Export limit exceeded: 85109 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (85109 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56043 | 2 Cusrev, Wordpress | 2 Customer Reviews For Woocommerce, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Customer Reviews for WooCommerce <= 5.110.1 versions. | ||||
| CVE-2026-56055 | 2 Inspirythemes, Wordpress | 2 Realhomes, Wordpress | 2026-06-26 | 8.8 High |
| Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions. | ||||
| CVE-2026-56072 | 2 Wordpress, Xtemos | 2 Wordpress, Woodmart | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in WoodMart <= 8.5.3 versions. | ||||
| CVE-2026-57312 | 2 Wordpress, Wpeverest | 2 Wordpress, Everest Forms | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Everest Forms <= 3.4.8 versions. | ||||
| CVE-2026-57317 | 2 Nsquared, Wordpress | 2 Simply Schedule Appointments, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Simply Schedule Appointments <= 1.6.12.2 versions. | ||||
| CVE-2026-57319 | 2 Realmag777, Wordpress | 2 Fox, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in FOX <= 1.4.8 versions. | ||||
| CVE-2026-37454 | 1 Msi | 1 Nbfoundation Service | 2026-06-26 | 7.5 High |
| Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the 3DES-ECB encryption | ||||
| CVE-2025-68052 | 2 Eagle-themes, Wordpress | 2 Eagle Booking, Wordpress | 2026-06-26 | 8.8 High |
| Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions. | ||||
| CVE-2026-56044 | 2 Adenion, Wordpress | 2 Blog2social, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Blog2Social <= 8.9.2 versions. | ||||
| CVE-2026-56045 | 2 Valvepress, Wordpress | 2 Automatic, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Automatic < 3.135.1 versions. | ||||
| CVE-2026-46602 | 1 Golang | 1 Image | 2026-06-26 | 7.5 High |
| The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption. | ||||
| CVE-2026-57915 | 1 Apache | 1 Kerby | 2026-06-26 | 7.3 High |
| It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users are recommended to upgrade to version 2.1.2, which fixes this issue. | ||||
| CVE-2026-56060 | 2 Tychesoftwares, Wordpress | 2 Print Invoice & Delivery Notes For Woocommerce, Wordpress | 2026-06-26 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce <= 7.1.1 versions. | ||||
| CVE-2026-54013 | 1 Open-webui | 1 Open-webui | 2026-06-26 | 7.6 High |
| Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no validate_profile_image_url field validator, and the model image serving endpoint has no MIME allowlist or nosniff header. Any authenticated user with workspace.models permission (enabled by default) can store a data:image/svg+xml;base64,... payload in a model's profile image and achieve full account takeover of anyone who navigates to the image URL. This vulnerability is fixed in 0.9.6. | ||||
| CVE-2026-54847 | 2 Design, Wordpress | 2 Stylish Cost Calculator, Wordpress | 2026-06-26 | 7.5 High |
| Unauthenticated Broken Access Control in Stylish Cost Calculator <= 8.3.9 versions. | ||||
| CVE-2026-56011 | 2 Chrisrichardson, Wordpress | 2 Mappress Maps For Wordpress, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions. | ||||
| CVE-2026-54317 | 1 Home-assistant | 1 Core | 2026-06-26 | 7.6 High |
| Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView (homeassistant/components/konnected/__init__.py), that is marked as not requiring authentication (requires_auth = False). A comment next to that line says auth is instead handled "via the access token from configuration." That promise is only half true. Write requests (POST and PUT) are handled by update_sensor(), which does check the request's Authorization: Bearer <token> header against the integration's stored access tokens (using hmac.compare_digest). Read requests (GET) are handled by a separate get() method that has no authentication check at all. This vulnerability is fixed in 2026.6.0. | ||||
| CVE-2026-38637 | 1 Redox-os | 1 Relibc | 2026-06-26 | 7.5 High |
| An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2026-45257 | 1 Freebsd | 1 Freebsd | 2026-06-26 | 7.8 High |
| The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile(2), which can reference file-backed memory directly through non-anonymous M_EXTPG pages or EXT_SFBUF mbufs. When the sender transmits such data over a loopback connection without enabling KTLS on the transmit side, the file-backed mbufs reach the receiver's decryption path unchanged. Decrypting a record in place then overwrites the backing file's page cache instead of a private copy of the data. An unprivileged local user who can read a file can overwrite its contents with data of their choosing by sending the file over a loopback connection on which they have enabled KTLS receive. The write modifies the page cache directly, so it bypasses file flags such as schg and is written back to disk. By overwriting a setuid binary or other trusted file, a local user can escalate privileges, potentially gaining full control of the affected system. | ||||
| CVE-2026-45687 | 1 Rocketchat | 1 Rocket.chat | 2026-06-26 | 8.5 High |
| Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's sendFileMessage DDP method passes the entire attacker-supplied file object into Uploads.updateFileComplete, which merges it directly into a MongoDB $set update via Object.assign. There is no allow-list of writable fields. An attacker can therefore rewrite any column on their own upload record, notably store and the store-specific path fields. This vulnerability is fixed in 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11. | ||||