CVE Database

110968+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-7022
7.3 HIGH

A security vulnerability has been detected in SmythOS sre up to 0.0.15. Affected is the function AgentRuntime of the file packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts of the component HTTP …

Apr 26, 2026
CVE-2026-7021
3.5 LOW

A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. …

Apr 26, 2026
CVE-2026-7020
3.7 LOW

A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model …

Apr 26, 2026
CVE-2026-7019
8.8 HIGH

A vulnerability was identified in Tenda F456 1.0.0.5. The impacted element is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument menufacturer/Go …

Apr 26, 2026
CVE-2026-7018
5.6 MEDIUM

A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT …

Apr 26, 2026
CVE-2026-7016
2.4 LOW

A vulnerability was found in MaxSite CMS up to 109.3. Impacted is an unknown function of the component ushki Plugin. Performing a manipulation of the …

Apr 26, 2026
CVE-2026-42255
7.2 HIGH

Technitium DNS Server before 15.0 allows DNS traffic amplification via cyclic name server delegation.

Apr 26, 2026
CVE-2026-7015
2.4 LOW

A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of …

Apr 26, 2026
CVE-2026-7014
2.4 LOW

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component down_count Plugin. This manipulation of the …

Apr 26, 2026
CVE-2026-7013
2.4 LOW

A security vulnerability has been detected in MaxSite CMS up to 109.3. Affected by this issue is some unknown functionality of the component mail_send Plugin. …

Apr 26, 2026
CVE-2026-42254
4.0 MEDIUM

Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response.

Apr 26, 2026
CVE-2026-7012
2.4 LOW

A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument …

Apr 26, 2026
CVE-2026-7011
2.4 LOW

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/plugin_antispam of the …

Apr 26, 2026
CVE-2026-7002
7.3 HIGH

A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get_message_ajax.php of the component Private Message Handler. …

Apr 25, 2026
CVE-2026-7001
2.4 LOW

A vulnerability was found in Datacom DM4100 1.3.6.1.4.1.3709. This affects an unknown part of the component Ethernet Configuration Page. Performing a manipulation of the argument …

Apr 25, 2026
CVE-2026-7000
2.4 LOW

A vulnerability has been found in Datacom DM4100 1.3.6.1.4.1.3709. Affected by this issue is some unknown functionality of the component VLAN Page. Such manipulation of …

Apr 25, 2026
CVE-2026-6999
2.4 LOW

A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of …

Apr 25, 2026
CVE-2026-6998
2.4 LOW

A vulnerability was detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. Affected is an unknown function of the component New RMON Statistics Page. The manipulation …

Apr 25, 2026
CVE-2026-6997
2.4 LOW

A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This impacts an unknown function of the component New RMON History Page. …

Apr 25, 2026
CVE-2026-6996
2.4 LOW

A weakness has been identified in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This affects an unknown function of the component rmon event Tab. Executing a …

Apr 25, 2026
CVE-2026-6995
2.4 LOW

A security flaw has been discovered in BDCOM P3310D 0.4.2 10.1.0F Build 86345. The impacted element is an unknown function of the file /index.asp of …

Apr 25, 2026
CVE-2026-6994
6.3 MEDIUM

A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header_mutation/header_mutation.cc of the component Query Parameter Handler. …

Apr 25, 2026
CVE-2026-6993
5.3 MEDIUM

A security flaw has been discovered in go-kratos kratos up to 2.9.2. This impacts the function NewServer of the file transport/http/server.go of the component http.DefaultServeMux …

Apr 25, 2026
CVE-2026-6992
7.2 HIGH

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. The manipulation …

Apr 25, 2026
CVE-2026-6991
6.3 MEDIUM

A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the component CUID …

Apr 25, 2026
CVE-2026-6990
3.5 LOW

A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument …

Apr 25, 2026
CVE-2026-6989
6.3 MEDIUM

A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. …

Apr 25, 2026
CVE-2026-6988
8.8 HIGH

A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This …

Apr 25, 2026
CVE-2026-6987
7.3 HIGH

A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management Plane. …

Apr 25, 2026
CVE-2026-6986
3.7 LOW

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component …

Apr 25, 2026
CVE-2026-6985
5.3 MEDIUM

A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the component TCP …

Apr 25, 2026
CVE-2026-6984
4.7 MEDIUM

A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function create_template of the file astrbot/dashboard/routes/t2i.py of the component Dashboard …

Apr 25, 2026
CVE-2026-6983
4.7 MEDIUM

A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the …

Apr 25, 2026
CVE-2026-6982
6.3 MEDIUM

A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this vulnerability is an unknown functionality of the file server/Application/Api/Controller/PageController.class.PHP of the component …

Apr 25, 2026
CVE-2026-6981
6.3 MEDIUM

A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e4b77fd7d48ed811ffe5b8d222068c17c76495e. Affected is the function connect_stream_endpoint/sync_agents of the file AiraHub.py of the component Endpoint. Performing a …

Apr 25, 2026
CVE-2026-6980
7.3 HIGH

A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. This impacts the function repo_path of the file main.py. Such manipulation of the argument …

Apr 25, 2026
CVE-2026-6979
6.3 MEDIUM

A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request …

Apr 25, 2026
CVE-2026-6978
4.7 MEDIUM

A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars_decode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument …

Apr 25, 2026
CVE-2026-6977
7.3 HIGH

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. …

Apr 25, 2026
CVE-2026-31685
9.4 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets `eui64_mt6()` derives a modified EUI-64 from …

Apr 25, 2026
CVE-2026-31684
5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: net: sched: act_csum: validate nested VLAN headers tcf_csum_act() walks nested VLAN headers directly from skb->data …

Apr 25, 2026
CVE-2026-31683
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled …

Apr 25, 2026
CVE-2026-31682
9.1 CRITICAL

In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before parsing ND options br_nd_send() parses neighbour discovery options from ns->opt[] …

Apr 25, 2026
CVE-2026-31681
5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_multiport: validate range encoding in checkentry ports_match_v1() treats any non-zero pflags entry as the …

Apr 25, 2026
CVE-2026-31680
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: flowlabel: defer exclusive option free until RCU teardown `ip6fl_seq_show()` walks the global flowlabel …

Apr 25, 2026
CVE-2026-31679
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: openvswitch: validate MPLS set/set_masked payload length validate_set() accepted OVS_KEY_ATTR_MPLS as variable-sized payload for SET/SET_MASKED actions. …

Apr 25, 2026
CVE-2026-31678
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdev_put to RCU release ovs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already detached the …

Apr 25, 2026
CVE-2026-31677
5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - limit RX SG extraction by receive buffer budget Make af_alg_get_rsgl() limit each …

Apr 25, 2026
CVE-2026-31676
7.5 HIGH

In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection …

Apr 25, 2026
CVE-2026-31675
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_netem: fix out-of-bounds access in packet corruption In netem_enqueue(), the packet corruption logic uses …

Apr 25, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.