CVE Database

108577+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-47966
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47962
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47958
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47957
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47956
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47954
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47953
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47951
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47950
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47949
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47948
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47947
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue …

Jun 9, 2026
CVE-2026-47946
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue …

Jun 9, 2026
CVE-2026-47945
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47944
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47943
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47942
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47941
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47939
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47936
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a …

Jun 9, 2026
CVE-2026-47935
5.4 MEDIUM

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue …

Jun 9, 2026
CVE-2026-47656
7.9 HIGH

Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a security feature locally.

Jun 9, 2026
CVE-2026-47654
7.5 HIGH

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Jun 9, 2026
CVE-2026-47653
8.8 HIGH

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Jun 9, 2026
CVE-2026-47652
8.2 HIGH

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

Jun 9, 2026
CVE-2026-47648
7.0 HIGH

Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally.

Jun 9, 2026
CVE-2026-47643
9.8 CRITICAL

External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network.

Jun 9, 2026
CVE-2026-47641
4.6 MEDIUM

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Jun 9, 2026
CVE-2026-47640
4.6 MEDIUM

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Jun 9, 2026
CVE-2026-47639
5.4 MEDIUM

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Jun 9, 2026
CVE-2026-47638
4.6 MEDIUM

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Jun 9, 2026
CVE-2026-47637
4.6 MEDIUM

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Jun 9, 2026
CVE-2026-47636
5.4 MEDIUM

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Jun 9, 2026
CVE-2026-47635
8.4 HIGH

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

Jun 9, 2026
CVE-2026-47634
7.3 HIGH

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Jun 9, 2026
CVE-2026-47631
8.1 HIGH

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Jun 9, 2026
CVE-2026-47298
8.0 HIGH

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Jun 9, 2026
CVE-2026-47293
7.0 HIGH

Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.

Jun 9, 2026
CVE-2026-47292
7.8 HIGH

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.

Jun 9, 2026
CVE-2026-47291
9.8 CRITICAL

Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network.

Jun 9, 2026
CVE-2026-47289
8.8 HIGH

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Jun 9, 2026
CVE-2026-47288
7.1 HIGH

Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network.

Jun 9, 2026
CVE-2026-47287
6.5 MEDIUM

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network.

Jun 9, 2026
CVE-2026-47284
6.5 MEDIUM

Exposure of sensitive information to an unauthorized actor in Visual Studio Code allows an unauthorized attacker to disclose information over a network.

Jun 9, 2026
CVE-2026-47281
9.6 CRITICAL

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.

Jun 9, 2026
CVE-2026-46492
7.2 HIGH

md-fileserver allows for local viewing of markdown files in a browser. Prior to version 1.10.3, a cross-site scripting (XSS) vulnerability exists in the application’s Markdown …

Jun 9, 2026
CVE-2026-45771
7.5 HIGH

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. …

Jun 9, 2026
CVE-2026-45658
7.8 HIGH

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Jun 9, 2026
CVE-2026-45657
9.8 CRITICAL

Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network.

Jun 9, 2026
CVE-2026-45656
7.8 HIGH

Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally.

Jun 9, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.