CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-22236 The vulnerability exists in BLUVOYIX due to improper authentication in the BLUVOYIX backend APIs. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-24058 Soft Serve is a self-hostable Git server for the command line. Versions 0.11.2 and below have a critical authentication bypass vulnerability that allows an attacker to impersonate any user (including ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22237 The vulnerability exists in BLUVOYIX due to the exposure of sensitive internal API documentation. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22238 The vulnerability exists in BLUVOYIX due to improper authentication in the BLUVOYIX admin APIs. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP re... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22708 Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-56590 An issue was discovered in the InsertFromURL() function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local se... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-64657 Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-48780 A deserialization of untrusted data vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbi... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22852 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUD... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67418 ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22853 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEARβs NDR array reader does not perform bounds checking on the onβwire element count and can write past the heap bu... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22854 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22857 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irp_thread_func because the IRP is freed by irp->Complete() and then accessed again on... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-48782 An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53955 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access hidden system resources. Attackers can exploit th... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53960 SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x contains an SQL injection vulnerability in the 'index.php' authentication mechanism that allows attackers to manipulate login credentials. Attackers can injec... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53963 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands through the 'password' parameter. Att... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53964 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated vulnerability in the /usr/cgi-bin/restorefactory.cgi endpoint that allows remote attackers to reset device configuration. Attackers can s... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can ma... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53968 Screen SFT DAB 600/C Firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authentication controls by exploiting IP address session binding. Attackers can reuse th... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-47753 phpKF CMS 3.00 Beta y6 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary code by bypassing file extension checks. Attackers can upload a PHP file ... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53980 ProjectSend r1605 contains a remote code execution vulnerability that allows attackers to upload malicious files by manipulating file extensions. Attackers can upload shell scripts with disguised exte... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-47772 10-Strike Network Inventory Explorer Pro 9.31 contains a buffer overflow vulnerability in the text file import functionality that allows remote code execution. Attackers can craft a malicious text fil... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65856 Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 allows unauthenticated remote attackers to access sensitive device informatio... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67079 File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-64155 An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, F... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69079 Deserialization of Untrusted Data vulnerability in ThemeREX Sound | Musical Instruments Online Store musicplace allows Object Injection.This issue affects Sound | Musical Instruments Online Store: fro... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14388 The PhastPress plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read via null byte injection in all versions up to, and including, 3.7. This is due to a discrepancy between the ext... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-1056 The Snow Monkey Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'generate_user_dirpath' function in all versions up to, and includin... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65783 An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code via uploading a crafted PDF ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66489 Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gainin... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-61140 The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14964 A vulnerability has been found in TOTOLINK T10 4.1.8cu.5083_B20200521. This affects the function sprintf of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument loginAuthUrl leads to stack... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23519 RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumb... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-50526 Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70892 Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parame... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29228 Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29229 linksys E5600 V1.1.0.26 is vulnerable to command injection in the function ddnsStatus. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-33222 NVIDIA Isaac Launchable contains a vulnerability where an attacker could exploit a hard-coded credential issue. A successful exploit of this vulnerability might lead to code execution, escalation of p... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69052 Missing Authorization vulnerability in FmeAddons Registration & Login with Mobile Phone Number for WooCommerce registration-login-with-mobile-phone-number allows Exploiting Incorrectly Configured Acce... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-63665 An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-33223 NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escala... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-33224 NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escala... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-63225 The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access Control due to missing authentication on critical administrative endpoints. Attackers can directly access... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-51511 Cadmium CMS v.0.4.9 has a background arbitrary file upload vulnerability in /admin/content/filemanager/uploads. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-58053 Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating any existing account with a self forged POST request, one can gain higher privil... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53951 Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and g... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65354 Improper input handling in /Grocery/search_products_itname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitem_name POST parameter. Crafted payloads can alter query logic and... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-7334 Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted reques... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-15044 A vulnerability was detected in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/NatStaticSetting. The manipulation of the argument page results in stack-based buffer overflow... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.