Search

Expected end of text, found '–' (at char 42), (line:1, col:43)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (361493 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-63078 2026-06-26 4.3 Medium
Subscriber Broken Access Control in Restaurant Menu by MotoPress <= 2.4.11 versions.
CVE-2025-68063 2026-06-26 7.5 High
Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey <= 4.4.3 versions.
CVE-2026-54820 2026-06-26 9.3 Critical
Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions.
CVE-2026-54832 2026-06-26 7.5 High
Unauthenticated Broken Access Control in Gutenverse Companion <= 2.5.0 versions.
CVE-2026-54840 2026-06-26 7.3 High
Unauthenticated Broken Access Control in Newsletters <= 4.13 versions.
CVE-2026-56025 2026-06-26 7.5 High
Unauthenticated Broken Access Control in Paymob for WooCommerce <= 4.1.2 versions.
CVE-2026-56038 2026-06-26 8.8 High
Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions.
CVE-2026-57638 2026-06-26 6.5 Medium
Contributor Cross Site Scripting (XSS) in Fluent Booking <= 2.1.0 versions.
CVE-2026-57651 2026-06-26 6.5 Medium
Contributor Cross Site Scripting (XSS) in Ghost Kit <= 3.6.0 versions.
CVE-2026-38640 1 Redox-os 1 Relibc 2026-06-26 7.5 High
A reachable unwrap in the __assert_fail function (/assert/mod.rs) of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2026-56057 2026-06-26 9.8 Critical
Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions.
CVE-2026-56063 2026-06-26 8.3 High
Unauthenticated Broken Access Control in MailChimp Block <= 1.1.15 versions.
CVE-2026-40711 1 Dell 1 Container Storage Modules 2026-06-26 8 High
Dell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
CVE-2026-57923 1 Jetbrains 1 Youtrack 2026-06-26 5.3 Medium
In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings
CVE-2026-57880 1 Geovision Inc. 1 Gv-lpclpc2011 2211 2026-06-26 9.8 Critical
An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when parsing RTSP Digest authentication fields. A remote attacker may exploit this vulnerability by sending a crafted RTSP request containing overly long authentication data, resulting in memory corruption, denial of service, or potentially arbitrary code execution.
CVE-2025-63041 2026-06-26 5.4 Medium
Contributor Broken Access Control in Forget About Shortcode Buttons <= 2.1.3 versions.
CVE-2026-54839 2026-06-26 7.5 High
Unauthenticated Sensitive Data Exposure in Trinity Backup &#8211; Backup, Migrate, Restore, Clone &amp; Schedule Backups <= 2.0.9 versions.
CVE-2026-56030 2026-06-26 9.8 Critical
Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions.
CVE-2026-57618 2026-06-26 6.5 Medium
Contributor Cross Site Scripting (XSS) in Neve PRO <= 3.1.2 versions.
CVE-2026-57924 1 Jetbrains 1 Youtrack 2026-06-26 4.3 Medium
In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details