Export limit exceeded: 351148 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351148 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-41963 | 1 Huawei | 1 Harmonyos | 2026-05-15 | 2.8 Low |
| Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-34263 | 1 Sap Se | 1 Sap Commerce Cloud Configuration | 2026-05-15 | 9.6 Critical |
| Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application. | ||||
| CVE-2026-0427 | 1 Amd | 4 Instinct Mi210, Instinct Mi300x, Instinct Mi325x and 1 more | 2026-05-15 | N/A |
| Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine (VM) to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability. | ||||
| CVE-2026-6415 | 2 Justinkruit, Wordpress | 2 Advanced Custom Fields:font Awesome Field, Wordpress | 2026-05-15 | 6.4 Medium |
| The Advanced Custom Fields: Font Awesome plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.0.2. This is due to insufficient input validation of JSON field values and unsafe client-side HTML construction in the update_preview() JavaScript function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-41965 | 1 Huawei | 1 Harmonyos | 2026-05-15 | 5.6 Medium |
| Use-After-Free (UAF) vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-41962 | 1 Huawei | 1 Harmonyos | 2026-05-15 | 3.6 Low |
| Permission control vulnerability in the app management and control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-0044 | 1 Amd | 8 Amd Ryzen™ Ai 300 Series Processors, Radeon Pro W7000 Series, Radeon Rx 7000 Series and 5 more | 2026-05-15 | N/A |
| An out-of-bounds read in power management firmware by a malicious local attacker with low privileges could potentially lead to a partial loss of confidentiality and availability. | ||||
| CVE-2026-4094 | 2 Realmag777, Wordpress | 2 Fox – Currency Switcher Professional For Woocommerce, Wordpress | 2026-05-15 | 8.1 High |
| The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'admin_head' function in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete the entire multi-currency configuration by visiting any wp-admin page with the `woocs_reset` parameter appended. Additionally, because no nonce is verified, this is also exploitable via Cross-Site Request Forgery against any administrator. The vulnerability may also be exploited by Subscriber-level users if the site is configured to allow Subscriber access to 'wp-admin' pages. | ||||
| CVE-2026-44661 | 2026-05-15 | 4.7 Medium | ||
| python-utcp is the python implementation of UTCP. Prior to 1.1.3, the utcp-http plugin is vulnerable to a blind Server-Side Request Forgery (SSRF) caused by a trust-boundary inconsistency between manual discovery and tool invocation. register_manual() validates the discovery URL against an HTTPS / loopback allowlist, but call_tool() and call_tool_streaming() reuse the resolved tool_call_template.url directly without revalidating, and the OpenAPI converter blindly trusts whatever servers[0].url an attacker-hosted spec declares. An attacker who hosts a malicious OpenAPI spec on a legitimate HTTPS endpoint can declare e.g. servers: [{ url: "http://127.0.0.1:9090" }] or servers: [{ url: "http://169.254.169.254" }]; the OpenAPI converter then produces tools whose URL points at internal services on the agent host. All three HTTP-class protocols (utcp_http.http, utcp_http.streamable_http, utcp_http.sse) shared the same gap. This vulnerability is fixed in 1.1.3. | ||||
| CVE-2026-45370 | 2026-05-15 | 7.7 High | ||
| python-utcp is the python implementation of UTCP. Prior to 1.1.3, _prepare_environment() in cli_communication_protocol.py passes a full copy of os.environ to every CLI subprocess. When combined with CVE-2026-45369, an attacker can exfiltrate all process-level secrets in a single tool call. This vulnerability is fixed in 1.1.3. | ||||
| CVE-2026-44700 | 2026-05-15 | N/A | ||
| Elixir WebRTC is an Elixir implementation of the W3C WebRTC API. Prior to 0.15.1 and 0.16.1, missing DTLS peer certificate fingerprint validation in the DTLS client (active) role removes one side of WebRTC's mutual authentication. The bug is not independently exploitable for media interception in standard deployments, but enables a full man-in-the-middle attack when chained with insecure signalling or a peer with similar validation gaps. This vulnerability is fixed in 0.15.1 and 0.16.1. | ||||
| CVE-2026-4031 | 2 Wordpress, Wpengine | 2 Wordpress, Database Backup For Wordpress | 2026-05-15 | 7.5 High |
| The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wp_db_temp_dir parameter, which controls where database backups are written. This makes it possible for unauthenticated attackers to send a request to wp-cron.php with a poisoned wp_db_temp_dir value pointing to a publicly accessible directory (e.g., wp-content/uploads/), and if a scheduled backup is due, intercept the backup file before it is cleaned up. The backup file has a predictable name based on the database name, table prefix, date, and Swatch Internet Time, making interception reliable. Successful exploitation leads to Sensitive Information Exposure including database credentials, user password hashes, and personally identifiable information. This vulnerability requires that the site administrator has configured scheduled backups. | ||||
| CVE-2025-54511 | 2026-05-15 | N/A | ||
| Improper handling of insufficient privileges in the AMD Secure Processor (ASP) could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability. | ||||
| CVE-2026-4030 | 2 Wordpress, Wpengine | 2 Wordpress, Database Backup For Wordpress | 2026-05-15 | 8.1 High |
| The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized arbitrary file read and deletion in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check combined with a user-controlled backup directory parameter. This makes it possible for unauthenticated attackers to read and delete arbitrary files on the server, leading to Sensitive Information Exposure and potential site takeover. Note: This vulnerability is only exploitable in WordPress Multisite environments where the deprecated is_site_admin() function exists. | ||||
| CVE-2026-4029 | 2 Wordpress, Wpengine | 2 Wordpress, Database Backup For Wordpress | 2026-05-15 | 7.5 High |
| The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized database export in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check. This makes it possible for unauthenticated attackers to export database tables, leading to Sensitive Information Exposure. Note: This vulnerability is only exploitable in WordPress Multisite environments where the deprecated is_site_admin() function exists. | ||||
| CVE-2026-21730 | 1 Verint | 1 Verba | 2026-05-15 | N/A |
| Verba is affected by a Stored Cross-Site Scripting (XSS) vulnerability within its login logging mechanism. When an unauthenticated remote attacker attempts to log in using an incorrect username and password combination, the supplied username value is recorded in the application logs. Due to lack of input sanitization, an attacker can inject a malicious XSS payload into the username field. This payload will be executed in the context of the administrator’s browser when the admin accesses the web application's log viewer. The vendor was notified early about this vulnerability, but didn't respond to our messages. This issue was fixed in version 10.0.6 | ||||
| CVE-2026-44482 | 1 Richardhbtz | 1 Soundcloud-rpc | 2026-05-15 | 9.6 Critical |
| soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an HTML payload executed locally in the Electron app. This means attacker-controlled SoundCloud track metadata can lead to local command execution on the user's machine. The application exposes a preload API (window.soundcloudAPI.sendTrackUpdate) to the remote SoundCloud page. Track metadata from SoundCloud is trusted and forwarded through IPC into the Electron main process. The app later renders that metadata as raw HTML inside privileged Electron views that have Node.js integration enabled. This vulnerability is fixed in 0.1.8. | ||||
| CVE-2026-42881 | 1 Squinky86 | 1 Stigqter | 2026-05-15 | N/A |
| STIGQter is an open-source reimplementation of DISA's STIG Viewer. From 0.1.2 to before 1.2.7, an attacker can achieve local code execution (LCE) with the privileges of the user running STIGQter. This requires user interaction: the victim must open the malicious .stigqter file and explicitly run the "Export HTML" action. This vulnerability is fixed in 1.2.7. | ||||
| CVE-2026-42281 | 1 Magicmirrororg | 1 Magicmirror | 2026-05-15 | N/A |
| MagicMirror² is an open source modular smart mirror platform. Prior to 2.36.0, an unauthenticated Server-Side Request Forgery (SSRF) vulnerability in the /cors endpoint allows any remote attacker to force the MagicMirror² server to perform arbitrary HTTP requests to internal networks, cloud metadata services, and localhost services. The endpoint also expands environment variable placeholders (**VAR_NAME**), enabling exfiltration of server-side secrets. This vulnerability is fixed in 2.36.0. | ||||
| CVE-2026-6923 | 1 Nuvoton | 1 Npct7xx | 2026-05-15 | 3.8 Low |
| A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman (ECDH) key. | ||||