CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-21636 A flaw in Node.js's permission model allows Unix Domain Socket (UDS) connections to bypass network restrictions when `--permission` is enabled. Even without `--allow-net`, attacker-controlled inputs (... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-59818 This vulnerability allows authenticated attackers to execute arbitrary commands on the underlying system using the file name of an uploaded file. | 10.0 | CRITICAL | β | 0 |
| CVE-2026-21962 Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Prox... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-57792 Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user input in a web application endpoint. An attacker can supply crafted input that ... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-10878 A SQL injection vulnerability exists in the login functionality of Fikir Odalari AdminPando 1.0.1 before 2026-01-26. The username and password parameters are vulnerable to SQL injection, allowing unau... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-24897 Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticated low-privileged user can upload arbitrary files to any specified location due to insufficient vali... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-20079 A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an a... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-25813 Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-2577 The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces (0.0.0.0) on port 3001 by default and does not require authentication for incoming connections. An unauthe... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-64075 A path traversal vulnerability in the check_token function of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote attackers to bypass authentication and perform administrative actions by ... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-1283 Code Injection in GitHub repository builderio/qwik prior to 0.21.0. | 10.0 | CRITICAL | β | 0 |
| CVE-2023-22583 The Danfoss AK-EM100 web forms allow for SQL injection in the login forms. | 10.0 | CRITICAL | β | 0 |
| CVE-2020-14871 Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows ... | 10.0 | CRITICAL | KEV | 0 |
| CVE-2023-22814 An authentication bypass issue via spoofing was discovered in the token-based authentication mechanism that could allow an attacker to carry out an impersonation attack. This issue affects My Cloud ... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-24054 Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In versions prior to 3.26.0, when a container image ... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-1699 In the Eclipse Theia Website repository, the GitHub Actions workflow .github/workflows/preview.yml used pull_request_target trigger while checking out and executing untrusted pull request code. This a... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-23693 ElementsKit Elementor Addons β Advanced Widgets & Templates Addons for Elementor (elementskit-lite) WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mai... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-20238 A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attac... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-27597 Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to version 2.11.1, it is possible to escape the security boundraries set by `@enclave-vm/core`, which can be use... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-41094 TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outsid... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-21718 An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execut... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-2306 Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information using hard-coded credentials. With these credentials an attacker can retrieve information about the came... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-32169 Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network. | 10.0 | CRITICAL | β | 0 |
| CVE-2026-34162 FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint (/api/core/app/httpTools/runTool) is exposed without any authentication. This endpoint acts... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-42770 Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TC... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-6248 The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 device connected to the cl... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-31957 Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 3.0.0 to before 3.1.0, if Himmelblau is deployed without a configured tenant domain in himmelblau.conf, authentica... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-32737 Romeo gives the capability to reach high code coverage of Go β₯1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.1, due to a... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-49778 Deserialization of Untrusted Data vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6. | 10.0 | CRITICAL | β | 0 |
| CVE-2023-48419 An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of PrivilegeΒ | 10.0 | CRITICAL | β | 0 |
| CVE-2026-27897 Vociferous provides cross-platform, offline speech-to-text with local AI refinement. Prior to 4.4.2, the vulnerability exists in src/api/system.py within the export_file route. The application accepts... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-3587 An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device. | 10.0 | CRITICAL | β | 0 |
| CVE-2026-4688 Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | 10.0 | CRITICAL | β | 0 |
| CVE-2026-4692 Sandbox escape in the Responsive Design Mode component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | 10.0 | CRITICAL | β | 0 |
| CVE-2026-28505 Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the str_eval() function in notification_handler.py implements a sandboxed eval() for notificatio... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-48611 In DeviceId of DeviceId.java, there is a possible desync in persistence due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. ... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-4370 A vulnerability was identified in Juju from version 3.2.0 until 3.6.19 and from version 4.0 until 4.0.4, where the internal Dqlite database cluster fails to perform proper TLS client and server authen... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-23621 A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution. | 10.0 | CRITICAL | β | 0 |
| CVE-2026-30302 The command auto-approval module in CodeRider-Kilo contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect us... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-20131 A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root&n... | 10.0 | CRITICAL | KEV | 0 |
| CVE-2024-6500 The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'parse_request' function in all... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-20337 A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does... | 10.0 | CRITICAL | KEV | 0 |
| CVE-2024-43918 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW WBW Product Table PRO allows SQL Injection.This issue affects WBW Product Table PRO: from n/a ... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-8529 The LearnPress β WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_fields' parameter of the /wp-json/lp/v1/courses/archive-course REST API endpoint in all versions up... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-8522 The LearnPress β WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up t... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-32962 xml-crypto is an xml digital signature and encryption library for Node.js. In affected versions the default configuration does not check authorization of the signer, it only checks the validity of the... | 10.0 | CRITICAL | β | 0 |
| CVE-2019-16649 On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-49291 Unrestricted Upload of File with Dangerous Type vulnerability in Gora Tech LLC Cooked Pro.This issue affects Cooked Pro: from n/a before 1.8.0. | 10.0 | CRITICAL | β | 0 |
| CVE-2016-0898 MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were no... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-50029 PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method. | 10.0 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.