CVE Database

9215+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-11526
9.8 CRITICAL

GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::Image::_make_filehandle opens a …

Jun 14, 2026
CVE-2026-12183
9.8 CRITICAL

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php …

Jun 13, 2026
CVE-2026-53838
9.8 CRITICAL

OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approval scope decisions. Attackers can exploit reconnection …

Jun 12, 2026
CVE-2026-53609
9.1 CRITICAL

ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, `apos.util.set()` traverses dot-notation paths without sanitizing `__proto__`, allowing an authenticated …

Jun 12, 2026
CVE-2026-53519
9.1 CRITICAL

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. Prior to version 2.0.13, fallbackToFrontend in the dashboard's NoRoute handler treats any …

Jun 12, 2026
CVE-2026-46716
9.9 CRITICAL

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, a RoleMember user can create …

Jun 12, 2026
CVE-2026-41157
9.8 CRITICAL

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space …

Jun 12, 2026
CVE-2026-44990
9.3 CRITICAL

ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Under the default configuration, versions of …

Jun 12, 2026
CVE-2026-28742
9.8 CRITICAL

Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt embedded in every firmware image. Once this salt is recovered from any …

Jun 12, 2026
CVE-2026-48558
10.0 CRITICAL KEV

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity …

Jun 12, 2026
CVE-2026-44172
9.8 CRITICAL

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it …

Jun 12, 2026
CVE-2026-44170
9.8 CRITICAL

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 …

Jun 12, 2026
CVE-2026-50091
9.1 CRITICAL

Aqara Home Android (com.lumiunited.aqarahome) 6.0.0 (and white-label clients embedding the same liblumidevsdk.so) uses hard-coded cryptographic keys, which is an instance of "CWE-321: Use of Hard-coded …

Jun 12, 2026
CVE-2026-50090
9.3 CRITICAL

The Aqara Cloud OAuth Authorization Endpoint (open-cn.aqara.com/oauth/authorize) is vulnerable to a redirect bypass due to lax controls on domain matching, which is an instance of …

Jun 12, 2026
CVE-2026-50086
10.0 CRITICAL

The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against the platform's signing key without authentication. This is an instance of "CWE-306: Missing Authentication for …

Jun 12, 2026
CVE-2026-50084
9.6 CRITICAL

The Aqara Cloud Production API (open-cn.aqara.com/v3.0/open/api) would authorize any valid developer token for access to any account. This is an instance of "CWE-862: Missing Authorization" …

Jun 12, 2026
CVE-2026-50083
9.1 CRITICAL

The Aqara IAM/SSO Gateway (gw-builder.aqara.com) used a hardcoded OAuth client credential, which is an instance of "CWE-798: Use of Hard-coded Credentials." This issue has an …

Jun 12, 2026
CVE-2026-6853
9.8 CRITICAL

Improper restriction of excessive authentication attempts vulnerability in Başbelen Group Food Cafe Businesses Industry and Trade Ltd. Co. Pause+ Mobile App allows Authentication Bypass. This …

Jun 12, 2026
CVE-2026-54133
9.8 CRITICAL

jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elements from a JSON document, in PHP applications with PHP data structures. …

Jun 12, 2026
CVE-2026-53787
9.8 CRITICAL

Amasty Order Attributes for Magento 2 before version 4.0.0 contains an unauthenticated arbitrary file upload vulnerability that allows unauthenticated attackers to write arbitrary files to …

Jun 12, 2026
CVE-2026-47210
9.8 CRITICAL

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, a sandbox escape vulnerability in vm2 allows arbitrary code execution in the host …

Jun 12, 2026
CVE-2026-47208
10.0 CRITICAL

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code …

Jun 12, 2026
CVE-2026-47140
10.0 CRITICAL

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM blocks several dangerous Node.js builtins such as module, worker_threads, cluster, vm, repl, …

Jun 12, 2026
CVE-2026-47137
10.0 CRITICAL

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the fix for GHSA-8hg8-63c5-gwmx (CVE-2023-37903) introduced a check in nodevm.js line 263 that …

Jun 12, 2026
CVE-2026-47131
10.0 CRITICAL

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, by combining Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__"), Buffer.call.call({}.__lookupSetter__, Buffer, "__proto__"), and Node.js's ERR_INVALID_ARG_TYPE Error, the …

Jun 12, 2026
CVE-2026-10557
9.8 CRITICAL

The Yarbo Android and iOS applications contain hard-coded MQTT broker credentials that are identical for all users and all devices. These credentials are embedded in …

Jun 12, 2026
CVE-2026-11849
9.8 CRITICAL

The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative …

Jun 12, 2026
CVE-2026-50628
9.8 CRITICAL

A logic error in OAuthRequestFilter rejects legitimate requests originating from the bound IP address, while blindly allowing requests from any other IP address. Enabling this …

Jun 12, 2026
CVE-2026-50627
9.1 CRITICAL

The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' (Audience) claims of incoming JWT access tokens. This allows a JWT issued for one …

Jun 12, 2026
CVE-2026-49875
9.8 CRITICAL

Apache CXF's EndpointReferenceUtils and W3CMultiSchemaFactory classes construct a SAXParserFactory without the necessary JAXP hardening configurations, enabling out-of-band (OOB) external entity resolution. Users are recommended to …

Jun 12, 2026
CVE-2026-48611
9.8 CRITICAL

Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured or enabled leading to unauthorized access in default installations.

Jun 12, 2026
CVE-2026-47370
9.9 CRITICAL

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS …

Jun 12, 2026
CVE-2026-47369
9.9 CRITICAL

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS …

Jun 12, 2026
CVE-2026-47367
9.9 CRITICAL

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UID Enterprise Agent to execute …

Jun 12, 2026
CVE-2026-47365
9.9 CRITICAL

Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary …

Jun 12, 2026
CVE-2026-45060
9.8 CRITICAL

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #129, the actions/progress_video.php endpoint is vulnerable to blind SQL injection. Any …

Jun 11, 2026
CVE-2026-42846
9.8 CRITICAL

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #140, ClipBucket's Remote Play feature allows any authenticated user to add …

Jun 11, 2026
CVE-2026-49060
9.8 CRITICAL

Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4.

Jun 11, 2026
CVE-2026-42647
9.3 CRITICAL

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from …

Jun 11, 2026
CVE-2026-39494
9.3 CRITICAL

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW Plugins Product Filter by WBW allows Blind SQL Injection. This …

Jun 11, 2026
CVE-2026-12027
9.6 CRITICAL

Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox …

Jun 11, 2026
CVE-2026-41005
9.0 CRITICAL

Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as a substitute for XML signatures from the Identity Provider (authenticity) in two …

Jun 11, 2026
CVE-2026-49973
9.4 CRITICAL

Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the _set_password parameter …

Jun 11, 2026
CVE-2026-49261
10.0 CRITICAL

MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 …

Jun 11, 2026
CVE-2026-9648
9.1 CRITICAL

The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alternative Names fall outside the issuing CA’s permitted …

Jun 11, 2026
CVE-2026-11839
9.9 CRITICAL

Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information Technologies Inc. Rotaban allows Upload a Web Shell to a Web Server. This issue …

Jun 11, 2026
CVE-2026-38581
9.8 CRITICAL

SQL Injection vulnerability in damasac thaipalliative_lte through version 3.0 allows remote attackers to execute arbitrary SQL commands via the idFormMain parameter to /substudy/ezform.php (line 14) …

Jun 11, 2026
CVE-2026-7852
9.8 CRITICAL

Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC allows Remote Code Inclusion. This issue affects LimRAD NAC: before 5.5.7.3.9.

Jun 11, 2026
CVE-2026-11561
9.8 CRITICAL

Improper neutralization of special elements used in an expression language statement ('expression language injection') vulnerability in Soagen Informatics Technologies Software and Consulting Inc. Apinizer allows …

Jun 11, 2026
CVE-2026-35273
9.8 CRITICAL KEV

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable …

Jun 11, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.