CVE Database

9215+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2021-47932
9.8 CRITICAL

WordPress TheCartPress 1.5.3.6 contains an unauthenticated privilege escalation vulnerability that allows attackers to create administrator accounts by submitting crafted requests to the AJAX handler. Attackers …

May 10, 2026
CVE-2021-47923
9.8 CRITICAL

OpenCart 3.0.3.8 contains a session fixation vulnerability that allows attackers to hijack user sessions by injecting arbitrary values into the OCSESSID cookie. Attackers can set …

May 10, 2026
CVE-2026-6104
9.1 CRITICAL

In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mb_convert_encoding() or related …

May 10, 2026
CVE-2026-7261
9.8 CRITICAL

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when SoapServer is configured with SOAP_PERSISTENCE_SESSION, the handler object …

May 10, 2026
CVE-2026-6722
9.8 CRITICAL

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to …

May 10, 2026
CVE-2025-14179
9.8 CRITICAL

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when …

May 10, 2026
CVE-2026-42601
9.8 CRITICAL

ArchiveBox is an open source self-hosted web archiving system. In versions 0.8.6rc0 and prior, the /add/ endpoint (AddView in core/views.py) accepts a config JSON field …

May 9, 2026
CVE-2026-42569
9.4 CRITICAL

phpVMS is a PHP application to run and simulate an airline. Prior to version 7.0.6, a critical vulnerability in phpVMS allowed unauthenticated access to a …

May 9, 2026
CVE-2026-42560
9.1 CRITICAL

auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider maps every …

May 9, 2026
CVE-2026-44313
9.1 CRITICAL

Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. Prior to version 2.13.0, a Server-Side Request Forgery (SSRF) vulnerability in …

May 9, 2026
CVE-2026-42454
9.9 CRITICAL

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, all Docker container management endpoints in …

May 8, 2026
CVE-2026-42354
9.1 CRITICAL

Sentry is an error tracking and performance monitoring tool. From version 21.12.0 to before version 26.4.1, a critical vulnerability was discovered in the SAML SSO …

May 8, 2026
CVE-2026-42302
9.8 CRITICAL

FastGPT is an AI Agent building platform. From version 4.14.10 to before version 4.14.13, the agent-sandbox component of FastGPT is vulnerable to unauthenticated Remote Code …

May 8, 2026
CVE-2026-42298
10.0 CRITICAL

Postiz is an AI social media scheduling tool. Prior to commit da44801, a "Pwn Request" vulnerability in the Build and Publish PR Docker Image workflow …

May 8, 2026
CVE-2026-42193
9.1 CRITICAL

Plunk is an open-source email platform built on top of AWS SES. Prior to version 0.9.0, the /webhooks/sns endpoint accepts Amazon SNS notification payloads from …

May 8, 2026
CVE-2026-44694
9.1 CRITICAL

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there …

May 8, 2026
CVE-2026-42072
9.8 CRITICAL

Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, graph traversal, and writes. Prior to version 1.0.42-hotfix, the --address CLI flag …

May 8, 2026
CVE-2026-38360
9.8 CRITICAL

Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the dash_uploader/httprequesthandler.py, aseHttpRequestHandler.get_temp_root(), BaseHttpRequestHandler._post() components

May 8, 2026
CVE-2026-41070
10.0 CRITICAL

openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on (SSO) auth flows. From version 1.26.3 to before version …

May 8, 2026
CVE-2026-44497
9.1 CRITICAL

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0 and prior to zebra-script version 6.0.0, the fix for CVE-2026-41583 introduced …

May 8, 2026
CVE-2026-43465
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify …

May 8, 2026
CVE-2026-43414
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xx_els_dcmd_iocb() sp->free is set to qla2x00_els_dcmd_sp_free(). When …

May 8, 2026
CVE-2026-43407
9.1 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() This patch fixes an out-of-bounds access in ceph_handle_auth_reply() …

May 8, 2026
CVE-2026-43406
9.1 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in process_message_header() If the message frame is (maliciously) corrupted in …

May 8, 2026
CVE-2026-43402
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: kthread: consolidate kthread exit paths to prevent use-after-free Guillaume reported crashes via corrupted RCU callback …

May 8, 2026
CVE-2026-43384
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be …

May 8, 2026
CVE-2026-43383
9.4 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be …

May 8, 2026
CVE-2026-43379
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb_lazy_parent_lease_break_close() opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is being accessed after rcu_read_unlock() …

May 8, 2026
CVE-2026-43376
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using call_rcu() for oplock_info ksmbd currently frees oplock_info immediately using kfree(), …

May 8, 2026
CVE-2026-41588
9.0 CRITICAL

RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — check_sign_in_key(). This issue has been patched …

May 8, 2026
CVE-2026-41583
9.1 CRITICAL

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-script version 5.0.2, after a refactoring, Zebra failed …

May 8, 2026
CVE-2026-41574
9.8 CRITICAL

Nhost is an open source Firebase alternative with GraphQL. Prior to version 0.49.1, Nhost automatically links an incoming OAuth identity to an existing Nhost account …

May 8, 2026
CVE-2026-37431
9.8 CRITICAL

Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers …

May 8, 2026
CVE-2026-44336
9.6 CRITICAL

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP (Model Context Protocol) server (praisonai mcp serve) registers four file-handling tools by default …

May 8, 2026
CVE-2026-44335
9.8 CRITICAL

PraisonAI is a multi-agent teams system. Prior to version 1.6.32, the URL checking logic in PraisonAI has a logical flaw that could be bypassed by …

May 8, 2026
CVE-2026-43341
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6_fill_trace_data() stores the schema contribution to …

May 8, 2026
CVE-2026-43304
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPH_MAX_KEY_LEN When decoding the key, verify that the key material would …

May 8, 2026
CVE-2026-41512
9.9 CRITICAL

ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability …

May 8, 2026
CVE-2026-41509
9.8 CRITICAL

CROSS implementation contains reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there is a buffer overflow in crypto_sign_open() caused …

May 8, 2026
CVE-2026-41507
9.8 CRITICAL

math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse() is injected verbatim into a new Function() body without …

May 8, 2026
CVE-2026-41497
9.8 CRITICAL

PraisonAI is a multi-agent teams system. Prior to version 4.6.9, the fix for PraisonAI's MCP command handling does not add a command allowlist or argument …

May 8, 2026
CVE-2026-25199
9.1 CRITICAL

Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The …

May 8, 2026
CVE-2026-8153
9.8 CRITICAL

OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code …

May 8, 2026
CVE-2013-10075
9.1 CRITICAL

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that does not exist. This can …

May 8, 2026
CVE-2025-69691
9.9 CRITICAL

Netgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.exec_php. NOTE: the Supplier disputes this because the API call is only available …

May 8, 2026
CVE-2025-69690
9.1 CRITICAL

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the post_reboot_commands property. …

May 8, 2026
CVE-2025-69599
9.8 CRITICAL

RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is …

May 8, 2026
CVE-2025-67887
9.8 CRITICAL

1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a …

May 8, 2026
CVE-2023-46453
9.8 CRITICAL

Certain GL.iNet devices with 4.x firmware allow authentication bypass (resulting in administrative control of the device) via a username that is both a valid SQL …

May 8, 2026
CVE-2024-51092
9.1 CRITICAL

LibreNMS before 24.10.0 allows a remote attacker to execute arbitrary code via OS command injection involving AboutController.php's index(), SettingsController.php's update(), and PollDevice.php's initRrdDirectory().

May 8, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.