CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-4686 Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | HIGH | β | 0 |
| CVE-2025-50666 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /web_post.asp endpoint. An attacker can exploit this vulnerability by sending... | 7.5 | HIGH | β | 0 |
| CVE-2025-13651 Exposure of Sensitive System Information to an Unauthorized Actor vulnerability in Microcom ZeusWeb allows Web Application Fingerprinting of sensitive data. This issue affects ZeusWeb: 6.1.31. | 7.5 | HIGH | β | 0 |
| CVE-2025-50667 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the iface parameter in the /wan_line_detection.asp endpoint. | 7.5 | HIGH | β | 0 |
| CVE-2026-33895 Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, Ed25519 signature verification accepts forged non-canonical signatures wh... | 7.5 | HIGH | β | 0 |
| CVE-2025-12664 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause den... | 7.5 | HIGH | β | 0 |
| CVE-2026-3988 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a d... | 7.5 | HIGH | β | 0 |
| CVE-2026-2580 The WP Maps β Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to time-based SQL Injection via the βorderbyβ parameter in all versions up t... | 7.5 | HIGH | β | 0 |
| CVE-2026-34148 Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to 1.9.6, 1.10.5, 2.0.8, and 2.1.1, @fedify/fedify follows HTTP redirects recursively in its remote docu... | 7.5 | HIGH | β | 0 |
| CVE-2026-4652 On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the ... | 7.5 | HIGH | β | 0 |
| CVE-2026-1069 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by sending specially crafted ... | 7.5 | HIGH | β | 0 |
| CVE-2026-4269 A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the A... | 7.5 | HIGH | β | 0 |
| CVE-2026-22565 An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding.β¨ Affected Products: UniFi Play PowerAmp (Versio... | 7.5 | HIGH | β | 0 |
| CVE-2026-32426 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themelexus Medilazar Core medilazar-core allows PHP Local File Inclusion.This i... | 7.5 | HIGH | β | 0 |
| CVE-2026-22566 An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials.β¨ Affected Products: UniFi Play PowerAmp (Version 1... | 7.5 | HIGH | β | 0 |
| CVE-2026-32597 PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 Β§4.1.11. When a JWS token contains a crit array li... | 7.5 | HIGH | β | 0 |
| CVE-2026-25397 Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.This issue affects File Uploader for WooCommerce: from n... | 7.5 | HIGH | β | 0 |
| CVE-2026-24458 Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to properly handle very long passwords, which allows an attacker to overload the server CPU and memory via executing lo... | 7.5 | HIGH | β | 0 |
| CVE-2026-30077 OpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But the crash is consistent for particular inputs. An example input in hex stream is... | 7.5 | HIGH | β | 0 |
| CVE-2026-31842 Tinyproxy through 1.11.3 is vulnerable to HTTP request parsing desynchronization due to a case-sensitive comparison of the Transfer-Encoding header in src/reqs.c. The is_chunked_transfer() function us... | 7.5 | HIGH | β | 0 |
| CVE-2026-2673 Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. ... | 7.5 | HIGH | β | 0 |
| CVE-2026-32854 LibVNCServer versions 0.9.15 and prior (fixed inΒ commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote atta... | 7.5 | HIGH | β | 0 |
| CVE-2026-32982 OpenClaw before 2026.3.13 contains an information disclosure vulnerability in the fetchRemoteMedia function that exposes Telegram bot tokens in error messages. When media downloads fail, the original ... | 7.5 | HIGH | β | 0 |
| CVE-2025-62188 An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, includ... | 7.5 | HIGH | β | 0 |
| CVE-2026-33870 Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding... | 7.5 | HIGH | β | 0 |
| CVE-2026-4276 LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries. | 7.5 | HIGH | β | 0 |
| CVE-2026-26127 Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. | 7.5 | HIGH | β | 0 |
| CVE-2019-25552 CEWE PHOTO SHOW 6.4.3 contains a denial of service vulnerability that allows attackers to crash the application by submitting an excessively long buffer to the password field. Attackers can paste a la... | 7.5 | HIGH | β | 0 |
| CVE-2026-30837 Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation and client-server communication. Prior to 1.4.26 , t.String({ format: 'url' }) is vulnerable to ReDoS. Re... | 7.5 | HIGH | β | 0 |
| CVE-2025-50662 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_group.asp endpoint. | 7.5 | HIGH | β | 0 |
| CVE-2025-69303 Missing Authorization vulnerability in ModelTheme ModelTheme Framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ModelTheme Framework: from n/a before ... | 7.5 | HIGH | β | 0 |
| CVE-2026-33554 ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform m... | 7.5 | HIGH | β | 0 |
| CVE-2026-39863 Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio (formerly OpenSER and SER) allows remote attacker... | 7.5 | HIGH | β | 0 |
| CVE-2025-50663 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /usb_paswd.asp endpoint. | 7.5 | HIGH | β | 0 |
| CVE-2026-32701 Qwik is a performance-focused JavaScript framework. Versions prior to 1.19.2 improperly inferred arrays from dotted form field names during FormData parsing. By submitting mixed array-index and object... | 7.5 | HIGH | β | 0 |
| CVE-2026-35650 OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. A... | 7.5 | HIGH | β | 0 |
| CVE-2026-26027 GLPI is a free asset and IT management software package. From 11.0.0 to before 11.0.6, an unauthenticated user can store an XSS payload through the inventory endpoint. This vulnerability is fixed in 1... | 7.5 | HIGH | β | 0 |
| CVE-2026-32495 Missing Authorization vulnerability in Link Software LLC WP Terms Popup wp-terms-popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Terms Popup: from n... | 7.5 | HIGH | β | 0 |
| CVE-2026-3045 The Appointment Booking Calendar β Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in all versions up to and including 1.6.9.29. This is due to... | 7.5 | HIGH | β | 0 |
| CVE-2019-25470 eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint.... | 7.5 | HIGH | β | 0 |
| CVE-2025-50664 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a cra... | 7.5 | HIGH | β | 0 |
| CVE-2019-25465 Hisilicon HiIpcam V100R003 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by exploiting directory listing in the cgi-bin dir... | 7.5 | HIGH | β | 0 |
| CVE-2026-34904 Cross-Site Request Forgery (CSRF) vulnerability in Analytify Simple Social Media Share Buttons allows Cross Site Request Forgery.This issue affects Simple Social Media Share Buttons: from n/a through ... | 7.5 | HIGH | β | 0 |
| CVE-2026-31830 sigstore-ruby is a pure Ruby implementation of the sigstore verify command from the sigstore/cosign project. Prior to 0.2.3, Sigstore::Verifier#verify does not propagate the VerificationFailure return... | 7.5 | HIGH | β | 0 |
| CVE-2026-33419 MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor's STS (Security Token Service) AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credenti... | 7.5 | HIGH | β | 0 |
| CVE-2026-2232 The Product Table and List Builder for WooCommerce Lite plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 4.6.2 due to ins... | 7.5 | HIGH | β | 0 |
| CVE-2026-40245 Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions 4.2.1 and below contain an information disclosure vulnerability in the UDR (Unified Data Repos... | 7.5 | HIGH | β | 0 |
| CVE-2026-40246 free5GC is an open-source implementation of the 5G core network. In versions 1.4.2 and below of the UDR service, the handler for deleting Traffic Influence Subscriptions checks whether the influenceId... | 7.5 | HIGH | β | 0 |
| CVE-2026-30996 An issue in the file handling logic of the component download.php of SAC-NFe v2.0.02 allows attackers to execute a directory traversal and read arbitrary files from the system via a crafted GET reques... | 7.5 | HIGH | β | 0 |
| CVE-2025-68048 Missing Authorization vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite... | 7.5 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.