CVE-2026-0780 - ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulner

CVE-2026-0779 - ALGO 8180 IP Audio Alerter Ping Command Injection Remote Code Execution Vulnerability. This vulnerab

CVE-2026-0778 - Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This v

CVE-2026-0776 - Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulne

CVE-2026-0775 - npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability

CVE-2026-0774 - WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability. This vulnera

CVE-2026-0773 - Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vuln

CVE-2026-0772 - Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vuln

CVE-2026-0771 - Langflow PythonFunction Code Injection Remote Code Execution Vulnerability. This vulnerability allow

CVE-2026-0770 - Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution

CVE-2026-0769 - Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability. This vulnera

CVE-2026-0768 - Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote a

CVE-2026-0767 - Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerab

CVE-2026-0766 - Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability. This vulner

CVE-2026-0765 - Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerabilit

CVE-2026-0764 - GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vuln

CVE-2026-0763 - GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution

CVE-2026-0762 - GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability. This

CVE-2026-0761 - Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerabi

CVE-2026-0760 - Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Executio

CVE-2026-0759 - Katana Network Development Starter Kit executeCommand Command Injection Remote Code Execution Vulner

CVE-2026-0758 - mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability. This vu

CVE-2026-0757 - MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability. This

CVE-2026-0756 - github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability. This vulne

CVE-2026-0755 - gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability

CVE-2026-0710 - A flaw was found in SIPp. A remote attacker could exploit this by sending specially crafted Session

CVE-2025-15351 - Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerab

CVE-2025-15350 - Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerab

CVE-2025-15349 - Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows

CVE-2025-15348 - Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerabi

CVE-2025-15063 - Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerabilit

CVE-2025-15062 - Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerabi

CVE-2025-15061 - Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability. Thi

CVE-2025-15059 - GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerabi

CVE-2025-11002 - 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability a

CVE-2026-24304 - Improper access control in Azure Resource Manager allows an authorized attacker to elevate privilege

CVE-2026-24138 - FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.

CVE-2026-24137 - sigstore framework is a common go library shared across sigstore services and clients. In versions 1

CVE-2026-24132 - Orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specificat

CVE-2026-20613 - The ArchiveReader.extractContents() function used by cctl image load and container image load perfor

CVE-2025-9290 - An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controll

CVE-2026-24307 - Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to di

CVE-2026-24306 - Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privile

CVE-2026-24305 - Azure Entra ID Elevation of Privilege Vulnerability

CVE-2026-24130 - Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0

CVE-2026-24129 - Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a

CVE-2026-24124 - Dragonfly is an open source P2P-based file distribution and image acceleration system. In versions 2

CVE-2026-21524 - Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthor

CVE-2026-21521 - Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized atta

CVE-2026-21520 - Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticate

CVE-2026-21264 - Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Ac

CVE-2026-21227 - Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps a

CVE-2025-67652 - An attacker with access to the project file could use the exposed credentials to impersonate users,

CVE-2025-55705 - This vulnerability occurs when the system permits multiple simultaneous connections to the backend

CVE-2025-54816 - This vulnerability occurs when a WebSocket endpoint does not enforce proper authentication mechanis

CVE-2025-53968 - This vulnerability arises because there are no limitations on the number of authentication attempts

CVE-2025-25051 - An attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially

CVE-2026-24117 - Rekor is a software supply chain transparency log. In versions 1.4.3 and below, attackers can trigge

CVE-2026-24058 - Soft Serve is a self-hostable Git server for the command line. Versions 0.11.2 and below have a crit

CVE-2026-23988 - Rufus is a utility that helps format and create bootable USB flash drives. Versions 4.11 and below c

CVE-2026-23954 - Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with

CVE-2026-23953 - Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with t

CVE-2026-23831 - Rekor is a software supply chain transparency log. In versions 1.4.3 and below, the entry implementa

CVE-2026-20912 - Gitea does not properly validate repository ownership when linking attachments to releases. An attac

CVE-2026-20904 - Gitea does not properly validate ownership when toggling OpenID URI visibility. An authenticated use

CVE-2026-20897 - Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write

CVE-2026-20888 - Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interf

CVE-2026-20883 - Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a

CVE-2026-20800 - Gitea's notification API does not re-validate repository access permissions when returning notificat

CVE-2026-20750 - Gitea does not properly validate project ownership in organization project operations. A user with p

CVE-2026-20736 - Gitea does not properly verify repository context when deleting attachments. A user who previously u

CVE-2026-1201 - An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automati

CVE-2026-0798 - Gitea may send release notification emails for private repositories to users whose access has been r

CVE-2025-9289 - A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to

CVE-2025-14751 - A low-privileged user can bypass account credentials without confirming the user's current authentic

CVE-2025-14750 - The web application does not sufficiently verify inputs that are assumed to be immutable but are act

CVE-2025-22234 - The fix applied in CVE-2025-22228 inadvertently broke the timing attack mitigation implemented in Da

CVE-2026-22281 - Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions

CVE-2026-22280 - Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions

CVE-2026-22279 - Dell PowerScale OneFS, versions prior 9.13.0.0, contains an insufficient logging vulnerability. An u

CVE-2025-68609 - A vulnerability in Palantir's Aries service allowed unauthenticated access to log viewing and manage

CVE-2025-66428 - An issue with WordPress directory names in WebPros WordPress Toolkit before 6.9.1 allows privilege e

CVE-2025-56590 - An issue was discovered in the InsertFromURL() function of the Apryse HTML2PDF SDK thru 11.10. This

CVE-2026-24390 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2026-24389 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-24388 - Missing Authorization vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Exploiting

CVE-2026-24387 - Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicat

CVE-2026-24386 - Missing Authorization vulnerability in Element Invader Element Invader – Template Kits for Ele

CVE-2026-24384 - Cross-Site Request Forgery (CSRF) vulnerability in launchinteractive Merge + Minify + Refresh merge-

CVE-2026-24383 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-24381 - Server-Side Request Forgery (SSRF) vulnerability in ThemeGoods PhotoMe photome allows Server Side Re

CVE-2026-24380 - Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management all

CVE-2026-24379 - Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-p

CVE-2026-24377 - Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH

CVE-2026-24374 - Cross-Site Request Forgery (CSRF) vulnerability in Metagauss RegistrationMagic custom-registration-f

CVE-2026-24371 - Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allow

CVE-2026-24368 - Missing Authorization vulnerability in Theme-one The Grid the-grid allows Exploiting Incorrectly Con

CVE-2026-24367 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2026-24366 - Missing Authorization vulnerability in YITHEMES YITH WooCommerce Request A Quote yith-woocommerce-re

CVE-2026-24365 - Cross-Site Request Forgery (CSRF) vulnerability in storeapps Stock Manager for WooCommerce woocommer

CVE-2026-24361 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-24360 - Server-Side Request Forgery (SSRF) vulnerability in Craig Hewitt Seriously Simple Podcasting serious

CVE-2026-24358 - Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next a

CVE-2026-24357 - Missing Authorization vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Exploiting Inco

CVE-2026-24356 - Missing Authorization vulnerability in Roxnor GetGenie getgenie allows Exploiting Incorrectly Config

CVE-2026-24355 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-24354 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-24353 - Missing Authorization vulnerability in wpeverest User Registration user-registration allows Exploiti

CVE-2026-23978 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2026-23976 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-23975 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2026-23974 - Missing Authorization vulnerability in uxper Golo golo allows Exploiting Incorrectly Configured Acce

CVE-2026-23764 - VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.

CVE-2026-23763 - VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively

CVE-2026-23762 - VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.

CVE-2026-23761 - VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.

CVE-2026-22483 - Cross-Site Request Forgery (CSRF) vulnerability in winkm89 teachPress teachpress allows Cross Site R

CVE-2026-22482 - Server-Side Request Forgery (SSRF) vulnerability in wbolt.com IMGspider imgspider allows Server Side

CVE-2026-22481 - Missing Authorization vulnerability in Rasedul Haque Rumi BD Courier Order Ratio Checker bd-courier-

CVE-2026-22472 - Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exp

CVE-2026-22470 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2026-22469 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mwtem

CVE-2026-22468 - Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons

CVE-2026-22466 - Missing Authorization vulnerability in Chandni Patel WP MapIt wp-mapit allows Exploiting Incorrectly

CVE-2026-22464 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2026-22463 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-22462 - Cross-Site Request Forgery (CSRF) vulnerability in richardevcom Add Polylang support for Customizer

CVE-2026-22461 - Missing Authorization vulnerability in WebAppick CTX Feed webappick-product-feed-for-woocommerce all

CVE-2026-22458 - Missing Authorization vulnerability in Mikado-Themes Wanderland wanderland allows Exploiting Incorre

CVE-2026-22450 - Missing Authorization vulnerability in Select-Themes Don Peppe donpeppe allows Exploiting Incorrectl

CVE-2026-22447 - Missing Authorization vulnerability in Select-Themes Prowess prowess allows Exploiting Incorrectly C

CVE-2026-22445 - Missing Authorization vulnerability in Proptech Plugin Apimo Connector apimo allows Exploiting Incor

CVE-2026-22430 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Verdure verdure allo

CVE-2026-22426 - Authorization Bypass Through User-Controlled Key vulnerability in Elated-Themes Sweet Jane sweetjane

CVE-2026-22411 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Dolcino dolcino allo

CVE-2026-22409 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Justicia justicia al

CVE-2026-22407 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Roam roam allows Exp

CVE-2026-22406 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Overton overton allo

CVE-2026-22404 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Innovio innovio allo

CVE-2026-22402 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2026-22401 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2026-22400 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Holmes holmes allows

CVE-2026-22398 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Fleur fleur allows E

CVE-2026-22396 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Fiorello fiorello al

CVE-2026-22393 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Curly curly allows E

CVE-2026-22391 - Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows E

CVE-2026-22388 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-22382 - Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinar

CVE-2026-22360 - Cross-Site Request Forgery (CSRF) vulnerability in AA-Team SearchAzon searchazon allows Cross Site R

CVE-2026-22359 - Cross-Site Request Forgery (CSRF) vulnerability in AA-Team Wordpress Movies Bulk Importer movies imp

CVE-2026-22358 - Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft Electrician - Electrical Service W

CVE-2026-22355 - Cross-Site Request Forgery (CSRF) vulnerability in gregmolnar Simple XML Sitemap simple-xml-sitemap

CVE-2026-22353 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-22349 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-22348 - Missing Authorization vulnerability in Tasos Fel Civic Cookie Control civic-cookie-control-8 allows

CVE-2026-22347 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-22278 - Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authe

CVE-2026-1260 - Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file,

CVE-2026-0535 - A maliciously crafted HTML payload, stored in a component’s description and clicked by a user, can t

CVE-2026-0534 - A maliciously crafted HTML payload, stored in a part’s attribute and clicked by a user, can trigger

CVE-2026-0533 - A maliciously crafted HTML payload in a design name, when displayed during the delete confirmation d

CVE-2025-70899 - PHPgurukul Online Course Registration v3.1 lacks Cross-Site Request Forgery (CSRF) protection on all

CVE-2025-69828 - File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allow

CVE-2025-69321 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69320 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69319 - Improper Control of Generation of Code ('Code Injection') vulnerability in Beaver Builder Beaver Bui

CVE-2025-69318 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69317 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69316 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69315 - Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appoint

CVE-2025-69314 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69313 - Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Confi

CVE-2025-69312 - Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro-ele

CVE-2025-69311 - Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Inc

CVE-2025-69300 - Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elemen

CVE-2025-69293 - Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Esc

CVE-2025-69292 - Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privile

CVE-2025-69193 - Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting Incor

CVE-2025-69192 - Missing Authorization vulnerability in e-plugins Real Estate Pro real-estate-pro allows Exploiting I

CVE-2025-69191 - Missing Authorization vulnerability in e-plugins ListingHub listinghub allows Exploiting Incorrectly

CVE-2025-69190 - Missing Authorization vulnerability in e-plugins Listihub listihub allows Exploiting Incorrectly Con

CVE-2025-69188 - Missing Authorization vulnerability in e-plugins fitness-trainer fitness-trainer allows Exploiting I

CVE-2025-69187 - Missing Authorization vulnerability in e-plugins Final User final-user allows Exploiting Incorrectly

CVE-2025-69186 - Missing Authorization vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory

CVE-2025-69185 - Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incor

CVE-2025-69184 - Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allow

CVE-2025-69183 - Incorrect Privilege Assignment vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-

CVE-2025-69182 - Incorrect Privilege Assignment vulnerability in e-plugins Institutions Directory institutions-direct

CVE-2025-69181 - Missing Authorization vulnerability in e-plugins Lawyer Directory lawyer-directory allows Exploiting

CVE-2025-69180 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2025-69102 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69101 - Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core w

CVE-2025-69100 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69099 - Deserialization of Untrusted Data vulnerability in fuelthemes North north-wp allows Object Injection

CVE-2025-69098 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69097 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vibe

CVE-2025-69095 - Missing Authorization vulnerability in designthemes Reservation Plugin dt-reservation-plugin allows

CVE-2025-69079 - Deserialization of Untrusted Data vulnerability in ThemeREX Sound | Musical Instruments Online Store

CVE-2025-69078 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69077 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69076 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69075 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69074 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69073 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69072 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69071 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69070 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69068 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69067 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69066 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69065 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69064 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69062 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69061 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69060 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69059 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69058 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69057 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69056 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69055 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaT

CVE-2025-69054 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69053 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69052 - Missing Authorization vulnerability in FmeAddons Registration & Login with Mobile Phone Number for W

CVE-2025-69051 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69050 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69049 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69048 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69047 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69046 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69045 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2025-69044 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69043 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69042 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69041 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69040 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69039 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69038 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69037 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69036 - Deserialization of Untrusted Data vulnerability in strongholdthemes Tech Life CPT techlife-cpt allow

CVE-2025-69035 - Deserialization of Untrusted Data vulnerability in strongholdthemes Dental Care CPT dentalcare-cpt a

CVE-2025-69005 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69004 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-69003 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-69002 - Deserialization of Untrusted Data vulnerability in designthemes OneLife onelife allows Object Inject

CVE-2025-69001 - Improper Control of Generation of Code ('Code Injection') vulnerability in Shahjahan Jewel FluentFor

CVE-2025-68999 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2025-68986 - Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Miion miion allows Uploa

CVE-2025-68913 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-68912 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Harm

CVE-2025-68911 - Missing Authorization vulnerability in solacewp Solace solace allows Exploiting Incorrectly Configur