CVE Database

9215+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-41635
9.8 CRITICAL

Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them (for static classes or primitive types) does not check the class at all, bypassing the classname …

Apr 27, 2026
CVE-2026-40860
9.8 CRITICAL

JmsBinding.extractBodyFromJms() in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized the payload of incoming JMS ObjectMessage values via javax.jms.ObjectMessage.getObject() without applying any ObjectInputFilter, class …

Apr 27, 2026
CVE-2026-40453
9.9 CRITICAL

The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCase(true) call …

Apr 27, 2026
CVE-2026-42363
9.3 CRITICAL

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. …

Apr 27, 2026
CVE-2026-7037
9.8 CRITICAL

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. …

Apr 26, 2026
CVE-2026-31685
9.4 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets `eui64_mt6()` derives a modified EUI-64 from …

Apr 25, 2026
CVE-2026-31682
9.1 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before parsing ND options br_nd_send() parses neighbour discovery options from ns->opt[] …

Apr 25, 2026
CVE-2026-6951
9.8 CRITICAL

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) that blocks the -c …

Apr 25, 2026
CVE-2026-41478
9.9 CRITICAL

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync routes allows …

Apr 24, 2026
CVE-2026-41473
9.1 CRITICAL

CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary …

Apr 24, 2026
CVE-2026-41248
9.1 CRITICAL

Clerk JavaScript is the official JavaScript repository for Clerk authentication. createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can be bypassed by certain crafted requests, allowing them …

Apr 24, 2026
CVE-2026-41475
9.1 CRITICAL

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's WritePropertyMultiple service …

Apr 24, 2026
CVE-2026-41428
9.1 CRITICAL

Budibase is an open-source low-code platform. Prior to 3.35.4, the authenticated middleware uses unanchored regular expressions to match public (no-auth) endpoint patterns against ctx.request.url. Since …

Apr 24, 2026
CVE-2026-41492
9.8 CRITICAL

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because …

Apr 24, 2026
CVE-2026-41415
9.1 CRITICAL

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a …

Apr 24, 2026
CVE-2026-41328
9.1 CRITICAL

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read …

Apr 24, 2026
CVE-2026-41327
9.1 CRITICAL

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read …

Apr 24, 2026
CVE-2026-41898
9.8 CRITICAL

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk_client_callback, set_psk_server_callback, set_cookie_generate_cb, and set_stateless_cookie_generate_cb forwarded the …

Apr 24, 2026
CVE-2026-41681
9.8 CRITICAL

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVP_DigestFinal() always writes EVP_MD_CTX_size(ctx) to the out buffer. If out is …

Apr 24, 2026
CVE-2026-41678
9.8 CRITICAL

rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrap_key() contains an incorrect assertion: it checks that out.len() + 8 <= …

Apr 24, 2026
CVE-2026-41677
9.1 CRITICAL

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the *_from_pem_callback APIs did not validate the length returned by the …

Apr 24, 2026
CVE-2026-41676
9.8 CRITICAL

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive (and PkeyCtxRef::derive) sets len = buf.len() and passes it as …

Apr 24, 2026
CVE-2026-6911
9.8 CRITICAL

Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application, including the …

Apr 24, 2026
CVE-2026-39920
9.8 CRITICAL

BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-accessible endpoints with default credentials that allows unauthenticated …

Apr 24, 2026
CVE-2026-31669
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table lookups are lockless and rely on SLAB_TYPESAFE_BY_RCU …

Apr 24, 2026
CVE-2026-31668
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and output paths in seg6 lwtunnel The seg6 lwtunnel uses …

Apr 24, 2026
CVE-2026-31659
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadv_tt_prepare_tvlv_global_data() builds the allocation length for a global …

Apr 24, 2026
CVE-2026-31657
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadv_bla_add_claim() can replace claim->backbone_gw and drop the old …

Apr 24, 2026
CVE-2026-31649
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode implementation unconditionally computes len …

Apr 24, 2026
CVE-2026-31637
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then parses …

Apr 24, 2026
CVE-2026-31636
9.1 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgk_verify_authenticator() copies auth_len bytes into a temporary buffer …

Apr 24, 2026
CVE-2026-31633
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk_verify_response() In rxgk_verify_response(), there's a potential integer overflow due to …

Apr 24, 2026
CVE-2026-31609
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush() smbd_send_batch_flush() already calls smbd_free_send_io(), so we should …

Apr 24, 2026
CVE-2026-31608
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() smb_direct_flush_send_list() already calls smb_direct_free_sendmsg(), so we should …

Apr 24, 2026
CVE-2026-31607
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip_pack_ret_submit() When a USB/IP client receives a RET_SUBMIT response, usbip_pack_ret_submit() unconditionally …

Apr 24, 2026
CVE-2026-31589
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: mm: call ->free_folio() directly in folio_unmap_invalidate() We can only call filemap_free_folio() if we have a …

Apr 24, 2026
CVE-2026-31536
9.8 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: smb: server: let send_done handle a completion without IB_SEND_SIGNALED With smbdirect_send_batch processing we likely have …

Apr 24, 2026
CVE-2026-25660
9.8 CRITICAL

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the URL ends …

Apr 24, 2026
CVE-2026-21515
9.9 CRITICAL

Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network.

Apr 24, 2026
CVE-2026-1952
9.8 CRITICAL

Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability.

Apr 24, 2026
CVE-2026-1951
9.8 CRITICAL

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability.

Apr 24, 2026
CVE-2026-1950
9.8 CRITICAL

Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability.

Apr 24, 2026
CVE-2026-1949
9.8 CRITICAL

Delta Electronics AS320T has incorrect calculation of the buffer size on the stack in the GET/PUT request handler of the web service.

Apr 24, 2026
CVE-2026-33078
9.8 CRITICAL

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 8.2.6.4 have a SQL injection vulnerability in the haproxy_section_save …

Apr 24, 2026
CVE-2026-33076
9.8 CRITICAL

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the haproxy_section_save interface presents a vulnerability that could …

Apr 24, 2026
CVE-2026-40630
9.8 CRITICAL

A vulnerability in SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper access control enforcement. An attacker with network …

Apr 24, 2026
CVE-2026-40620
9.8 CRITICAL

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive …

Apr 24, 2026
CVE-2026-35503
9.8 CRITICAL

A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed …

Apr 24, 2026
CVE-2026-27843
9.1 CRITICAL

A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying …

Apr 24, 2026
CVE-2026-25775
9.8 CRITICAL

A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related …

Apr 24, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.