CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 11337 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11337 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-25338	2 Ays Pro, Wordpress	2 Ai Chatbot With Chatgpt And Content Generator By Ays, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through <= 2.7.4.
CVE-2026-25348	2 Alttextai, Wordpress	2 Download Alt Text Ai, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in alttextai Download Alt Text AI alttext-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Alt Text AI: from n/a through <= 1.10.15.
CVE-2026-25363	2 Fooplugins, Wordpress	2 Foogallery, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through <= 3.1.11.
CVE-2026-25364	2 Boldgrid, Wordpress	2 Client Invoicing By Sprout Invoices, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.8.
CVE-2026-25367	2 Nootheme, Wordpress	2 Citilights, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in NooTheme CitiLights noo-citilights allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CitiLights: from n/a through < 3.7.2.
CVE-2026-25368	2 Codepeople, Wordpress	2 Calculated Fields Form, Wordpress	2026-04-16	6.5 Medium
Missing Authorization vulnerability in codepeople Calculated Fields Form calculated-fields-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Calculated Fields Form: from n/a through <= 5.4.4.1.
CVE-2026-25372	2 Kodezen, Wordpress	2 Academy Lms, Wordpress	2026-04-16	6.5 Medium
Missing Authorization vulnerability in Kodezen LLC Academy LMS academy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Academy LMS: from n/a through <= 3.5.3.
CVE-2026-25374	2 Rarathemes, Wordpress	2 Spa And Salon, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in raratheme Spa and Salon spa-and-salon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spa and Salon: from n/a through <= 1.3.2.
CVE-2026-25375	2 Wordpress, Wpchill	2 Wordpress, Image Photo Gallery Final Tiles Grid	2026-04-16	4.3 Medium
Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.10.
CVE-2026-25384	2 Wordpress, Wplab	2 Wordpress, Wp-lister Lite For Ebay	2026-04-16	5.3 Medium
Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Lister Lite for eBay: from n/a through <= 3.8.5.
CVE-2026-25391	2 Wordpress, Wp Grids	2 Wordpress, Wp Wand	2026-04-16	5.4 Medium
Missing Authorization vulnerability in WP Grids WP Wand ai-content-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Wand: from n/a through <= 1.3.07.
CVE-2026-25394	2 Sparklewpthemes, Wordpress	2 Fitness Fse, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in sparklewpthemes Fitness FSE fitness-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fitness FSE: from n/a through <= 1.0.6.
CVE-2026-25399	2 Cryoutcreations, Wordpress	2 Serious Slider, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in CryoutCreations Serious Slider cryout-serious-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serious Slider: from n/a through <= 1.2.7.
CVE-2026-25402	2 Echoplugins, Wordpress	2 Knowledge Base For Documentation, Faqs With Ai Assistance, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in echoplugins Knowledge Base for Documentation, FAQs with AI Assistance echo-knowledge-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance: from n/a through <= 16.011.0.
CVE-2026-25404	2 Automattic, Wordpress	2 Wp Job Manager, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a through <= 2.4.0.
CVE-2026-25409	2 Crgeary, Wordpress	2 Jamstack Deployments, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in crgeary JAMstack Deployments wp-jamstack-deployments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JAMstack Deployments: from n/a through <= 1.1.1.
CVE-2026-25410	2 Tstephenson, Wordpress	2 Wp-cors, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in tstephenson WP-CORS wp-cors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CORS: from n/a through <= 0.2.2.
CVE-2026-25415	2 Iqonicdesign, Wordpress	2 Wpbookit Pro, Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPBookit Pro: from n/a through <= 1.6.18.
CVE-2005-3623	2 Linux, Redhat	2 Linux Kernel, Enterprise Linux	2026-04-16	N/A
nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.
CVE-2005-2136	1 Raritan	10 Dominion Sx16, Dominion Sx16 Firmware, Dominion Sx32 and 7 more	2026-04-16	N/A
Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users.

« first previous Page 215 of 567. next last »