CVE Database

9215+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-29649
9.8 CRITICAL

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg[7:4] (CBIE/CBCFE/CBZE-related fields) is incorrectly masked/updated based on menvcfg[7:4], so a machine-mode write …

Apr 20, 2026
CVE-2026-39109
9.4 CRITICAL

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page (index.php). This allows an …

Apr 20, 2026
CVE-2026-30269
9.9 CRITICAL

Improper access control in Doorman v0.1.0 and v1.0.2 allows any authenticated user to update their own account role to a non-admin privileged role via /platform/user/{username}. …

Apr 20, 2026
CVE-2026-39918
9.8 CRITICAL

Vvveb prior to 1.0.8.1 contains a code injection vulnerability in the installation endpoint where the subdir POST parameter is written unsanitized into the env.php configuration …

Apr 20, 2026
CVE-2026-24467
9.0 CRITICAL

OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0 and prior …

Apr 20, 2026
CVE-2026-5760
9.8 CRITICAL

SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loaded, as the Jinja2 chat templates are …

Apr 20, 2026
CVE-2026-33557
9.1 CRITICAL

A possible security vulnerability has been identified in Apache Kafka. By default, the broker property `sasl.oauthbearer.jwt.validator.class` is set to `org.apache.kafka.common.security.oauthbearer.DefaultJwtValidator`. It accepts any JWT token …

Apr 20, 2026
CVE-2026-5964
9.8 CRITICAL

EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database …

Apr 20, 2026
CVE-2026-5963
9.8 CRITICAL

EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database …

Apr 20, 2026
CVE-2026-6644
9.1 CRITICAL

A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative user to break out of the …

Apr 20, 2026
CVE-2026-6643
9.9 CRITICAL

A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf() and passing …

Apr 20, 2026
CVE-2026-32956
9.8 CRITICAL

SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed …

Apr 20, 2026
CVE-2026-41242
9.8 CRITICAL

protobufjs compiles protobuf definitions into JavaScript (JS) functions. In versions prior to 8.0.1 and 7.5.5, attackers can inject arbitrary code in the "type" fields of …

Apr 18, 2026
CVE-2026-40494
9.8 CRITICAL

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's …

Apr 18, 2026
CVE-2026-40493
9.8 CRITICAL

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec …

Apr 18, 2026
CVE-2026-40492
9.8 CRITICAL

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec …

Apr 18, 2026
CVE-2026-40572
9.0 CRITICAL

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 (MemoryMapRange) allows Ring 3 user-mode …

Apr 18, 2026
CVE-2026-40317
9.3 CRITICAL

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 (JumpToUser) accepts an arbitrary entry …

Apr 18, 2026
CVE-2026-40484
9.1 CRITICAL

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from …

Apr 18, 2026
CVE-2026-40324
9.1 CRITICAL

Hot Chocolate is an open-source GraphQL server. Prior to versions 12.22.7, 13.9.16, 14.3.1, and 15.1.14, Hot Chocolate's recursive descent parser `Utf8GraphQLParser` has no recursion depth …

Apr 18, 2026
CVE-2026-5720
9.1 CRITICAL

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending …

Apr 17, 2026
CVE-2026-40478
9.0 CRITICAL

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the the expression …

Apr 17, 2026
CVE-2026-40477
9.0 CRITICAL

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the expression execution …

Apr 17, 2026
CVE-2026-40351
9.8 CRITICAL

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an …

Apr 17, 2026
CVE-2026-40258
9.1 CRITICAL

The Gramps Web API is a Python REST API for the genealogical research software Gramps. Versions 1.6.0 through 3.11.0 have a path traversal vulnerability (Zip …

Apr 17, 2026
CVE-2026-33689
9.1 CRITICAL

xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability in the pre-authentication RDP message parsing logic. A remote, unauthenticated …

Apr 17, 2026
CVE-2026-23500
9.1 CRITICAL

Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. In versions prior to 23.0.0 , the ODT to PDF conversion …

Apr 17, 2026
CVE-2026-40342
9.9 CRITICAL

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine …

Apr 17, 2026
CVE-2026-35546
9.8 CRITICAL

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, enabling attackers to plant and execute code …

Apr 17, 2026
CVE-2026-33516
9.1 CRITICAL

xrdp is an open source RDP server. Versions through 0.10.5 contain an out-of-bounds read vulnerability during the RDP capability exchange phase. The issue occurs when …

Apr 17, 2026
CVE-2026-40525
9.1 CRITICAL

OpenViking prior to version 0.3.9 contains an authentication bypass vulnerability in the VikingBot OpenAPI HTTP route surface where the authentication check fails open when the …

Apr 17, 2026
CVE-2026-6284
9.1 CRITICAL

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited …

Apr 17, 2026
CVE-2026-37749
9.8 CRITICAL

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php.

Apr 17, 2026
CVE-2026-6443
9.8 CRITICAL

All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the plugin being sold to a …

Apr 17, 2026
CVE-2026-34018
9.8 CRITICAL

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product.

Apr 17, 2026
CVE-2026-40322
9.0 CRITICAL

SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, Mermaid diagrams are rendered with securityLevel set to "loose", and the resulting …

Apr 16, 2026
CVE-2026-33122
9.8 CRITICAL

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the API datasource update process. When …

Apr 16, 2026
CVE-2026-33082
9.8 CRITICAL

DataEase is an open source data visualization analysis tool. Versions 2.10.20 and below contain a SQL injection vulnerability in the dataset export functionality. The expressionTree …

Apr 16, 2026
CVE-2026-37347
9.1 CRITICAL

SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_employee.php.

Apr 16, 2026
CVE-2026-37345
9.8 CRITICAL

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php.

Apr 16, 2026
CVE-2026-37340
9.8 CRITICAL

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/edit_music.php.

Apr 16, 2026
CVE-2026-37339
9.8 CRITICAL

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_genre.php.

Apr 16, 2026
CVE-2026-37338
9.4 CRITICAL

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_user.php.

Apr 16, 2026
CVE-2026-6270
9.1 CRITICAL

@fastify/middie versions 9.3.1 and earlier do not register inherited middleware directly on child plugin engine instances. When a Fastify application registers authentication middleware in a …

Apr 16, 2026
CVE-2026-31843
9.8 CRITICAL

The goodoneuz/pay-uz Laravel package (<= 2.2.24) contains a critical vulnerability in the /payment/api/editable/update endpoint that allows unauthenticated attackers to overwrite existing PHP payment hook files. …

Apr 16, 2026
CVE-2025-69288
9.1 CRITICAL

Titra is open source project time tracking software. Prior to version 0.99.49, Titra allows any authenticated Admin user to modify the timeEntryRule in the database. …

Dec 31, 2025
CVE-2025-69286
9.8 CRITICAL

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions prior to 0.22.0, the use of an insecure key generation algorithm in the API key …

Dec 31, 2025
CVE-2025-34468
9.8 CRITICAL

libcoap versions up to and including 4.3.5, prior to commit 30db3ea, contain a stack-based buffer overflow in address resolution when attacker-controlled hostname data is copied …

Dec 31, 2025
CVE-2025-15114
9.8 CRITICAL

Ksenia Security lares (legacy model) Home Automation version 1.6 contains a critical security flaw that exposes the alarm system PIN in the 'basisInfo' XML file …

Dec 30, 2025
CVE-2025-15113
9.3 CRITICAL

Ksenia Security lares (legacy model) Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. …

Dec 30, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.