CVE Database

9215+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-43944
9.6 CRITICAL

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. From versions 3.0.6 to before 3.8.15, electerm is vulnerable to arbitrary local code execution via deep links, CLI --opts, …

May 8, 2026
CVE-2026-43941
9.6 CRITICAL

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In versions 3.8.15 and prior, Electerm's terminal hyperlink handler passes any URL clicked in the terminal directly to shell.openExternal …

May 8, 2026
CVE-2026-42208
9.8 CRITICAL KEV

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.81.16 to before version 1.83.7, a database …

May 8, 2026
CVE-2026-41501
9.8 CRITICAL

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux() function appends attacker-controlled remote version strings …

May 8, 2026
CVE-2026-41500
9.8 CRITICAL

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac() function appends attacker-controlled remote releaseInfo.name directly …

May 8, 2026
CVE-2026-42880
9.6 CRITICAL

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a …

May 7, 2026
CVE-2026-8034
9.8 CRITICAL

A server-side request forgery (SSRF) vulnerability was identified in the GitHub Enterprise Server notebook viewer that allowed an attacker to access internal services by exploiting …

May 7, 2026
CVE-2026-42826
10.0 CRITICAL

Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.

May 7, 2026
CVE-2026-35428
9.6 CRITICAL

Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network.

May 7, 2026
CVE-2026-33844
9.0 CRITICAL

Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.

May 7, 2026
CVE-2026-33823
9.6 CRITICAL

Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.

May 7, 2026
CVE-2026-33109
9.9 CRITICAL

Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.

May 7, 2026
CVE-2026-41902
9.1 CRITICAL

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, the /user-setup/{hash} endpoint accepts a 60-character random …

May 7, 2026
CVE-2026-37709
9.8 CRITICAL

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the …

May 7, 2026
CVE-2026-7415
9.8 CRITICAL

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the …

May 7, 2026
CVE-2026-7414
9.8 CRITICAL

Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be …

May 7, 2026
CVE-2025-63704
9.8 CRITICAL

NPM package query-parser-string 1.0.0 is vulnerable to Prototype Pollution. The package does not properly sanitize user supplied query parameters and merges them to the newly …

May 7, 2026
CVE-2025-63703
9.8 CRITICAL

npm package parse-ini v1.0.6 is vulnerable to Prototype Pollution in index.js().

May 7, 2026
CVE-2026-36458
9.8 CRITICAL

ChestnutCMS v1.5.10 has a SQL injection vulnerability. The content parameter of the cms_content tag can be manipulated in the admin backend and injected into a …

May 7, 2026
CVE-2025-63706
9.8 CRITICAL

NPM package next-npm-version1.0.1 is vulnerable to Command injection.

May 7, 2026
CVE-2026-6795
9.6 CRITICAL

URL redirection to untrusted site ('open redirect') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Parameter Injection. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2.

May 7, 2026
CVE-2026-41589
9.6 CRITICAL

Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is …

May 7, 2026
CVE-2026-30496
9.8 CRITICAL

The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the …

May 7, 2026
CVE-2026-8094
9.8 CRITICAL

Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.

May 7, 2026
CVE-2026-8091
9.8 CRITICAL

Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR …

May 7, 2026
CVE-2026-6508
9.8 CRITICAL

Origin Validation Error vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Liderahenk: from …

May 7, 2026
CVE-2026-33587
10.0 CRITICAL

Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code (and subsequently OS commands) on the docker container …

May 7, 2026
CVE-2026-42217
9.8 CRITICAL

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to …

May 7, 2026
CVE-2026-42216
9.1 CRITICAL

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to …

May 7, 2026
CVE-2026-41201
9.1 CRITICAL

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. In version 0.31.4.0, an attacker can …

May 7, 2026
CVE-2026-40982
9.1 CRITICAL

Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request …

May 7, 2026
CVE-2026-40281
10.0 CRITICAL

Gotenberg is a Docker-powered stateless API for PDF files. In versions 8.30.1 and earlier, the metadata write endpoint validates metadata keys for control characters but …

May 6, 2026
CVE-2026-44112
9.6 CRITICAL

OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers …

May 6, 2026
CVE-2026-44109
9.8 CRITICAL

OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validation that allows unauthenticated requests to reach command dispatch. Missing encryptKey configuration …

May 6, 2026
CVE-2026-43581
9.6 CRITICAL

OpenClaw before 2026.4.10 contains an improper network binding vulnerability in the sandbox browser CDP relay that exposes Chrome DevTools Protocol on 0.0.0.0. Attackers can access …

May 6, 2026
CVE-2026-43578
9.1 CRITICAL

OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can exploit …

May 6, 2026
CVE-2026-43575
9.8 CRITICAL

OpenClaw versions 2026.2.21 before 2026.4.10 contain an authentication bypass vulnerability in the sandbox noVNC helper route that exposes interactive browser session credentials. Attackers can access …

May 6, 2026
CVE-2026-7910
9.6 CRITICAL

Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation …

May 6, 2026
CVE-2026-7908
9.6 CRITICAL

Use after free in Fullscreen in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML …

May 6, 2026
CVE-2026-41930
9.8 CRITICAL

Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured …

May 6, 2026
CVE-2026-0300
9.8 CRITICAL KEV

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute …

May 6, 2026
CVE-2026-5081
9.1 CRITICAL

Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId (added in version 1.54) uses the value of the UNIQUE_ID environment variable …

May 6, 2026
CVE-2026-43208
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: net: do not pass flow_id to set_rps_cpu() Blamed commit made the assumption that the RPS …

May 6, 2026
CVE-2026-43198
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcp_v6_syn_recv_sock() Code in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock() is …

May 6, 2026
CVE-2026-43197
9.1 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: netconsole: avoid OOB reads, msg is not nul-terminated msg passed to netconsole from the console …

May 6, 2026
CVE-2026-43186
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data() On the receive path, __ioam6_fill_trace_data() uses trace->nodelen …

May 6, 2026
CVE-2026-43185
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smb_direct_prepare_negotiation() smb_direct_prepare_negotiation() casts an unsigned __u32 value from sp->max_recv_size and …

May 6, 2026
CVE-2026-43125
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes …

May 6, 2026
CVE-2026-43117
9.1 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() If overlay is used on …

May 6, 2026
CVE-2026-43114
9.4 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 …

May 6, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.