CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-67035 An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. An at... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32248 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.12 and 8.6.38, an unauthenticated attacker can take over any user account t... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-29859 An arbitrary file upload vulnerability in aaPanel v7.57.0 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 | CRITICAL | β | 0 |
| CVE-2017-20224 Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP me... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3549 Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-13476 Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0βv25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (D... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70229 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70230 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70231 D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70232 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70233 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3849 Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cau... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4184 A vulnerability was detected in D-Link DIR-816 1.10CNB05. Affected by this vulnerability is an unknown functionality of the file /goform/form2Wl5BasicSetup.cgi of the component goahead. Performing a m... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-18269 Omronβs CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4183 A security vulnerability has been detected in D-Link DIR-816 1.10CNB05. Affected is an unknown function of the file /goform/form2WlanBasicSetup.cgi of the component goahead. Such manipulation of the a... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4182 A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of the file /goform/form2Wl5RepeaterStep2.cgi of the component goahead. This manipulation of the argument k... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32267 Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.6 and from version 5.0.0-RC1 to before version 5.9.12, a low-privilege user (or an unauthenticated user wh... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70039 An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30831 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.10.8, 7.11.5, 7.12.5, 7.13.4, 8.0.2, 8.1.1, and 8.2.0, authentication vulnerabilities exist in Ro... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28514 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.8.6, 7.9.8, 7.10.7, 7.11.4, 7.12.4, 7.13.3, and 8.0.0, a critical authentication bypass vulnerabi... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27944 Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt t... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-41709 An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23813 A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-29792 Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, an unauthenticated attacker can send a crafted GET request direct... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-29793 Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, Socket.IO clients can send arbitrary JavaScript objects as the i... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-25159 Epross AVCON6 systems management platform contains an object-graph navigation language (OGNL) injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by injecting m... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67041 An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the origi... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25873 OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST req... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4395 Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import_x963_ex() in wolfSSL wolfcrypt allows a remote attacker to write attacker-controlled data past the bounds of the pubkey_raw buffe... | 9.8 | CRITICAL | β | 0 |
| CVE-2013-5613 Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows r... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3207 Configuration issueΒ in Java Management Extensions (JMX) in TIBCO BPM Enterprise version 4.x allows unauthorised access. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31840 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.2 and 8.6.28, an attacker can use a dot-notation field name in combination ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3584 The Kali Forms plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.4.9 via the 'form_process' function. This is due to the 'prepare_post_data' function ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-59388 A use of hard-coded password vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31972 SAMtools is a program for reading, manipulating and writing bioinformatics file formats. The `mpileup` command outputs DNA sequences that have been aligned against a known reference. On each output li... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26795 GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.get_system_log function. This vulnerability allows attackers to execute arbitr... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31871 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.5 and 8.6.31, a SQL injection vulnerability exists in the PostgreSQL storag... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-1226 A remote code execution vulnerability exists in Remote Desktop Services β formerly known as Terminal Services β when an unauthenticated attacker connects to the target system using RDP and sends speci... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3059 SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads() without authentication. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30741 A remote code execution (RCE) vulnerability in OpenClaw Agent Platform v2026.2.6 allows attackers to execute arbitrary code via a Request-Side prompt injection attack. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-1222 A remote code execution vulnerability exists in Remote Desktop Services β formerly known as Terminal Services β when an unauthenticated attacker connects to the target system using RDP and sends speci... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-27997 A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and b... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2026-2743 Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28443 OpenReplay is a self-hosted session replay suite. Prior to version 1.20.0, the POST /{projectId}/cards/search endpoint has a SQL injection in the sort.field parameter. This issue has been patched in v... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28391 OpenClaw versions prior to 2026.2.2 fail to properly validate Windows cmd.exe metacharacters in allowlist-gated exec requests (non-default configuration), allowing attackers to bypass command approval... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-29574 An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely. | 9.8 | CRITICAL | KEV | 0 |
| CVE-2022-3236 A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older. | 9.8 | CRITICAL | KEV | 0 |
| CVE-2026-31896 WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, a critical SQL injection vulnerability exists in the WeGIA application. The remover_produto_ocultar.php script uses extract(... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28710 Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-23692 Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary comma... | 9.8 | CRITICAL | KEV | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.