CVE-2025-13812 - The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plug

CVE-2025-12067 - The Table Field Add-on for ACF and SCF plugin for WordPress is vulnerable to Stored Cross-Site Scrip

CVE-2026-21411 - Authentication bypass issue exists in OpenBlocks series versions prior to FW5.0.8, which may allow a

CVE-2025-4776 - The Phlox theme for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-caption` HT

CVE-2025-13215 - The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Information

CVE-2025-15001 - The FS Registration Password plugin for WordPress is vulnerable to privilege escalation via account

CVE-2025-14997 - The BuddyPress Xprofile Custom Field Types plugin for WordPress is vulnerable to arbitrary file dele

CVE-2025-14996 - The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege e

CVE-2025-14441 - The Popupkit plugin for WordPress is vulnerable to arbitrary subscriber data deletion due to missing

CVE-2025-14438 - The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in

CVE-2025-14120 - The URL Image Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG Fil

CVE-2026-21750 - Rejected reason: Not used

CVE-2026-21749 - Rejected reason: Not used

CVE-2026-21748 - Rejected reason: Not used

CVE-2026-21747 - Rejected reason: Not used

CVE-2026-21746 - Rejected reason: Not used

CVE-2026-21745 - Rejected reason: Not used

CVE-2026-21744 - Rejected reason: Not used

CVE-2026-21677 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2026-21676 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2026-21487 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2026-21486 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2026-21485 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2026-0604 - The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to Path Tr

CVE-2025-14153 - The Page Expire Popup/Redirection for WordPress plugin for WordPress is vulnerable to time-based SQL

CVE-2025-14034 - The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized modifi

CVE-2025-13746 - The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Stored Cross-Site Scrip

CVE-2025-13652 - The CBX Bookmark & Favorite plugin for WordPress is vulnerable to generic SQL Injection via the ‘ord

CVE-2025-13409 - The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via

CVE-2025-11723 - The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress

CVE-2025-11370 - The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Im

CVE-2025-12793 - An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local attacker

CVE-2026-21675 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2026-21674 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2026-21673 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2025-20807 - In dpe, there is a possible out of bounds write due to an integer overflow. This could lead to local

CVE-2025-20806 - In dpe, there is a possible memory corruption due to use after free. This could lead to local escala

CVE-2025-20805 - In dpe, there is a possible memory corruption due to use after free. This could lead to local escala

CVE-2025-20804 - In dpe, there is a possible memory corruption due to use after free. This could lead to local escala

CVE-2025-20803 - In dpe, there is a possible memory corruption due to an integer overflow. This could lead to local e

CVE-2025-20802 - In geniezone, there is a possible memory corruption due to use after free. This could lead to local

CVE-2025-20801 - In seninf, there is a possible memory corruption due to a race condition. This could lead to local e

CVE-2025-20800 - In mminfra, there is a possible out of bounds write due to a missing bounds check. This could lead t

CVE-2025-20799 - In c2ps, there is a possible memory corruption due to use after free. This could lead to local escal

CVE-2025-20798 - In battery, there is a possible out of bounds write due to a missing bounds check. This could lead t

CVE-2025-20797 - In battery, there is a possible out of bounds write due to a missing bounds check. This could lead t

CVE-2025-20796 - In imgsys, there is a possible out of bounds write due to improper input validation. This could lead

CVE-2025-20795 - In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lea

CVE-2025-20794 - In Modem, there is a possible system crash due to improper input validation. This could lead to remo

CVE-2025-20793 - In Modem, there is a possible system crash due to incorrect error handling. This could lead to remot

CVE-2025-20787 - In display, there is a possible memory corruption due to use after free. This could lead to local es

CVE-2025-20786 - In display, there is a possible memory corruption due to use after free. This could lead to local es

CVE-2025-20785 - In display, there is a possible memory corruption due to use after free. This could lead to local es

CVE-2025-20784 - In display, there is a possible memory corruption due to uninitialized data. This could lead to loca

CVE-2025-20783 - In display, there is a possible out of bounds write due to a missing bounds check. This could lead t

CVE-2025-20782 - In display, there is a possible out of bounds write due to a missing bounds check. This could lead t

CVE-2025-20781 - In display, there is a possible memory corruption due to use after free. This could lead to local es

CVE-2025-20780 - In display, there is a possible memory corruption due to use after free. This could lead to local es

CVE-2025-20779 - In display, there is a possible use after free due to a race condition. This could lead to local esc

CVE-2025-20778 - In display, there is a possible out of bounds write due to a missing bounds check. This could lead t

CVE-2025-20762 - In Modem, there is a possible system crash due to incorrect error handling. This could lead to remot

CVE-2025-20761 - In Modem, there is a possible system crash due to incorrect error handling. This could lead to remot

CVE-2025-20760 - In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This cou

CVE-2025-15385 - Insufficient Verification of Data Authenticity vulnerability in TECNO Mobile com.Afmobi.Boomplayer a

CVE-2025-15364 - The Download Manager plugin for WordPress is vulnerable to privilege escalation via account takeover

CVE-2026-21507 - iccDEV provides a set of libraries and tools for working with ICC color management profiles. Version

CVE-2025-69197 - Pterodactyl is a free, open-source game server management panel. Versions 1.11.11 and below allow TO

CVE-2025-68954 - Pterodactyl is a free, open-source game server management panel. Versions 1.11.11 and below do not r

CVE-2025-15444 - Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libso

CVE-2026-21439 - badkeys is a tool and library for checking cryptographic public keys for known vulnerabilities. In v

CVE-2026-0607 - A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the fi

CVE-2025-69230 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 a

CVE-2025-69229 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 a

CVE-2025-69228 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and

CVE-2025-69227 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and

CVE-2025-69225 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and

CVE-2026-0606 - A vulnerability was detected in code-projects Online Music Site 1.0. Affected by this issue is some

CVE-2025-69226 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and

CVE-2025-69224 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and

CVE-2026-0625 - Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vul

CVE-2025-69223 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and

CVE-2025-68953 - Frappe is a full-stack web application framework. Versions 14.99.5 and below and 15.0.0 through 15.8

CVE-2025-68456 - Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 3.0.0

CVE-2025-68455 - Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC

CVE-2025-68454 - Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC

CVE-2025-68437 - Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0

CVE-2025-68436 - Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0

CVE-2025-68428 - jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first

CVE-2025-67732 - Dify is an open-source LLM app development platform. Prior to version 1.11.0, the API key is exposed

CVE-2025-66648 - vega-functions provides function implementations for the Vega expression language. Prior to version

CVE-2025-65110 - Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive

CVE-2025-61916 - Spinnaker is an open source, multi-cloud continuous delivery platform. Versions prior to 2025.1.6, 2

CVE-2026-0621 - Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression deni

CVE-2026-0605 - A security vulnerability has been detected in code-projects Online Music Site 1.0. Affected by this

CVE-2025-64425 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-64424 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-64423 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-64422 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-67427 - A Blind Server-Side Request Forgery (SSRF) vulnerability in evershop 2.1.0 and prior allows unauthen

CVE-2025-67419 - A Denial of Service (DoS) vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers

CVE-2025-64421 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-64420 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-64419 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-69291 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a

CVE-2025-69290 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a

CVE-2025-67397 - An issue in Passy v.1.6.3 allows a remote authenticated attacker to execute arbitrary commands via a

CVE-2025-53966 - An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Han

CVE-2025-52517 - An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330

CVE-2025-52516 - An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330

CVE-2025-52515 - An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330

CVE-2025-49495 - An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580

CVE-2025-43706 - An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980,

CVE-2025-27807 - An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990,

CVE-2024-56825 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a

CVE-2024-56809 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a

CVE-2025-65922 - PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be e

CVE-2025-61781 - OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables.

CVE-2025-59955 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-59158 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-59157 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-59156 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases.

CVE-2025-55204 - muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-cl

CVE-2026-21635 - An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5

CVE-2026-21634 - A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (

CVE-2026-21633 - A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Pr

CVE-2025-67316 - An issue in realme Internet browser v.45.13.4.1 allows a remote attacker to execute arbitrary code v

CVE-2025-59467 - A Cross-Site Scripting (XSS) vulnerability in the UCRM Argentina AFIP invoices Plugin (v1.2.0 and ea

CVE-2025-57836 - An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a

CVE-2025-53344 - Cross-Site Request Forgery (CSRF) vulnerability in ThimPress Thim Core allows Cross Site Request For

CVE-2025-52519 - An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330

CVE-2025-46255 - Missing Authorization vulnerability in Marketing Fire LLC LoginWP - Pro allows Accessing Functionali

CVE-2025-39561 - Missing Authorization vulnerability in Marketing Fire, LLC LoginWP - Pro allows Accessing Functional

CVE-2025-39497 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2025-39484 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2025-10933 - An integer underflow vulnerability in the Silicon Labs Z-Wave Protocol Controller can lead to out of

CVE-2024-53735 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2024-30516 - Improper Validation of Specified Quantity in Input vulnerability in SaasProject Booking Package allo

CVE-2024-30461 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab

CVE-2025-67315 - Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote a

CVE-2025-67303 - An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate

CVE-2025-65328 - Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value of the X-Forwarded-For (XFF) he

CVE-2025-14346 - WHILL Model C2 Electric Wheelchairs and Model F Power Chairs do not enforce authentication for Bluet

CVE-2026-0597 - A flaw has been found in Campcodes Supplier Management System 1.0. Affected by this issue is some un

CVE-2025-66376 - Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS vi

CVE-2025-15029 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2025-15026 - Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awi

CVE-2026-0592 - A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This aff

CVE-2026-0591 - A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted

CVE-2025-68280 - Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible

CVE-2025-12513 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab

CVE-2025-12511 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab

CVE-2024-23511 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab

CVE-2023-52212 - Cross-Site Request Forgery (CSRF) vulnerability in Automattic WP Job Manager allows Cross Site Reque

CVE-2023-51513 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab

CVE-2023-50897 - Unrestricted Upload of File with Dangerous Type vulnerability in Meow Apps Media File Renamer allows

CVE-2023-49186 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab

CVE-2026-0590 - A vulnerability was determined in code-projects Online Product Reservation System 1.0. The affected

CVE-2026-0589 - A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unk

CVE-2026-0588 - A weakness has been identified in Xinhu Rainrock RockOA up to 2.7.1. Affected by this vulnerability

CVE-2026-0587 - A security flaw has been discovered in Xinhu Rainrock RockOA up to 2.7.1. Affected is an unknown fun

CVE-2026-0586 - A vulnerability was detected in code-projects Online Product Reservation System 1.0. The affected el

CVE-2025-69087 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio

CVE-2025-68865 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2025-68850 - Missing Authorization vulnerability in codepeople Sell Downloads sell-downloads allows Exploiting In

CVE-2025-68547 - Missing Authorization vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Exploiti

CVE-2025-68044 - Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Re

CVE-2025-68033 - Insertion of Sensitive Information Into Sent Data vulnerability in Brecht Custom Related Posts custo

CVE-2025-68029 - Insertion of Sensitive Information Into Sent Data vulnerability in WP Swings Wallet System for WooCo

CVE-2025-68014 - Insertion of Sensitive Information Into Sent Data vulnerability in awethemes AweBooking awebooking a

CVE-2025-31048 - Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web S

CVE-2025-31047 - Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.Thi

CVE-2025-31046 - Missing Authorization vulnerability in WPvibes AnyWhere Elementor Pro allows Exploiting Incorrectly

CVE-2025-31044 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2025-30633 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2025-13056 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab

CVE-2025-12519 - Missing Authorization vulnerability in Centreon Infra Monitoring (Administration parameters API endp

CVE-2026-0585 - A security vulnerability has been detected in code-projects Online Product Reservation System 1.0. I

CVE-2026-0584 - A weakness has been identified in code-projects Online Product Reservation System 1.0. This issue af

CVE-2026-0583 - A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This vul

CVE-2025-68766 - In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error cod

CVE-2025-68765 - In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak i

CVE-2025-68764 - In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems sh

CVE-2025-68763 - In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Correctly ha

CVE-2025-68762 - In the Linux kernel, the following vulnerability has been resolved: net: netpoll: initialize work q

CVE-2025-68761 - In the Linux kernel, the following vulnerability has been resolved: hfs: fix potential use after fr

CVE-2025-68760 - In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of

CVE-2025-68759 - In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential me

CVE-2025-68758 - In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink

CVE-2025-68757 - In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential d

CVE-2025-68756 - In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blk_mq_[un]qu

CVE-2025-68755 - In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2

CVE-2025-68754 - In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double fre

CVE-2025-68753 - In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds

CVE-2025-68752 - In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with

CVE-2025-68751 - In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive km

CVE-2025-5965 - In the backup parameters, a user with high privilege is able to concatenate custom instructions to t

CVE-2026-0582 - A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknow

CVE-2026-0581 - A vulnerability was determined in Tenda AC1206 15.03.06.23. Affected by this issue is the function f

CVE-2025-66518 - Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-si

CVE-2025-15240 - QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnera

CVE-2025-15239 - QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, a

CVE-2026-0580 - A vulnerability was found in SourceCodester API Key Manager App 1.0. Affected by this vulnerability

CVE-2025-15238 - QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, a

CVE-2025-15237 - QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability,

CVE-2025-15236 - QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability,

CVE-2025-15235 - QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Missing Authorization vulnerab

CVE-2025-15022 - Action captions in Vaadin accept HTML by default but were not sanitized, potentially allowing Cross-

CVE-2025-15462 - A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy o

CVE-2025-15461 - A flaw has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of

CVE-2025-9543 - The FlexTable WordPress plugin before 3.19.2 does not sanitise and escape the imported links from G

CVE-2025-15460 - A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the fi

CVE-2025-15459 - A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is th

CVE-2025-14124 - The Team WordPress plugin before 5.0.11 does not properly sanitize and escape a parameter before us

CVE-2025-15458 - A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the

CVE-2025-15457 - A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function o

CVE-2025-15456 - A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown funct

CVE-2025-15455 - A flaw has been found in bg5sbk MiniCMS up to 1.8. Impacted is the function delete_page of the file

CVE-2025-15454 - A vulnerability was detected in zhanglun lettura up to 0.1.22. This issue affects some unknown proce

CVE-2025-15453 - A security vulnerability has been detected in milvus up to 2.6.7. This vulnerability affects the fun

CVE-2025-15452 - A weakness has been identified in xnx3 wangmarket up to 4.9. This affects the function variableList

CVE-2025-15451 - A security flaw has been discovered in xnx3 wangmarket up to 4.9. Affected by this issue is some unk

CVE-2025-15450 - A vulnerability was identified in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8

CVE-2025-5591 - Kentico Xperience 13 is vulnerable to a stored cross-site scripting attack via a form component, all

CVE-2025-15449 - A vulnerability was determined in cld378632668 JavaMall up to 994f1e2b019378ec9444cdf3fce2d5b5f72d28

CVE-2025-15448 - A vulnerability was found in cld378632668 JavaMall up to 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. T

CVE-2025-15447 - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candi

CVE-2025-15446 - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candi

CVE-2026-0579 - A vulnerability was found in code-projects Online Product Reservation System 1.0. This affects an un

CVE-2026-0578 - A vulnerability has been found in code-projects Online Product Reservation System 1.0. Affected by t

CVE-2025-15443 - A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of t

CVE-2025-15442 - A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the

CVE-2026-0577 - A flaw has been found in code-projects Online Product Reservation System 1.0. Affected by this vulne

CVE-2025-14830 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab

CVE-2026-0576 - A vulnerability was detected in code-projects Online Product Reservation System 1.0. Affected is an

CVE-2026-0575 - A security vulnerability has been detected in code-projects Online Product Reservation System 1.0. T

CVE-2026-0574 - A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. T

CVE-2025-3660 - Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains a broken access control vulnerabil

CVE-2025-3654 - Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerab

CVE-2025-3653 - Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an improper access control vulnera

CVE-2025-3652 - Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerab

CVE-2025-3646 - Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerabil

CVE-2025-15115 - Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authentication bypass vulnerabi