| CVE-2026-50746 | critical | Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS | 3h ago |
| CVE-2026-55255 | critical | Attackers using Langflow flaw for credential harvesting (CVE-2026-55255) | 3h ago |
| CVE-2026-12958 | high | Bug in top AI coding agents shows that Unix-era security headaches never really die | 3h ago |
| CVE-2026-43499 | critical | 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros | 11h ago |
| CVE-2026-48282 | high | CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV | 12h ago |
| CVE-2026-20896 | critical | Critical Gitea Flaw Under Active Exploitation, Researchers Warn | 1d ago |
| CVE-2026-48282 | critical | Critical Adobe ColdFusion Vulnerability Exploited in Attacks | 1d ago |
| CVE-2024-42009 | high | Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities | 1d ago |
| CVE-2026-11405 | high | CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware | 1d ago |
| CVE-2026-40138 | critical | BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA | 1d ago |
| CVE-2026-53359 | | 16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems | 2d ago |
| CVE-2026-20896 | critical | Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure | 2d ago |
| CVE-2026-46242 | | New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android | 4d ago |
| CVE-2025-5777 | | Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials | 5d ago |
| CVE-2026-48558 | critical | 'Djinn' Stealer Targets Cloud, AI Credentials | 8d ago |
| CVE-2025-54957 | critical | A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens | 56d ago |
| CVE-2026-33538 | high | CVE-2026-33538: Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 105d ago |
| CVE-2026-33527 | medium | CVE-2026-33527: Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 105d ago |
| CVE-2026-33508 | high | CVE-2026-33508: Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 105d ago |
| CVE-2026-33498 | high | CVE-2026-33498: Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 105d ago |
| CVE-2026-33429 | medium | CVE-2026-33429: Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 105d ago |
| CVE-2026-33421 | medium | CVE-2026-33421: Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 105d ago |
| CVE-2026-33417 | medium | CVE-2026-33417: Wallos is an open-source, self-hostable personal subscription tracker. | 105d ago |
| CVE-2026-33409 | critical | CVE-2026-33409: Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 105d ago |
| CVE-2026-33323 | medium | CVE-2026-33323: Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 105d ago |
| CVE-2026-30932 | high | CVE-2026-30932: Froxlor is open source server administration software. | 105d ago |
| CVE-2026-2417 | | CVE-2026-2417: A Missing Authentication for Critical Function vulnerability in Pharos Controls Mosaic Show Controller firmware ver | 105d ago |
| CVE-2026-29772 | medium | CVE-2026-29772: Astro is a web framework. | 105d ago |
| CVE-2026-23924 | | CVE-2026-23924: Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.container_info' parameters when forwarding the | 105d ago |
| CVE-2026-23923 | | CVE-2026-23923: An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classe | 105d ago |
| CVE-2026-23921 | | CVE-2026-23921: A low privilege Zabbix user with API access can exploit a blind SQL injection vulnerability in include/classes/api | 105d ago |
| CVE-2026-23920 | | CVE-2026-23920: Host and event action script input is validated with a regex (set by the administrator), but the validation runs i | 105d ago |
| CVE-2026-23919 | | CVE-2026-23919: For performance reasons Zabbix Server/Proxy reuses JavaScript (Duktape) contexts (used in script items, JavaScript | 105d ago |
| CVE-2026-1995 | high | CVE-2026-1995: IDrive’s id_service.exe process runs with elevated privileges and regularly reads from several files under the C:\P | 105d ago |
| CVE-2026-33407 | critical | CVE-2026-33407: Wallos is an open-source, self-hostable personal subscription tracker. | 105d ago |
| CVE-2026-33401 | medium | CVE-2026-33401: Wallos is an open-source, self-hostable personal subscription tracker. | 105d ago |
| CVE-2026-33400 | medium | CVE-2026-33400: Wallos is an open-source, self-hostable personal subscription tracker. | 105d ago |
| CVE-2026-33399 | high | CVE-2026-33399: Wallos is an open-source, self-hostable personal subscription tracker. | 105d ago |
| CVE-2026-33162 | medium | CVE-2026-33162: Craft CMS is a content management system (CMS). | 105d ago |
| CVE-2026-33161 | medium | CVE-2026-33161: Craft CMS is a content management system (CMS). | 105d ago |
| CVE-2026-33160 | medium | CVE-2026-33160: Craft CMS is a content management system (CMS). | 105d ago |
| CVE-2026-33159 | medium | CVE-2026-33159: Craft CMS is a content management system (CMS). | 105d ago |
| CVE-2026-33158 | medium | CVE-2026-33158: Craft CMS is a content management system (CMS). | 105d ago |
| CVE-2026-33157 | high | CVE-2026-33157: Craft CMS is a content management system (CMS). | 105d ago |
| CVE-2026-32854 | high | CVE-2026-32854: LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities | 105d ago |
| CVE-2026-32853 | high | CVE-2026-32853: LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability i | 105d ago |
| CVE-2026-26809 | | CVE-2026-26809: Rejected reason: DO NOT USE THIS CVE RECORD. | 105d ago |
| CVE-2026-33340 | critical | CVE-2026-33340: LoLLMs WEBUI provides the Web user interface for Lord of Large Language and Multi modal Systems. | 106d ago |
| CVE-2025-11571 | | CVE-2025-11571: Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. | 106d ago |
| CVE-2026-33700 | medium | CVE-2026-33700: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33680 | high | CVE-2026-33680: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33679 | medium | CVE-2026-33679: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33678 | high | CVE-2026-33678: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33677 | medium | CVE-2026-33677: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33676 | medium | CVE-2026-33676: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33675 | medium | CVE-2026-33675: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33668 | high | CVE-2026-33668: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33474 | medium | CVE-2026-33474: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33473 | medium | CVE-2026-33473: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33336 | high | CVE-2026-33336: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33335 | high | CVE-2026-33335: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33334 | critical | CVE-2026-33334: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-29840 | medium | CVE-2026-29840: JiZhiCMS v2.5.6 and before contains a Stored Cross-Site Scripting (XSS) vulnerability in the release function with | 106d ago |
| CVE-2026-29839 | high | CVE-2026-29839: DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability in /sys_task_add.php. | 106d ago |
| CVE-2025-71275 | | CVE-2025-71275: Rejected reason: This CVE was rejected due to being a duplicate of CVE-2024-45519. | 106d ago |
| CVE-2026-4775 | high | CVE-2026-4775: A flaw was found in the libtiff library. | 106d ago |
| CVE-2026-33554 | high | CVE-2026-33554: ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. | 106d ago |
| CVE-2026-33316 | high | CVE-2026-33316: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33315 | medium | CVE-2026-33315: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-33313 | medium | CVE-2026-33313: Vikunja is an open-source self-hosted task management platform. | 106d ago |
| CVE-2026-32647 | high | CVE-2026-32647: NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an atta | 106d ago |
| CVE-2026-30662 | medium | CVE-2026-30662: ConcreteCMS v9.4.7 contains a Denial of Service (DoS) vulnerability in the File Manager component. | 106d ago |
| CVE-2026-30661 | medium | CVE-2026-30661: iCMS v8.0.0 contains a Cross-Site Scripting (XSS) vulnerability in the User Management component, specifically wit | 106d ago |
| CVE-2026-30655 | medium | CVE-2026-30655: SQL injection in Solicitante::resetaSenha() in esiclivre/esiclivre v0.2.2 and earlier allows unauthenticated remot | 106d ago |
| CVE-2026-30653 | high | CVE-2026-30653: An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function Hand | 106d ago |
| CVE-2026-28755 | medium | CVE-2026-28755: NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the improper hand | 106d ago |
| CVE-2026-28753 | low | CVE-2026-28753: NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_smtp_module module due to the improper handl | 106d ago |
| CVE-2026-27784 | high | CVE-2026-27784: The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might | 106d ago |
| CVE-2026-27654 | high | CVE-2026-27654: NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attack | 106d ago |
| CVE-2026-27651 | high | CVE-2026-27651: When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can | 106d ago |
| CVE-2026-33497 | high | CVE-2026-33497: Langflow is a tool for building and deploying AI-powered agents and workflows. | 106d ago |
| CVE-2026-33484 | high | CVE-2026-33484: Langflow is a tool for building and deploying AI-powered agents and workflows. | 106d ago |
| CVE-2026-33418 | high | CVE-2026-33418: DiceBear is an avatar library for designers and developers. | 106d ago |
| CVE-2026-33311 | medium | CVE-2026-33311: DiceBear is an avatar library for designers and developers. | 106d ago |
| CVE-2026-33310 | high | CVE-2026-33310: Intake is a package for finding, investigating, loading and disseminating data. | 106d ago |
| CVE-2026-4729 | critical | CVE-2026-4729: Memory safety bugs present in Firefox 148 and Thunderbird 148. | 106d ago |
| CVE-2026-4728 | medium | CVE-2026-4728: Spoofing issue in the Privacy: Anti-Tracking component. | 106d ago |
| CVE-2026-4727 | high | CVE-2026-4727: Denial-of-service in the Libraries component in NSS. | 106d ago |
| CVE-2026-4726 | high | CVE-2026-4726: Denial-of-service in the XML component. | 106d ago |
| CVE-2026-4725 | critical | CVE-2026-4725: Sandbox escape due to use-after-free in the Graphics: Canvas2D component. | 106d ago |
| CVE-2026-4724 | critical | CVE-2026-4724: Undefined behavior in the Audio/Video component. | 106d ago |
| CVE-2026-4723 | critical | CVE-2026-4723: Use-after-free in the JavaScript Engine component. | 106d ago |
| CVE-2026-4722 | high | CVE-2026-4722: Privilege escalation in the IPC component. | 106d ago |
| CVE-2026-4721 | critical | CVE-2026-4721: Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunder | 106d ago |
| CVE-2026-4720 | critical | CVE-2026-4720: Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. | 106d ago |
| CVE-2026-4719 | high | CVE-2026-4719: Incorrect boundary conditions in the Graphics: Text component. | 106d ago |
| CVE-2026-4718 | high | CVE-2026-4718: Undefined behavior in the WebRTC: Signaling component. | 106d ago |
| CVE-2026-4717 | critical | CVE-2026-4717: Privilege escalation in the Netmonitor component. | 106d ago |
| CVE-2026-4716 | critical | CVE-2026-4716: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. | 106d ago |
| CVE-2026-4715 | critical | CVE-2026-4715: Uninitialized memory in the Graphics: Canvas2D component. | 106d ago |
| CVE-2026-4714 | high | CVE-2026-4714: Incorrect boundary conditions in the Audio/Video component. | 106d ago |
| CVE-2026-4713 | high | CVE-2026-4713: Incorrect boundary conditions in the Graphics component. | 106d ago |
| CVE-2026-4712 | high | CVE-2026-4712: Information disclosure in the Widget: Cocoa component. | 106d ago |
| CVE-2026-4711 | critical | CVE-2026-4711: Use-after-free in the Widget: Cocoa component. | 106d ago |
| CVE-2026-4710 | critical | CVE-2026-4710: Incorrect boundary conditions in the Audio/Video component. | 106d ago |
| CVE-2026-4709 | high | CVE-2026-4709: Incorrect boundary conditions in the Audio/Video: GMP component. | 106d ago |
| CVE-2026-4708 | high | CVE-2026-4708: Incorrect boundary conditions in the Graphics component. | 106d ago |
| CVE-2026-4707 | high | CVE-2026-4707: Incorrect boundary conditions in the Graphics: Canvas2D component. | 106d ago |
| CVE-2026-4706 | high | CVE-2026-4706: Incorrect boundary conditions in the Graphics: Canvas2D component. | 106d ago |
| CVE-2026-4705 | critical | CVE-2026-4705: Undefined behavior in the WebRTC: Signaling component. | 106d ago |
| CVE-2026-4704 | high | CVE-2026-4704: Denial-of-service in the WebRTC: Signaling component. | 106d ago |
| CVE-2026-4702 | critical | CVE-2026-4702: JIT miscompilation in the JavaScript Engine component. | 106d ago |
| CVE-2026-4701 | critical | CVE-2026-4701: Use-after-free in the JavaScript Engine component. | 106d ago |
| CVE-2026-4700 | critical | CVE-2026-4700: Mitigation bypass in the Networking: HTTP component. | 106d ago |
| CVE-2026-4699 | high | CVE-2026-4699: Incorrect boundary conditions in the Layout: Text and Fonts component. | 106d ago |
| CVE-2026-4698 | critical | CVE-2026-4698: JIT miscompilation in the JavaScript Engine: JIT component. | 106d ago |
| CVE-2026-4697 | high | CVE-2026-4697: Incorrect boundary conditions in the Audio/Video: Web Codecs component. | 106d ago |
| CVE-2026-4696 | critical | CVE-2026-4696: Use-after-free in the Layout: Text and Fonts component. | 106d ago |
| CVE-2026-4695 | high | CVE-2026-4695: Incorrect boundary conditions in the Audio/Video: Web Codecs component. | 106d ago |
| CVE-2026-4694 | high | CVE-2026-4694: Incorrect boundary conditions, integer overflow in the Graphics component. | 106d ago |
| CVE-2026-4693 | high | CVE-2026-4693: Incorrect boundary conditions in the Audio/Video: Playback component. | 106d ago |
| CVE-2026-4692 | critical | CVE-2026-4692: Sandbox escape in the Responsive Design Mode component. | 106d ago |
| CVE-2026-4691 | critical | CVE-2026-4691: Use-after-free in the CSS Parsing and Computation component. | 106d ago |
| CVE-2026-4690 | high | CVE-2026-4690: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. | 106d ago |
| CVE-2026-4689 | critical | CVE-2026-4689: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. | 106d ago |
| CVE-2026-4688 | critical | CVE-2026-4688: Sandbox escape due to use-after-free in the Disability Access APIs component. | 106d ago |
| CVE-2026-4687 | high | CVE-2026-4687: Sandbox escape due to incorrect boundary conditions in the Telemetry component. | 106d ago |
| CVE-2026-4686 | high | CVE-2026-4686: Incorrect boundary conditions in the Graphics: Canvas2D component. | 106d ago |
| CVE-2026-4685 | high | CVE-2026-4685: Incorrect boundary conditions in the Graphics: Canvas2D component. | 106d ago |
| CVE-2026-4684 | high | CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component. | 106d ago |
| CVE-2026-33475 | critical | CVE-2026-33475: Langflow is a tool for building and deploying AI-powered agents and workflows. | 106d ago |
| CVE-2026-33309 | critical | CVE-2026-33309: Langflow is a tool for building and deploying AI-powered agents and workflows. | 106d ago |
| CVE-2025-64998 | high | CVE-2025-64998: Exposure of session signing secret in Checkmk <2.4.0p23, <2.3.0p45 and 2.2.0 allows an administrator of a remote s | 106d ago |
| CVE-2019-25647 | high | CVE-2019-25647: PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated | 106d ago |
| CVE-2019-25646 | critical | CVE-2019-25646: Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote | 106d ago |
| CVE-2019-25645 | medium | CVE-2019-25645: WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to | 106d ago |
| CVE-2019-25644 | medium | CVE-2019-25644: WinMPG Video Convert 9.3.5 and older versions contain a buffer overflow vulnerability in the registration dialog t | 106d ago |
| CVE-2019-25643 | high | CVE-2019-25643: eNdonesia Portal v8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to exec | 106d ago |
| CVE-2019-25642 | high | CVE-2019-25642: Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arb | 106d ago |
| CVE-2019-25641 | high | CVE-2019-25641: Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulat | 106d ago |
| CVE-2019-25640 | high | CVE-2019-25640: Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate d | 106d ago |
| CVE-2019-25639 | high | CVE-2019-25639: Matrimony Website Script M-Plus contains multiple SQL injection vulnerabilities that allow unauthenticated attacke | 106d ago |
| CVE-2019-25638 | high | CVE-2019-25638: Meeplace Business Review Script contains an SQL injection vulnerability that allows unauthenticated attackers to e | 106d ago |
| CVE-2019-25637 | high | CVE-2019-25637: X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary | 106d ago |
| CVE-2019-25636 | high | CVE-2019-25636: Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate da | 106d ago |
| CVE-2019-25635 | high | CVE-2019-25635: Zeeways Matrimony CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to mani | 106d ago |
| CVE-2019-25634 | high | CVE-2019-25634: Base64 Decoder 1.1.2 contains a stack-based buffer overflow vulnerability that allows local attackers to execute a | 106d ago |
| CVE-2019-25633 | high | CVE-2019-25633: AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local | 106d ago |
| CVE-2019-25632 | medium | CVE-2019-25632: phpFileManager 1.7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read a | 106d ago |
| CVE-2019-25631 | high | CVE-2019-25631: AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local | 106d ago |
| CVE-2019-25630 | high | CVE-2019-25630: PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows au | 106d ago |
| CVE-2019-25629 | high | CVE-2019-25629: AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging func | 106d ago |
| CVE-2019-25628 | critical | CVE-2019-25628: Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that | 106d ago |
| CVE-2019-25627 | high | CVE-2019-25627: FlexHEX 2.71 contains a local buffer overflow vulnerability in the Stream Name field that allows local attackers t | 106d ago |
| CVE-2019-25626 | high | CVE-2019-25626: River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that all | 106d ago |
| CVE-2026-4649 | | CVE-2026-4649: Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages | 106d ago |
| CVE-2026-3509 | high | CVE-2026-3509: An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log | 106d ago |
| CVE-2026-32642 | medium | CVE-2026-32642: Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an applicat | 106d ago |
| CVE-2025-41660 | high | CVE-2025-41660: A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system | 106d ago |
| CVE-2026-4756 | high | CVE-2026-4756: Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: be | 106d ago |
| CVE-2026-4755 | critical | CVE-2026-4755: CWE-20 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11 | 106d ago |
| CVE-2026-4754 | medium | CVE-2026-4754: CWE-79 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11 | 106d ago |
| CVE-2026-33852 | high | CVE-2026-33852: Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherry Android-ImageMagick7.This issue | 106d ago |
| CVE-2026-4753 | critical | CVE-2026-4753: Out-of-bounds Read vulnerability in slajerek RetroDebugger.This issue affects RetroDebugger: before v0.64.72. | 106d ago |
| CVE-2026-4752 | medium | CVE-2026-4752: Use After Free vulnerability in No-Chicken Echo-Mate.This issue affects Echo-Mate: before V250329. | 106d ago |
| CVE-2026-4751 | medium | CVE-2026-4751: NULL Pointer Dereference vulnerability in tmate-io tmate.This issue affects tmate: before 2.4.0. | 106d ago |
| CVE-2026-4750 | critical | CVE-2026-4750: Out-of-bounds Read vulnerability in fabiangreffrath woof.This issue affects woof: before woof_15.3.0. | 106d ago |
| CVE-2026-4749 | medium | CVE-2026-4749: NVD-CWE-noinfo vulnerability in albfan miraclecast.This issue affects miraclecast: before v1.0. | 106d ago |
| CVE-2026-33856 | high | CVE-2026-33856: Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherry Android-ImageMagick7.This issue | 106d ago |
| CVE-2026-33855 | medium | CVE-2026-33855: Integer Overflow or Wraparound vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-Imag | 106d ago |
| CVE-2026-33854 | high | CVE-2026-33854: Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: b | 106d ago |
| CVE-2026-33853 | medium | CVE-2026-33853: NULL Pointer Dereference vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagic | 106d ago |
| CVE-2026-33851 | high | CVE-2026-33851: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in joncampbell123 doslib.Thi | 106d ago |
| CVE-2026-33850 | high | CVE-2026-33850: Out-of-bounds Write vulnerability in WujekFoliarz DualSenseY-v2.This issue affects DualSenseY-v2: before 54. | 106d ago |
| CVE-2026-33849 | high | CVE-2026-33849: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.Th | 106d ago |
| CVE-2026-33848 | high | CVE-2026-33848: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.Th | 106d ago |
| CVE-2026-33847 | high | CVE-2026-33847: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.Th | 106d ago |
| CVE-2026-4746 | | CVE-2026-4746: Out-of-bounds Write vulnerability in timeplus-io proton (base/poco/Foundation/src modules). | 106d ago |
| CVE-2026-4745 | | CVE-2026-4745: Improper Control of Generation of Code ('Code Injection') vulnerability in dendibakh perf-ninja (labs/misc/pgo/lua | 106d ago |
| CVE-2026-4662 | high | CVE-2026-4662: The JetEngine plugin for WordPress is vulnerable to SQL Injection via the `listing_load_more` AJAX action in all ve | 106d ago |
| CVE-2026-4640 | high | CVE-2026-4640: Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticat | 106d ago |
| CVE-2026-4639 | high | CVE-2026-4639: Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticate | 106d ago |
| CVE-2026-4632 | high | CVE-2026-4632: A weakness has been identified in itsourcecode Online Enrollment System 1.0. | 106d ago |
| CVE-2026-4627 | high | CVE-2026-4627: A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. | 106d ago |
| CVE-2026-4283 | critical | CVE-2026-4283: The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to unauthorized account destruction in all versions up | 106d ago |
| CVE-2026-3260 | | CVE-2026-3260: Rejected reason: The Undertow web server enforces a default maximum HTTP request entity size limit. | 106d ago |
| CVE-2026-3138 | medium | CVE-2026-3138: The Product Filter for WooCommerce by WBW plugin for WordPress is vulnerable to unauthorized data loss due to a mis | 106d ago |
| CVE-2026-4744 | | CVE-2026-4744: Out-of-bounds Read vulnerability in rizonesoft Notepad3 (scintilla/oniguruma/src modules). | 106d ago |
| CVE-2026-4743 | | CVE-2026-4743: NULL Pointer Dereference vulnerability in taurusxin ncmdump (src/utils modules). | 106d ago |
| CVE-2026-4742 | | CVE-2026-4742: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in visualfc liteide | 106d ago |
| CVE-2026-4741 | | CVE-2026-4741: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TeamJCD JoyConDroid | 106d ago |
| CVE-2026-4739 | | CVE-2026-4739: Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (Modules/ThirdParty/Expat/src/expat | 106d ago |
| CVE-2026-4738 | | CVE-2026-4738: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal (frmts/zlib/con | 106d ago |
| CVE-2026-4737 | | CVE-2026-4737: Use After Free vulnerability in No-Chicken Echo-Mate (SDK/rv1106-sdk/sysdrv/source/kernel/mm modules). | 106d ago |
| CVE-2026-4736 | | CVE-2026-4736: Improper Handling of Values vulnerability in No-Chicken Echo-Mate (SDK/rv1106-sdk/sysdrv/source/kernel/include/net/ | 106d ago |
| CVE-2026-4735 | | CVE-2026-4735: Deserialization of Untrusted Data vulnerability in DTStack chunjun (chunjun-core/src/main/java/com/dtstack/chunjun | 106d ago |
| CVE-2026-4734 | | CVE-2026-4734: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in yoyofr modizer (libs/libop | 106d ago |
| CVE-2026-4733 | medium | CVE-2026-4733: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6-stcop.This issue a | 106d ago |
| CVE-2026-4732 | | CVE-2026-4732: Out-of-bounds Read vulnerability in tildearrow furnace (extern/libsndfile-modified/src modules). | 106d ago |
| CVE-2026-4731 | | CVE-2026-4731: Integer Overflow or Wraparound vulnerability in artraweditor ART (rtengine modules). | 106d ago |
| CVE-2026-4626 | low | CVE-2026-4626: A vulnerability has been found in projectworlds Lawyer Management System 1.0. | 106d ago |
| CVE-2026-4625 | high | CVE-2026-4625: A flaw has been found in SourceCodester Online Admission System 1.0. | 106d ago |
| CVE-2026-4624 | high | CVE-2026-4624: A vulnerability was detected in SourceCodester Online Library Management System 1.0. | 106d ago |
| CVE-2026-4623 | high | CVE-2026-4623: A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b | 106d ago |
| CVE-2026-33308 | medium | CVE-2026-33308: Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. | 106d ago |
| CVE-2026-3079 | medium | CVE-2026-3079: The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filters[orderby_ord | 106d ago |
| CVE-2026-33307 | high | CVE-2026-33307: Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. | 106d ago |
| CVE-2026-4680 | high | CVE-2026-4680: Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary cod | 106d ago |
| CVE-2026-4679 | high | CVE-2026-4679: Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of b | 106d ago |
| CVE-2026-4678 | high | CVE-2026-4678: Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary co | 106d ago |
| CVE-2026-4677 | high | CVE-2026-4677: Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perf | 106d ago |
| CVE-2026-4676 | high | CVE-2026-4676: Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to potentially perform a | 106d ago |
| CVE-2026-4675 | high | CVE-2026-4675: Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out | 106d ago |
| CVE-2026-4674 | high | CVE-2026-4674: Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of boun | 106d ago |
| CVE-2026-4673 | high | CVE-2026-4673: Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an o | 106d ago |
| CVE-2026-4617 | high | CVE-2026-4617: A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. | 106d ago |
| CVE-2026-4616 | low | CVE-2026-4616: A security flaw has been discovered in bolo-blog up to 2.6.4. | 106d ago |
| CVE-2026-33320 | medium | CVE-2026-33320: Dasel is a command-line tool and library for querying, modifying, and transforming data structures. | 106d ago |
| CVE-2026-33306 | high | CVE-2026-33306: bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt() password hashing algorithm. | 106d ago |
| CVE-2026-33298 | high | CVE-2026-33298: llama.cpp is an inference of several LLM models in C/C++. | 106d ago |
| CVE-2026-33290 | medium | CVE-2026-33290: WPGraphQL provides a GraphQL API for WordPress sites. | 106d ago |
| CVE-2026-22739 | high | CVE-2026-22739: Vulnerability in Spring Cloud when substituting the profile parameter from a request made to the Spring Cloud Conf | 106d ago |
| CVE-2026-4615 | high | CVE-2026-4615: A vulnerability was identified in SourceCodester Online Catering Reservation 1.0. | 106d ago |
| CVE-2026-4614 | medium | CVE-2026-4614: A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. | 106d ago |
| CVE-2026-4613 | high | CVE-2026-4613: A vulnerability was found in SourceCodester E-Commerce Site 1.0. | 106d ago |
| CVE-2026-4056 | medium | CVE-2026-4056: The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a | 106d ago |
| CVE-2026-4021 | high | CVE-2026-4021: The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeove | 106d ago |
| CVE-2026-4001 | critical | CVE-2026-4001: The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to Remote Code Execution in all versio | 106d ago |
| CVE-2026-3533 | high | CVE-2026-3533: The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on impor | 106d ago |
| CVE-2026-33286 | critical | CVE-2026-33286: Graphiti is a framework that sits on top of models and exposes them via a JSON:API-compliant interface. | 106d ago |
| CVE-2026-33283 | medium | CVE-2026-33283: Ella Core is a 5G core designed for private networks. | 106d ago |
| CVE-2026-33282 | high | CVE-2026-33282: Ella Core is a 5G core designed for private networks. | 106d ago |
| CVE-2026-33281 | medium | CVE-2026-33281: Ella Core is a 5G core designed for private networks. | 106d ago |
| CVE-2026-33252 | high | CVE-2026-33252: The Go MCP SDK used Go's standard encoding/json. | 106d ago |
| CVE-2026-33250 | high | CVE-2026-33250: Freeciv21 is a free open source, turn-based, empire-building strategy game. | 106d ago |
| CVE-2026-33242 | high | CVE-2026-33242: Salvo is a Rust web framework. | 106d ago |
| CVE-2026-33241 | high | CVE-2026-33241: Salvo is a Rust web framework. | 106d ago |
| CVE-2026-33211 | critical | CVE-2026-33211: Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. | 106d ago |
| CVE-2026-33202 | critical | CVE-2026-33202: Active Storage allows users to attach cloud and local files in Rails applications. | 106d ago |
| CVE-2026-33195 | critical | CVE-2026-33195: Active Storage allows users to attach cloud and local files in Rails applications. | 106d ago |
| CVE-2026-33176 | high | CVE-2026-33176: Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. | 106d ago |
| CVE-2026-33174 | high | CVE-2026-33174: Active Storage allows users to attach cloud and local files in Rails applications. | 106d ago |
| CVE-2026-33173 | medium | CVE-2026-33173: Active Storage allows users to attach cloud and local files in Rails applications. | 106d ago |
| CVE-2026-33170 | medium | CVE-2026-33170: Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. | 106d ago |
| CVE-2026-33169 | medium | CVE-2026-33169: Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. | 106d ago |
| CVE-2026-4306 | high | CVE-2026-4306: The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up | 106d ago |
| CVE-2026-4066 | medium | CVE-2026-4066: The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capabili | 106d ago |
| CVE-2026-3225 | medium | CVE-2026-3225: The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question | 106d ago |
| CVE-2026-33168 | | CVE-2026-33168: Action View provides conventions and helpers for building web pages with the Rails framework. | 106d ago |
| CVE-2026-33167 | | CVE-2026-33167: Action Pack is a Rubygem for building web applications on the Rails framework. | 106d ago |
| CVE-2026-33046 | high | CVE-2026-33046: Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. | 106d ago |
| CVE-2026-2412 | medium | CVE-2026-2412: The Quiz and Survey Master (QSM) plugin for WordPress is vulnerable to SQL Injection via the 'merged_question' para | 106d ago |
| CVE-2026-4681 | | CVE-2026-4681: A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. | 106d ago |
| CVE-2026-4612 | high | CVE-2026-4612: A vulnerability has been found in itsourcecode Free Hotel Reservation System 1.0. | 106d ago |
| CVE-2026-4611 | high | CVE-2026-4611: A flaw has been found in TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826. | 106d ago |
| CVE-2026-33634 | high | CVE-2026-33634: Trivy is a security scanner. | 106d ago |
| CVE-2026-32913 | critical | CVE-2026-32913: OpenClaw before 2026.3.7 contains an improper header validation vulnerability in fetchWithSsrFGuard that forwards | 106d ago |
| CVE-2026-32912 | | CVE-2026-32912: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32911 | | CVE-2026-32911: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32910 | | CVE-2026-32910: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32909 | | CVE-2026-32909: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32908 | | CVE-2026-32908: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32907 | | CVE-2026-32907: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32904 | | CVE-2026-32904: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32903 | | CVE-2026-32903: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32902 | | CVE-2026-32902: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32901 | | CVE-2026-32901: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32900 | | CVE-2026-32900: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32300 | high | CVE-2026-32300: Connect-CMS is a content management system. | 106d ago |
| CVE-2026-32299 | high | CVE-2026-32299: Connect-CMS is a content management system. | 106d ago |
| CVE-2026-32279 | medium | CVE-2026-32279: Connect-CMS is a content management system. | 106d ago |
| CVE-2026-32278 | high | CVE-2026-32278: Connect-CMS is a content management system. | 106d ago |
| CVE-2026-32277 | high | CVE-2026-32277: Connect-CMS is a content management system. | 106d ago |
| CVE-2026-32276 | high | CVE-2026-32276: Connect-CMS is a content management system. | 106d ago |
| CVE-2026-32066 | | CVE-2026-32066: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32047 | | CVE-2026-32047: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-32012 | | CVE-2026-32012: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-29111 | medium | CVE-2026-29111: systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC AP | 106d ago |
| CVE-2026-28483 | | CVE-2026-28483: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-28455 | | CVE-2026-28455: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-27646 | medium | CVE-2026-27646: OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in the /acp spawn command that allows a | 106d ago |
| CVE-2026-27183 | medium | CVE-2026-27183: OpenClaw versions prior to 2026.3.7 contain a shell approval gating bypass vulnerability in system.run dispatch-wr | 106d ago |
| CVE-2026-22173 | | CVE-2026-22173: Rejected reason: This CVE ID has been rejected. | 106d ago |
| CVE-2026-1940 | medium | CVE-2026-1940: An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavparse_adtl_chunk() function. | 106d ago |
| CVE-2025-60949 | critical | CVE-2025-60949: Census CSWeb 8.0.1 allows "app/config" to be reachable via HTTP in some deployments. | 106d ago |
| CVE-2025-60948 | medium | CVE-2025-60948: Census CSWeb 8.0.1 allows stored cross-site scripting in user supplied fields. | 106d ago |
| CVE-2025-60947 | high | CVE-2025-60947: Census CSWeb 8.0.1 allows arbitrary file upload. | 106d ago |
| CVE-2025-60946 | high | CVE-2025-60946: Census CSWeb 8.0.1 allows arbitrary file path input. | 106d ago |
| CVE-2026-4597 | medium | CVE-2026-4597: A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. | 106d ago |
| CVE-2026-4368 | | CVE-2026-4368: Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, | 106d ago |
| CVE-2026-3055 | critical | CVE-2026-3055: Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memor | 106d ago |
| CVE-2026-23882 | high | CVE-2026-23882: Blinko is an AI-powered card note-taking project. | 106d ago |
| CVE-2026-23488 | medium | CVE-2026-23488: Blinko is an AI-powered card note-taking project. | 106d ago |
| CVE-2026-23487 | medium | CVE-2026-23487: Blinko is an AI-powered card note-taking project. | 106d ago |
| CVE-2026-23486 | medium | CVE-2026-23486: Blinko is an AI-powered card note-taking project. | 106d ago |
| CVE-2026-23485 | medium | CVE-2026-23485: Blinko is an AI-powered card note-taking project. | 106d ago |
| CVE-2026-23484 | medium | CVE-2026-23484: Blinko is an AI-powered card note-taking project. | 106d ago |
| CVE-2026-23483 | medium | CVE-2026-23483: Blinko is an AI-powered card note-taking project. | 106d ago |
| CVE-2026-23482 | high | CVE-2026-23482: Blinko is an AI-powered card note-taking project. | 106d ago |
| CVE-2026-23481 | medium | CVE-2026-23481: Blinko is an AI-powered card note-taking project. | 106d ago |
| CVE-2026-23480 | high | CVE-2026-23480: Blinko is an AI-powered card note-taking project. | 106d ago |
| CVE-2026-4596 | low | CVE-2026-4596: A vulnerability was identified in projectworlds Lawyer Management System 1.0. | 106d ago |
| CVE-2026-33548 | medium | CVE-2026-33548: Mantis Bug Tracker (MantisBT) is an open source issue tracker. | 106d ago |
| CVE-2026-33517 | medium | CVE-2026-33517: Mantis Bug Tracker (MantisBT) is an open source issue tracker. | 106d ago |
| CVE-2026-32879 | medium | CVE-2026-32879: New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. | 106d ago |
| CVE-2026-32852 | medium | CVE-2026-32852: MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface | 106d ago |
| CVE-2026-32851 | medium | CVE-2026-32851: MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface | 106d ago |
| CVE-2026-32850 | medium | CVE-2026-32850: MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface | 106d ago |
| CVE-2026-30886 | medium | CVE-2026-30886: New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. | 106d ago |
| CVE-2026-30849 | critical | CVE-2026-30849: Mantis Bug Tracker (MantisBT) is an open source issue tracker. | 106d ago |
| CVE-2026-2298 | critical | CVE-2026-2298: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Mark | 106d ago |
| CVE-2026-27131 | medium | CVE-2026-27131: The Sprig Plugin for Craft CMS is a reactive Twig component framework for Craft CMS. | 106d ago |
| CVE-2025-52204 | medium | CVE-2025-52204: A Cross-Site Scripting (XSS) vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCus | 106d ago |
| CVE-2024-46879 | medium | CVE-2024-46879: A Reflected Cross-Site Scripting (XSS) vulnerability exists in the POST request data zipPath of tiki-admin_system. | 106d ago |
| CVE-2024-46878 | medium | CVE-2024-46878: A Cross-Site Scripting (XSS) vulnerability exists in the page parameter of tiki-editpage.php in Tiki version 26.3 | 106d ago |
| CVE-2026-4595 | low | CVE-2026-4595: A vulnerability was determined in code-projects Exam Form Submission 1.0. | 106d ago |
| CVE-2026-33723 | high | CVE-2026-33723: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33719 | high | CVE-2026-33719: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33717 | high | CVE-2026-33717: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33716 | critical | CVE-2026-33716: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33690 | medium | CVE-2026-33690: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33688 | medium | CVE-2026-33688: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33685 | medium | CVE-2026-33685: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33683 | medium | CVE-2026-33683: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33681 | high | CVE-2026-33681: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33651 | high | CVE-2026-33651: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33650 | high | CVE-2026-33650: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33649 | high | CVE-2026-33649: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33648 | high | CVE-2026-33648: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33647 | high | CVE-2026-33647: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33513 | high | CVE-2026-33513: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-33512 | high | CVE-2026-33512: WWBN AVideo is an open source video platform. | 106d ago |
| CVE-2026-26209 | high | CVE-2026-26209: cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. | 106d ago |
| CVE-2026-25075 | high | CVE-2026-25075: strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser tha | 106d ago |
| CVE-2026-0898 | | CVE-2026-0898: An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robot Studio developers who are | 106d ago |
| CVE-2025-15606 | high | CVE-2025-15606: A Denial-of-Service (DoS) vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input s | 106d ago |
| CVE-2026-4594 | high | CVE-2026-4594: A vulnerability has been found in erupts erupt up to 1.13.3. | 106d ago |
| CVE-2025-15605 | high | CVE-2025-15605: A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 e | 106d ago |
| CVE-2025-15519 | high | CVE-2025-15519: Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and | 106d ago |
| CVE-2025-15518 | high | CVE-2025-15518: Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and | 106d ago |
| CVE-2025-15517 | high | CVE-2025-15517: A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi e | 106d ago |
| CVE-2026-4593 | medium | CVE-2026-4593: A flaw has been found in erupts erupt bis 1.13.3. | 107d ago |
| CVE-2026-33507 | high | CVE-2026-33507: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33502 | critical | CVE-2026-33502: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33501 | medium | CVE-2026-33501: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33500 | medium | CVE-2026-33500: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33499 | medium | CVE-2026-33499: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-30007 | medium | CVE-2026-30007: XnSoft NConvert 7.230 is vulnerable to Use-After-Free via a crafted .tiff file | 107d ago |
| CVE-2026-30006 | medium | CVE-2026-30006: XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file. | 107d ago |
| CVE-2026-26829 | high | CVE-2026-26829: A NULL pointer dereference in the safe_atou64 function (src/misc.c) of owntone-server through commit c4d57aa allow | 107d ago |
| CVE-2026-26828 | high | CVE-2026-26828: A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone-server commit 3d1652 | 107d ago |
| CVE-2026-24516 | high | CVE-2026-24516: A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. | 107d ago |
| CVE-2026-4592 | medium | CVE-2026-4592: A security vulnerability has been detected in kalcaddle kodbox 1.64. | 107d ago |
| CVE-2026-4591 | medium | CVE-2026-4591: A weakness has been identified in kalcaddle kodbox 1.64. | 107d ago |
| CVE-2026-33493 | high | CVE-2026-33493: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33492 | high | CVE-2026-33492: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33488 | high | CVE-2026-33488: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-32845 | high | CVE-2026-32845: cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate() function when valid | 107d ago |
| CVE-2024-51226 | medium | CVE-2024-51226: A stored cross-site scripting (XSS) vulnerability in the component /admin/search-vehicle.php of Phpgurukul Vehicle | 107d ago |
| CVE-2024-51225 | medium | CVE-2024-51225: A stored cross-site scripting (XSS) vulnerability in the component /admin/add-brand.php of Phpgurukul Vehicle Reco | 107d ago |
| CVE-2024-51224 | medium | CVE-2024-51224: Multiple cross-site scripting (XSS) vulnerabilities in the component /admin/edit-vehicle.php of Phpgurukul Vehicle | 107d ago |
| CVE-2024-51223 | medium | CVE-2024-51223: A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record | 107d ago |
| CVE-2024-51222 | medium | CVE-2024-51222: A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record | 107d ago |
| CVE-2026-4590 | low | CVE-2026-4590: A security flaw has been discovered in kalcaddle kodbox 1.64. | 107d ago |
| CVE-2026-4404 | critical | CVE-2026-4404: Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default pass | 107d ago |
| CVE-2026-33485 | high | CVE-2026-33485: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33483 | high | CVE-2026-33483: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33482 | high | CVE-2026-33482: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33480 | high | CVE-2026-33480: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33479 | high | CVE-2026-33479: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33478 | critical | CVE-2026-33478: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33354 | high | CVE-2026-33354: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-4647 | medium | CVE-2026-4647: A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object | 107d ago |
| CVE-2026-4645 | | CVE-2026-4645: Rejected reason: Duplicate of CVE-2026-32287 | 107d ago |
| CVE-2026-4589 | medium | CVE-2026-4589: A vulnerability was identified in kalcaddle kodbox 1.64. | 107d ago |
| CVE-2026-3635 | medium | CVE-2026-3635: Summary When trustProxy is configured with a restrictive trust function (e.g., a specific IP like trustProxy: '10.0 | 107d ago |
| CVE-2026-33352 | critical | CVE-2026-33352: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33351 | critical | CVE-2026-33351: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2026-33297 | critical | CVE-2026-33297: WWBN AVideo is an open source video platform. | 107d ago |
| CVE-2025-41008 | | CVE-2025-41008: SQL injection vulnerability in Sinturno. | 107d ago |
| CVE-2019-25625 | medium | CVE-2019-25625: Blob Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application b | 107d ago |
| CVE-2019-25624 | medium | CVE-2019-25624: Liquid Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application | 107d ago |
| CVE-2019-25623 | medium | CVE-2019-25623: Luminance Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the applicat | 107d ago |
| CVE-2019-25622 | medium | CVE-2019-25622: Paint Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application | 107d ago |
| CVE-2019-25621 | medium | CVE-2019-25621: Pixel Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application | 107d ago |
| CVE-2019-25620 | medium | CVE-2019-25620: Tree Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application b | 107d ago |
| CVE-2026-4588 | low | CVE-2026-4588: A vulnerability was determined in kalcaddle kodbox 1.64. | 107d ago |
| CVE-2026-4587 | low | CVE-2026-4587: A vulnerability was found in HybridAuth up to 3.12.2. | 107d ago |
| CVE-2026-4586 | medium | CVE-2026-4586: A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. | 107d ago |
| CVE-2026-31851 | critical | CVE-2026-31851: Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account locko | 107d ago |
| CVE-2026-31850 | medium | CVE-2026-31850: Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administr | 107d ago |
| CVE-2026-31849 | medium | CVE-2026-31849: Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-chan | 107d ago |
| CVE-2026-31848 | critical | CVE-2026-31848: Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecos_pw cookie for authentication, which | 107d ago |
| CVE-2026-31847 | high | CVE-2026-31847: Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 1 | 107d ago |
| CVE-2026-1958 | | CVE-2026-1958: Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to seve | 107d ago |
| CVE-2025-41007 | | CVE-2025-41007: SQL Injection in Cuantis. | 107d ago |
| CVE-2026-4585 | critical | CVE-2026-4585: A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. | 107d ago |
| CVE-2026-4584 | low | CVE-2026-4584: A flaw has been found in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. | 107d ago |
| CVE-2026-32969 | high | CVE-2026-32969: An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoi | 107d ago |
| CVE-2026-32968 | critical | CVE-2026-32968: Due to the improper neutralisation of special elements used in an OS command, an unauthenticated remote attacker c | 107d ago |
| CVE-2026-31846 | medium | CVE-2026-31846: Missing authentication in the /goform/ate endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.0 | 107d ago |
| CVE-2026-4633 | low | CVE-2026-4633: A flaw was found in Keycloak. | 107d ago |
| CVE-2026-4583 | medium | CVE-2026-4583: A vulnerability was detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. | 107d ago |
| CVE-2026-28809 | medium | CVE-2026-28809: XML External Entity (XXE) vulnerability in esaml (and its forks) allows an attacker to cause the system to read lo | 107d ago |
| CVE-2026-4582 | medium | CVE-2026-4582: A security vulnerability has been detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. | 107d ago |
| CVE-2026-4581 | high | CVE-2026-4581: A weakness has been identified in code-projects Simple Laundry System 1.0. | 107d ago |
| CVE-2026-4628 | medium | CVE-2026-4628: A flaw was found in Keycloak. | 107d ago |
| CVE-2026-4580 | high | CVE-2026-4580: A security flaw has been discovered in code-projects Simple Laundry System 1.0. | 107d ago |
| CVE-2026-4579 | high | CVE-2026-4579: A vulnerability was identified in code-projects Simple Laundry System 1.0. | 107d ago |
| CVE-2026-4578 | low | CVE-2026-4578: A vulnerability was determined in code-projects Exam Form Submission 1.0. | 107d ago |
| CVE-2026-3587 | critical | CVE-2026-3587: An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interfa | 107d ago |
| CVE-2026-4577 | low | CVE-2026-4577: A vulnerability was found in code-projects Exam Form Submission 1.0. | 107d ago |
| CVE-2026-23555 | high | CVE-2026-23555: Any guest issuing a Xenstore command accessing a node using the (illegal) node path "/local/domain/", will crash x | 107d ago |
| CVE-2026-23554 | high | CVE-2026-23554: The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dro | 107d ago |
| CVE-2025-6229 | medium | CVE-2025-6229: The Sina Extension for Elementor (Header Builder, Footer Builter, Theme Builder, Slider, Gallery, Form, Modal, Data | 107d ago |
| CVE-2025-13997 | medium | CVE-2025-13997: The King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor pl | 107d ago |
| CVE-2026-4603 | medium | CVE-2026-4603: Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL | 107d ago |
| CVE-2026-4602 | high | CVE-2026-4602: Versions of the package jsrsasign before 11.1.1 are vulnerable to Incorrect Conversion between Numeric Types due to | 107d ago |
| CVE-2026-4601 | high | CVE-2026-4601: Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DS | 107d ago |
| CVE-2026-4600 | high | CVE-2026-4600: Versions of the package jsrsasign before 11.1.1 are vulnerable to Improper Verification of Cryptographic Signature | 107d ago |
| CVE-2026-4599 | critical | CVE-2026-4599: Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing | 107d ago |
| CVE-2026-4598 | high | CVE-2026-4598: Versions of the package jsrsasign before 11.1.1 are vulnerable to Infinite loop via the bnModInverse function in ex | 107d ago |
| CVE-2026-4576 | low | CVE-2026-4576: A vulnerability has been found in code-projects Exam Form Submission 1.0. | 107d ago |
| CVE-2026-4575 | low | CVE-2026-4575: A flaw has been found in code-projects Exam Form Submission 1.0. | 107d ago |
| CVE-2026-4574 | medium | CVE-2026-4574: A vulnerability was detected in SourceCodester Simple E-learning System 1.0. | 107d ago |
| CVE-2026-4573 | medium | CVE-2026-4573: A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. | 107d ago |
| CVE-2026-1969 | medium | CVE-2026-1969: The trx_addons WordPress plugin before 2.38.5 does not correctly validate file types in one of its AJAX action, all | 107d ago |
| CVE-2025-10734 | medium | CVE-2025-10734: The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plug | 107d ago |
| CVE-2025-10731 | medium | CVE-2025-10731: The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plug | 107d ago |
| CVE-2025-10679 | high | CVE-2025-10679: The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plug | 107d ago |
| CVE-2026-4572 | medium | CVE-2026-4572: A weakness has been identified in SourceCodester Sales and Inventory System 1.0. | 107d ago |
| CVE-2026-4571 | medium | CVE-2026-4571: A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. | 107d ago |
| CVE-2026-4570 | medium | CVE-2026-4570: A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. | 107d ago |
| CVE-2025-10736 | medium | CVE-2025-10736: The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plug | 107d ago |
| CVE-2026-4569 | medium | CVE-2026-4569: A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. | 107d ago |
| CVE-2026-4568 | medium | CVE-2026-4568: A vulnerability was found in SourceCodester Sales and Inventory System 1.0. | 107d ago |
| CVE-2026-4567 | critical | CVE-2026-4567: A vulnerability has been found in Tenda A15 15.13.07.13. | 107d ago |
| CVE-2026-4566 | high | CVE-2026-4566: A flaw has been found in Belkin F9K1122 1.00.33. | 107d ago |
| CVE-2026-4606 | | CVE-2026-4606: GV Edge Recording Manager (ERM) v2.3.1 improperly runs application components with SYSTEM-level privileges, allowin | 107d ago |
| CVE-2026-4565 | high | CVE-2026-4565: A vulnerability was detected in Tenda AC21 16.03.08.16. | 107d ago |
| CVE-2026-4564 | medium | CVE-2026-4564: A security vulnerability has been detected in yangzongzhuan RuoYi up to 4.8.2. | 107d ago |
| CVE-2026-4563 | medium | CVE-2026-4563: A weakness has been identified in MacCMS up to 2025.1000.4052. | 107d ago |
| CVE-2026-4562 | high | CVE-2026-4562: A security flaw has been discovered in MacCMS 2025.1000.4052. | 107d ago |
| CVE-2026-2580 | high | CVE-2026-2580: The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vu | 107d ago |
| CVE-2026-4558 | high | CVE-2026-4558: A flaw has been found in Linksys MR9600 2.0.6.206937. | 107d ago |
| CVE-2026-4557 | medium | CVE-2026-4557: A vulnerability was detected in code-projects Exam Form Submission 1.0. | 107d ago |
| CVE-2026-4555 | high | CVE-2026-4555: A weakness has been identified in D-Link DIR-513 1.10. | 108d ago |
| CVE-2026-4554 | medium | CVE-2026-4554: A security flaw has been discovered in Tenda F453 1.0.0.3. | 108d ago |
| CVE-2026-33319 | medium | CVE-2026-33319: WWBN AVideo is an open source video platform. | 108d ago |
| CVE-2026-33296 | medium | CVE-2026-33296: WWBN AVideo is an open source video platform. | 108d ago |
| CVE-2026-33295 | medium | CVE-2026-33295: WWBN AVideo is an open source video platform. | 108d ago |
| CVE-2026-33294 | medium | CVE-2026-33294: WWBN AVideo is an open source video platform. | 108d ago |
| CVE-2026-33293 | high | CVE-2026-33293: WWBN AVideo is an open source video platform. | 108d ago |
| CVE-2026-33292 | high | CVE-2026-33292: WWBN AVideo is an open source video platform. | 108d ago |
| CVE-2026-4553 | high | CVE-2026-4553: A vulnerability was identified in Tenda F453 1.0.0.3. | 108d ago |
| CVE-2026-4552 | high | CVE-2026-4552: A vulnerability was determined in Tenda F453 1.0.0.3. | 108d ago |
| CVE-2026-4551 | high | CVE-2026-4551: A vulnerability was found in Tenda F453 1.0.0.3. | 108d ago |
| CVE-2026-4550 | medium | CVE-2026-4550: A vulnerability has been found in code-projects Simple Gym Management System up to 1.0. | 108d ago |
| CVE-2026-4549 | low | CVE-2026-4549: A flaw has been found in mickasmt next-saas-stripe-starter 1.0.0. | 108d ago |
| CVE-2026-4548 | medium | CVE-2026-4548: A vulnerability was detected in mickasmt next-saas-stripe-starter 1.0.0. | 108d ago |
| CVE-2026-4547 | medium | CVE-2026-4547: A security vulnerability has been detected in mickasmt next-saas-stripe-starter 1.0.0. | 108d ago |
| CVE-2026-4546 | high | CVE-2026-4546: A weakness has been identified in Flos Freeware Notepad2 4.2.25. | 108d ago |
| CVE-2019-25619 | high | CVE-2019-25619: FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows loca | 108d ago |
| CVE-2019-25618 | medium | CVE-2019-25618: AdminExpress 1.2.5 contains a denial of service vulnerability that allows local attackers to crash the application | 108d ago |
| CVE-2019-25617 | medium | CVE-2019-25617: Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows loca | 108d ago |
| CVE-2019-25616 | medium | CVE-2019-25616: AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the applica | 108d ago |
| CVE-2019-25615 | high | CVE-2019-25615: Lavavo CD Ripper 4.20 contains a structured exception handling (SEH) buffer overflow vulnerability that allows loc | 108d ago |
| CVE-2019-25614 | critical | CVE-2019-25614: Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attacke | 108d ago |
| CVE-2019-25613 | high | CVE-2019-25613: Easy Chat Server 3.1 contains a denial of service vulnerability that allows remote attackers to crash the applicat | 108d ago |
| CVE-2019-25612 | high | CVE-2019-25612: Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows l | 108d ago |
| CVE-2019-25611 | high | CVE-2019-25611: MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function that allows local attacker | 108d ago |
| CVE-2019-25610 | medium | CVE-2019-25610: NetNumber Titan Master 7.9.1 contains a path traversal vulnerability in the drp endpoint that allows authenticated | 108d ago |
| CVE-2019-25609 | high | CVE-2019-25609: JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuratio | 108d ago |
| CVE-2019-25608 | high | CVE-2019-25608: Iperius Backup 6.1.0 contains a privilege escalation vulnerability that allows low-privilege users to execute arbi | 108d ago |
| CVE-2019-25607 | high | CVE-2019-25607: Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attac | 108d ago |
| CVE-2019-25606 | medium | CVE-2019-25606: Fast AVI MPEG Joiner 1.2.0812 contains a buffer overflow vulnerability that allows local attackers to crash the ap | 108d ago |
| CVE-2019-25605 | high | CVE-2019-25605: EquityPandit 1.0 contains an insecure logging vulnerability that allows attackers to capture sensitive user creden | 108d ago |
| CVE-2019-25604 | high | CVE-2019-25604: DVDXPlayer Pro 5.5 contains a local buffer overflow vulnerability with structured exception handling that allows l | 108d ago |
| CVE-2019-25603 | high | CVE-2019-25603: TuneClone 2.20 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attac | 108d ago |
| CVE-2019-25602 | medium | CVE-2019-25602: GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by | 108d ago |
| CVE-2019-25601 | medium | CVE-2019-25601: UltraVNC Launcher 1.2.2.4 contains a buffer overflow vulnerability in the Path vncviewer.exe property field that a | 108d ago |
| CVE-2019-25600 | medium | CVE-2019-25600: UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application | 108d ago |
| CVE-2019-25599 | medium | CVE-2019-25599: Backup Key Recovery 2.2.4 contains a denial of service vulnerability that allows local attackers to crash the appl | 108d ago |
| CVE-2019-25598 | medium | CVE-2019-25598: HeidiSQL Portable 10.1.0.5464 contains a denial of service vulnerability that allows local attackers to crash the | 108d ago |
| CVE-2019-25597 | medium | CVE-2019-25597: NSauditor 3.1.2.0 contains a buffer overflow vulnerability in the SNMP Auditor Community field that allows local a | 108d ago |
| CVE-2019-25596 | medium | CVE-2019-25596: SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local attacker | 108d ago |
| CVE-2019-25595 | medium | CVE-2019-25595: jetAudio 8.1.7.20702 Basic contains a denial of service vulnerability that allows local attackers to crash the app | 108d ago |
| CVE-2019-25594 | medium | CVE-2019-25594: ASPRunner.NET 10.1 contains a denial of service vulnerability that allows local attackers to crash the application | 108d ago |
| CVE-2019-25593 | medium | CVE-2019-25593: jetCast Server 2.0 contains a denial of service vulnerability that allows local attackers to crash the application | 108d ago |
| CVE-2019-25592 | medium | CVE-2019-25592: PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by | 108d ago |
| CVE-2019-25591 | medium | CVE-2019-25591: DNSS Domain Name Search Software 2.1.8 contains a buffer overflow vulnerability in the registration code input fie | 108d ago |
| CVE-2019-25590 | medium | CVE-2019-25590: Axessh 4.2 contains a denial of service vulnerability in the logging configuration that allows local attackers to | 108d ago |
| CVE-2026-4115 | low | CVE-2026-4115: A vulnerability was detected in PuTTY 0.83. | 108d ago |
| CVE-2026-4545 | high | CVE-2026-4545: A security flaw has been discovered in Flos Freeware Notepad2 4.2.25. | 108d ago |
| CVE-2026-4544 | low | CVE-2026-4544: A vulnerability was determined in Wavlink WL-WN578W2 221110. | 108d ago |
| CVE-2026-4543 | medium | CVE-2026-4543: A vulnerability was found in Wavlink WL-WN578W2 221110. | 108d ago |
| CVE-2026-4542 | medium | CVE-2026-4542: A vulnerability has been found in SSCMS 4.7.0. | 108d ago |
| CVE-2026-4541 | low | CVE-2026-4541: A flaw has been found in janmojzis tinyssh up to 20250501. | 108d ago |
| CVE-2026-4540 | high | CVE-2026-4540: A vulnerability was detected in projectworlds Online Notes Sharing System 1.0. | 108d ago |
| CVE-2026-4539 | low | CVE-2026-4539: A security flaw has been discovered in pygments up to 2.19.2. | 108d ago |