CVE Database

107850+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-14803

Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path (`_decode_value` dispatching to `_decode_array` and …

Jul 6, 2026
CVE-2026-14788
3.3 LOW

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function r_core_bin_load of the file libr/core/cfile.c. Such …

Jul 6, 2026
CVE-2026-14787
3.3 LOW

A weakness has been identified in radareorg radare2 up to 6.1.6. Affected is the function cmd_print in the library libr/core/cmd_print.inc of the component pb Print …

Jul 6, 2026
CVE-2026-14786
3.3 LOW

A security flaw has been discovered in radareorg radare2 up to 6.1.6. This impacts the function r_str_word_get0set of the file libr/util/str.c. The manipulation results in …

Jul 6, 2026
CVE-2026-14784
6.3 MEDIUM

A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The …

Jul 6, 2026
CVE-2026-14783
4.3 MEDIUM

A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skill_view of the file tools/skills_tool.py. Executing a manipulation of the argument …

Jul 6, 2026
CVE-2026-14778
7.3 HIGH

A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajax_enroll.php of …

Jul 6, 2026
CVE-2026-14777
6.3 MEDIUM

A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file …

Jul 6, 2026
CVE-2026-14776
6.3 MEDIUM

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the …

Jul 5, 2026
CVE-2026-14775
6.3 MEDIUM

A vulnerability was identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /process_lesson.php. Such manipulation of …

Jul 5, 2026
CVE-2026-14774
6.3 MEDIUM

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid …

Jul 5, 2026
CVE-2026-14773
6.3 MEDIUM

A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid …

Jul 5, 2026
CVE-2026-10657
3.7 LOW

Zephyr's DNS resolver detects mDNS (.local) queries in dns_resolve_name_internal() (subsys/net/lib/dns/resolve.c) with memcmp(strrchr(query, '.'), ".local", 7), which always reads a fixed 7 bytes from the suffix …

Jul 5, 2026
CVE-2026-10656
4.6 MEDIUM

The MAX32xxx USB device controller driver (drivers/usb/udc/udc_max32.c, compatible adi_max32_usbhs) dereferenced an endpoint buffer in its OUT and IN transfer-completion handlers without checking it for NULL. …

Jul 5, 2026
CVE-2026-59520
4.3 MEDIUM

Cross-Site Request Forgery (CSRF) vulnerability in properfraction CrawlWP SEO allows Cross Site Request Forgery. This issue affects CrawlWP SEO: from n/a through 3.0.16.

Jul 5, 2026
CVE-2026-59519
5.3 MEDIUM

Insertion of Sensitive Information Into Sent Data vulnerability in Softaculous FormLayer allows Retrieve Embedded Sensitive Data. This issue affects FormLayer: from n/a through 1.0.6.

Jul 5, 2026
CVE-2026-59511
5.3 MEDIUM

Insertion of Sensitive Information Into Sent Data vulnerability in Tim Strifler Exclusive Addons Elementor allows Retrieve Embedded Sensitive Data. This issue affects Exclusive Addons Elementor: …

Jul 5, 2026
CVE-2026-14772
7.3 HIGH

A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The impacted element is an unknown function of the file /edit_course1.php. The …

Jul 5, 2026
CVE-2026-14771
7.3 HIGH

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The affected element is an unknown function of the file /edit_exam1.php. Executing …

Jul 5, 2026
CVE-2026-14770
7.3 HIGH

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_room.php. Performing a manipulation of …

Jul 5, 2026
CVE-2026-14769
7.3 HIGH

A security vulnerability has been detected in code-projects Real State Services 1.0. This issue affects some unknown processing of the file /pay.php. Such manipulation of …

Jul 5, 2026
CVE-2026-14768
7.3 HIGH

A weakness has been identified in code-projects Real State Services 1.0. This vulnerability affects unknown code of the file /builderHome.php. This manipulation of the argument …

Jul 5, 2026
CVE-2026-14767
6.3 MEDIUM

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. This affects an unknown part of the file /ecommerce-website-php/customer/confirm.php of the component POST Parameter …

Jul 5, 2026
CVE-2026-14766
6.3 MEDIUM

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/search-result.php of the …

Jul 5, 2026
CVE-2026-59510

AIL Framework contains a path traversal vulnerability in its PDF object handling. Prior to commit 14c618fce4d1df02358717c48ea903706abecdf2, the PDF.get_filepath() function constructed a file path by joining …

Jul 5, 2026
CVE-2026-14764
7.3 HIGH

A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. This impacts an unknown function of the file /admin/add_event.php of the component Event …

Jul 5, 2026
CVE-2026-14763
7.3 HIGH

A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. This affects an unknown function of the file /admin/tour_reserves.php of the component Tour …

Jul 5, 2026
CVE-2026-14762
7.3 HIGH

A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component …

Jul 5, 2026
CVE-2026-14761
3.3 LOW

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function r_str_ndup/r_str_append of the file libr/util/str.c. The manipulation …

Jul 5, 2026
CVE-2026-14760
3.3 LOW

A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function r_core_seek_arch_bits of the file libr/core/disasm.c of the component regprofile Handler. …

Jul 5, 2026
CVE-2026-14759
3.3 LOW

A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function r_bin_java_inner_classes_attr_calc_size of the file shlr/java/class.c of the component …

Jul 5, 2026
CVE-2026-9085
8.8 HIGH

Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing. This issue affects Pardus-Parental-Control: …

Jul 5, 2026
CVE-2026-6509
7.8 HIGH

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Privilege Escalation. This issue affects Pardus Update: from <=0.6.3 before 0.6.6.

Jul 5, 2026
CVE-2026-14758
3.3 LOW

A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmd_anal_opcode of the file libr/core/cmd_anal.inc.c of the component hexpairs Parser. …

Jul 5, 2026
CVE-2026-14757
5.3 MEDIUM

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function core_anal_bytes of the file libr/core/cmd_anal.inc. This manipulation causes integer overflow. The …

Jul 5, 2026
CVE-2026-14756
7.3 HIGH

A vulnerability was found in code-projects Hotel and Tourism Reservation 1.0. Affected by this issue is some unknown functionality of the file /admin/add_tour.php of the …

Jul 5, 2026
CVE-2026-14755
7.3 HIGH

A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/reservations.php of …

Jul 5, 2026
CVE-2026-12386
3.9 LOW

Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from <=4.1.5 before 4.2.1.

Jul 5, 2026
CVE-2026-12250
7.9 HIGH

Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation. This issue affects Pardus Domain …

Jul 5, 2026
CVE-2026-14754
7.3 HIGH

A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. Affected is an unknown function of the file /admin/add_room.php. Executing a manipulation of …

Jul 5, 2026
CVE-2026-14753
7.3 HIGH

A vulnerability was detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This impacts an unknown function of the file /PHP/objects/notes of the component Note Handler/Assignment Handler. …

Jul 5, 2026
CVE-2026-14752
3.5 LOW

A security vulnerability has been detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This affects the function add_definition of the file application/PHP/objects/notes/add_into_dictionary.php. Such manipulation of the …

Jul 5, 2026
CVE-2026-14751
6.3 MEDIUM

A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notes_controller::search_scratch_data of the file application/PHP/objects/notes/search_scratch_data.php. This manipulation of …

Jul 5, 2026
CVE-2026-14750
7.3 HIGH

A security flaw has been discovered in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The affected element is the function Notes_controller::accessing_dictionary_authorization of the file application/PHP/objects/notes/accessing_dictionary_authorization.php. The manipulation …

Jul 5, 2026
CVE-2026-59509

An unauthenticated improper input validation vulnerability in the POST /fetch_cve_data endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB collection, projected …

Jul 5, 2026
CVE-2026-14749
7.3 HIGH

A vulnerability was identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. Impacted is the function eval of the file application/pages/imba_calculator/calculate.php. The manipulation of the argument mathematical_sentence …

Jul 5, 2026
CVE-2026-14748
6.3 MEDIUM

A flaw has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcp_wiki/server.py of the …

Jul 5, 2026
CVE-2026-14747
7.3 HIGH

A vulnerability was detected in code-projects Real State Services 1.0. Affected by this vulnerability is an unknown functionality of the file /addprojectsale.php. The manipulation of …

Jul 5, 2026
CVE-2026-14746
7.3 HIGH

A security vulnerability has been detected in code-projects Real State Services 1.0. Affected is an unknown function of the file /addprojectrent.php. The manipulation of the …

Jul 5, 2026
CVE-2026-14745
7.3 HIGH

A weakness has been identified in code-projects Real State Services 1.0. This impacts an unknown function of the file /single-list_rent.php. Executing a manipulation of the …

Jul 5, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.