCOCKPIT is an open source monitoring tool built for different monitoring engines like Nagios,

CVE-2026-2849 - A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. A

CVE-2026-2848 - A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vuln

CVE-2026-2818 - A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows

CVE-2026-2333 - Improper Neutralization of Special Elements used in a Command ('Command Injection') in Owl opds 2.2.

CVE-2026-27506 - SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerability in the user prof

CVE-2026-27505 - SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerability in the user regi

CVE-2026-27504 - SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in radiomobil

CVE-2026-27503 - SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in admin/log.

CVE-2026-27502 - SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in log.php vi

CVE-2026-26747 - A Host Header Poisoning vulnerability exists in Monica 4.1.2 due to improper handling of the HTTP Ho

CVE-2026-26746 - OpenSourcePOS 3.4.1 contains a Local File Inclusion (LFI) vulnerability in the Sales.php::getInvoice

CVE-2026-26745 - OpenSourcePOS 3.4.1 has a second order SQL Injection vulnerability in the handling of the currency_s

CVE-2026-26725 - An issue in edu Business Solutions Print Shop Pro WebDesk v.18.34 allows a remote attacker to escala

CVE-2026-26724 - Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230

CVE-2026-26723 - Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230

CVE-2026-26722 - An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attack

CVE-2026-26721 - An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attack

CVE-2026-26102 - Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation v

CVE-2026-26101 - Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation v

CVE-2026-26100 - Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation v

CVE-2026-26099 - Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration Fi

CVE-2026-26098 - Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration Fi

CVE-2026-26097 - Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration Fi

CVE-2026-26096 - Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation v

CVE-2026-26095 - Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation v

CVE-2026-26093 - Improper Neutralization of Special Elements used in a Command ('Command Injection') in Owl opds 2.2.

CVE-2026-26049 - The web management interface of the device renders the passwords in a plaintext input field. The cu

CVE-2026-26048 - The Wi-Fi router is vulnerable to de-authentication attacks due to the absence of management frame

CVE-2026-25715 - The web management interface of the device allows the administrator username and password to be set

CVE-2026-24790 - The underlying PLC of the device can be remotely influenced, without proper safeguards or authentica

CVE-2026-24455 - The embedded web interface of the device does not support HTTPS/TLS for authentication and uses HTT

CVE-2026-1842 - HyperCloud versions 2.3.5 through 2.6.8 improperly allowed refresh tokens to be used directly for re

CVE-2025-70833 - An Authentication Bypass vulnerability in Smanga 3.2.7 allows an unauthenticated attacker to reset t

CVE-2025-15583 - A weakness has been identified in detronetdip E-commerce 1.0.0. This affects the function get_safe_v

CVE-2025-15582 - A security flaw has been discovered in detronetdip E-commerce 1.0.0. The impacted element is the fun

CVE-2026-2847 - A vulnerability was detected in UTT HiPER 520 1.7.7-160105. Affected is the function sub_44EFB4 of t

CVE-2026-2846 - A security vulnerability has been detected in UTT HiPER 520 1.7.7-160105. This impacts the function

CVE-2026-27072 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-24959 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2026-24956 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2026-24955 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-24953 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mitc

CVE-2026-24950 - Authorization Bypass Through User-Controlled Key vulnerability in themeplugs Authorsy authorsy allow

CVE-2026-24949 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-24948 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-24946 - Missing Authorization vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerce

CVE-2026-24944 - Missing Authorization vulnerability in weDevs Subscribe2 subscribe2 allows Exploiting Incorrectly Co

CVE-2026-24943 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-24941 - Missing Authorization vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Inc

CVE-2026-22885 - A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow rem

CVE-2026-22384 - Deserialization of Untrusted Data vulnerability in leafcolor Applay - Shortcodes applay-shortcodes a

CVE-2026-22383 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes PawFriends - Pet Sho

CVE-2026-22381 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2026-22380 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2026-22379 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2026-22378 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2026-22377 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio