CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-28115 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in loopus WP Attractive Donations System - Easy Stripe & Paypal donations WP_AttractiveDonationsSyste... | 9.3 | CRITICAL | â | 0 |
| CVE-2025-69305 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Crete Core crete-core allows Blind SQL Injection.This issue affects Crete Core: from ... | 9.3 | CRITICAL | â | 0 |
| CVE-2026-20407 In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction ... | 9.3 | CRITICAL | â | 0 |
| CVE-2025-69304 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Allmart allmart-core allows Blind SQL Injection.This issue affects Allmart: from n/a ... | 9.3 | CRITICAL | â | 0 |
| CVE-2026-22484 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pebas Lisfinity Core lisfinity-core allows SQL Injection.This issue affects Lisfinity Core: from n... | 9.3 | CRITICAL | â | 0 |
| CVE-2025-69338 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.This issue affects Riode Core: from n/... | 9.3 | CRITICAL | â | 0 |
| CVE-2025-69295 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Coven Core coven-core allows Blind SQL Injection.This issue affects Coven Core: from ... | 9.3 | CRITICAL | â | 0 |
| CVE-2025-70948 A host header injection vulnerability in the mailer component of @perfood/couch-auth v0.26.0 allows attackers to obtain reset tokens and execute an account takeover via spoofing the HTTP Host header. | 9.3 | CRITICAL | â | 0 |
| CVE-2025-68857 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ichurakov Paid Downloads paid-downloads allows Blind SQL Injection.This issue affects Paid Downloa... | 9.3 | CRITICAL | â | 0 |
| CVE-2026-25377 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eyecix Addon Jobsearch Chat addon-jobsearch-chat allows SQL Injection.This issue affects Addon Job... | 9.3 | CRITICAL | â | 0 |
| CVE-2025-67945 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MailerLite MailerLite â WooCommerce integration woo-mailerlite allows SQL Injection.This issue aff... | 9.3 | CRITICAL | â | 0 |
| CVE-2026-26266 AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting (XSS) vulnerability was identified in the email rendering feature of AliasVault Web Client ve... | 9.3 | CRITICAL | â | 0 |
| CVE-2026-34714 Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE. | 9.2 | CRITICAL | â | 0 |
| CVE-2026-27208 bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an attack chain involving OS Command Injection and Privilege Escalation. This allows an attacker to exe... | 9.2 | CRITICAL | â | 0 |
| CVE-2026-25848 In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible | 9.1 | CRITICAL | â | 0 |
| CVE-2026-24677 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecam_encoder_compress_h264 trusts server-controlled dimensions and does not validate the source buffer size, leading t... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-25923 my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validati... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-32524 Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through <= 6.4.9. | 9.1 | CRITICAL | â | 0 |
| CVE-2026-24679 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bou... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-28231 pillow_heif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of `_pillow_heif.c` allows an attac... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-27812 Sub2API is an AI API gateway platform designed to distribute and manage API quotas from AI product subscriptions. A vulnerability in versions prior to 0.1.85 is a Password Reset Poisoning (Host Header... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-2880 A vulnerability in @fastify/middie versions < 9.2.0 can result in authentication/authorization bypass when using path-scoped middleware (for example, app.use('/secret', auth)). When Fastify router no... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-4716 Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | 9.1 | CRITICAL | â | 0 |
| CVE-2026-4715 Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | 9.1 | CRITICAL | â | 0 |
| CVE-2025-55130 A flaw in Node.jsâs Permissions model allows attackers to bypass `--allow-fs-read` and `--allow-fs-write` restrictions using crafted relative symlink paths. By chaining directories and symlinks, a scr... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-2234 C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content. | 9.1 | CRITICAL | â | 0 |
| CVE-2025-55853 SoftVision webPDF before 10.0.2 is vulnerable to Server-Side Request Forgery (SSRF). The PDF converter function does not check if internal or external resources are requested in the uploaded files and... | 9.1 | CRITICAL | â | 0 |
| CVE-2025-60949 Census CSWeb 8.0.1 allows "app/config" to be reachable via HTTP in some deployments. A remote, unauthenticated attacker could send requests to configuration files and obtain leaked secrets. Fixed in 8... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-25057 MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip file to create an assignment from an exported configuration (cou... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-33202 Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#delete_prefixed` passes blob keys dire... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-4724 Undefined behavior in the Audio/Video component. This vulnerability affects Firefox < 149 and Thunderbird < 149. | 9.1 | CRITICAL | â | 0 |
| CVE-2026-33340 LoLLMs WEBUI provides the Web user interface for Lord of Large Language and Multi modal Systems. A critical Server-Side Request Forgery (SSRF) vulnerability has been identified in all known existing v... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-33475 Langflow is a tool for building and deploying AI-powered agents and workflows. An unauthenticated remote shell injection vulnerability exists in multiple GitHub Actions workflows in the Langflow repos... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-4283 The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the `super-unsubscribe` AJAX action accept... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-29103 SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. A Critical Remote Code Execution (RCE) vulnerability exists in SuiteCRM 7.15.0 and 8.9.2, allo... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-3432 On SimStudio version below to 0.5.74, the `/api/auth/oauth/token` endpoint contains a code path that bypasses all authorization checks when provided with `credentialAccountUserId` and `providerId` par... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-25804 Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to versions 2.3.2 and 2.4.3, Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug ... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-33286 Graphiti is a framework that sits on top of models and exposes them via a JSON:API-compliant interface. Versions prior to 1.10.2 have an arbitrary method execution vulnerability that affects Graphiti'... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-25447 Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a throug... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-33409 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.52 and 9.6.0-alpha.41, an authentication bypass vulnerability allows an at... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-4753 Out-of-bounds Read vulnerability in slajerek RetroDebugger.This issue affects RetroDebugger: before v0.64.72. | 9.1 | CRITICAL | â | 0 |
| CVE-2025-68670 xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain ... | 9.1 | CRITICAL | â | 0 |
| CVE-2025-69222 LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery (SSRF) vulnerability due to missing restrictions of the Actions feature in the defaul... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-2806 Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | 9.1 | CRITICAL | â | 0 |
| CVE-2026-20897 Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write access to one repository may be able to delete LFS locks belonging to other repositories. | 9.1 | CRITICAL | â | 0 |
| CVE-2019-25298 html5_snmp 1.11 contains multiple SQL injection vulnerabilities that allow attackers to manipulate database queries through Router_ID and Router_IP parameters. Attackers can exploit error-based, time-... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-25810 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/student.submission.routes.ts verify authentication but fails to enforce object-... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-20912 Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different publi... | 9.1 | CRITICAL | â | 0 |
| CVE-2025-66614 Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were ... | 9.1 | CRITICAL | â | 0 |
| CVE-2026-4750 Out-of-bounds Read vulnerability in fabiangreffrath woof.This issue affects woof: before woof_15.3.0. | 9.1 | CRITICAL | â | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.