CVE Database

110968+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-40487
8.9 HIGH

Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file upload validation bypass allows any authenticated user to upload arbitrary HTML, …

Apr 18, 2026
CVE-2026-35582
8.8 HIGH

Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and below, Executrix.getCommand() is vulnerable to OS command injection because it interpolates temporary file …

Apr 18, 2026
CVE-2026-1838
6.1 MEDIUM

The Hostel plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcode_id' parameter in all versions up to, and including, 1.1.6 due to …

Apr 18, 2026
CVE-2026-1559
6.4 MEDIUM

The Youzify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'checkin_place_id' parameter in all versions up to, and including, 1.3.6 due to …

Apr 18, 2026
CVE-2026-40572
9.0 CRITICAL

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 (MemoryMapRange) allows Ring 3 user-mode …

Apr 18, 2026
CVE-2026-40350
8.8 HIGH

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can access …

Apr 18, 2026
CVE-2026-40317
9.3 CRITICAL

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 (JumpToUser) accepts an arbitrary entry …

Apr 18, 2026
CVE-2026-35465
7.5 HIGH

SecureDrop Client is a desktop app for journalists to securely communicate with sources and handle submissions on the SecureDrop Workstation. In versions 0.17.4 and below, …

Apr 18, 2026
CVE-2026-40593
4.8 MEDIUM

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the User Editor (UserEditor.php) renders stored usernames directly into an HTML input value …

Apr 18, 2026
CVE-2026-40582

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the /api/public/user/login endpoint validates only the username and password before returning the user's …

Apr 18, 2026
CVE-2026-40581
8.1 HIGH

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the family record deletion endpoint (SelectDelete.php) performs permanent, irreversible deletion of family records …

Apr 18, 2026
CVE-2026-40485
5.3 MEDIUM

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the public API login endpoint (/api/public/user/login) returns distinguishable HTTP response codes based on …

Apr 18, 2026
CVE-2026-40484
9.1 CRITICAL

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from …

Apr 18, 2026
CVE-2026-40483
5.4 MEDIUM

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the Pledge Editor renders donation comment values directly into HTML input value attributes …

Apr 18, 2026
CVE-2026-40482

ChurchCRM is an open-source church management system. Versions prior to 7.2.0 have SQL injection in FinancialService::getMemberByScanString() via unsanitized $routeAndAccount concatenated into raw SQL. This issue …

Apr 18, 2026
CVE-2026-40480

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the GET /api/person/{personId} endpoint loads and returns person records without performing object-level authorization …

Apr 18, 2026
CVE-2026-40349
8.8 HIGH

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can escalate …

Apr 18, 2026
CVE-2026-40348
7.7 HIGH

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger …

Apr 18, 2026
CVE-2026-40347
5.3 MEDIUM

Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted `multipart/form-data` requests with large …

Apr 18, 2026
CVE-2026-40346
6.5 MEDIUM

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.37, NocoBase's workflow HTTP request plugin and custom request …

Apr 18, 2026
CVE-2026-40341
3.5 LOW

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptp_unpack_EOS_FocusInfoEx could be used …

Apr 18, 2026
CVE-2026-40340
6.1 MEDIUM

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read vulnerability in `ptp_unpack_OI()` in `camlibs/ptp2/ptp-pack.c` (lines 530–563). …

Apr 18, 2026
CVE-2026-40339
5.2 MEDIUM

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in `ptp_unpack_Sony_DPD()` in `camlibs/ptp2/ptp-pack.c` (line 842). The …

Apr 18, 2026
CVE-2026-40338
5.2 MEDIUM

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in the PTP_DPFF_Enumeration case of `ptp_unpack_Sony_DPD()` in …

Apr 18, 2026
CVE-2026-40337
5.1 MEDIUM

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or …

Apr 18, 2026
CVE-2026-40336
2.4 LOW

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have a memory leak in `ptp_unpack_Sony_DPD()` in `camlibs/ptp2/ptp-pack.c` (lines 884–885). When …

Apr 18, 2026
CVE-2026-40335
5.2 MEDIUM

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in `ptp_unpack_DPV()` in `camlibs/ptp2/ptp-pack.c` (lines 622–629). The …

Apr 18, 2026
CVE-2026-40334
3.5 LOW

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing null terminator exists in ptp_unpack_Canon_FE() in camlibs/ptp2/ptp-pack.c (line …

Apr 18, 2026
CVE-2026-40333
6.1 MEDIUM

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no …

Apr 18, 2026
CVE-2026-40324
9.1 CRITICAL

Hot Chocolate is an open-source GraphQL server. Prior to versions 12.22.7, 13.9.16, 14.3.1, and 15.1.14, Hot Chocolate's recursive descent parser `Utf8GraphQLParser` has no recursion depth …

Apr 18, 2026
CVE-2026-40323
7.5 HIGH

SP1 is a zero‑knowledge virtual machine that proves the correct execution of programs compiled for the RISC-V architecture. In versions 6.0.0 through 6.0.2, a soundness …

Apr 18, 2026
CVE-2026-2262
7.5 HIGH

The Easy Appointments plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.12.21 via the `/wp-json/wp/v2/eablocks/ea_appointments/` REST API …

Apr 18, 2026
CVE-2026-5250

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Apr 17, 2026
CVE-2026-40486
4.3 MEDIUM

Kimai is an open-source time tracking application. In versions 2.52.0 and below, the User Preferences API endpoint (PATCH /api/users/{id}/preferences) applies submitted preference values without checking …

Apr 17, 2026
CVE-2026-40481
7.5 HIGH

monetr is a budgeting application for recurring expenses. In versions 1.12.3 and below, the public Stripe webhook endpoint buffers the entire request body into memory …

Apr 17, 2026
CVE-2026-40479
5.4 MEDIUM

Kimai is an open-source time tracking application. In versions 1.16.3 through 2.52.0, the escapeForHtml() function in KimaiEscape.js does not escape double quote or single quote …

Apr 17, 2026
CVE-2026-2434
6.4 MEDIUM

The Pz-LinkCard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blogcard' shortcode attributes in all versions up to, and including, 2.5.8.1 due …

Apr 17, 2026
CVE-2026-5720
9.1 CRITICAL

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending …

Apr 17, 2026
CVE-2026-40478
9.0 CRITICAL

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the the expression …

Apr 17, 2026
CVE-2026-40477
9.0 CRITICAL

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the expression execution …

Apr 17, 2026
CVE-2026-40476

graphql-go is a Go implementation of GraphQL. In versions 15.31.4 and below, the OverlappingFieldsCanBeMerged validation rule performs O(n²) pairwise comparisons of fields sharing the same …

Apr 17, 2026
CVE-2026-40474
7.6 HIGH

wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the GymConfigUpdateView declares permission_required = 'config.change_gymconfig' but inherits WgerFormMixin instead of …

Apr 17, 2026
CVE-2026-40353
5.4 MEDIUM

wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the attribution_link property in AbstractLicenseModel constructs HTML by directly interpolating user-controlled …

Apr 17, 2026
CVE-2026-40352
8.8 HIGH

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password change endpoint is vulnerable to NoSQL injection. An authenticated attacker can …

Apr 17, 2026
CVE-2026-40351
9.8 CRITICAL

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an …

Apr 17, 2026
CVE-2026-40321
8.0 HIGH

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 10.2.2, a user could upload a specially …

Apr 17, 2026
CVE-2026-40306
6.5 MEDIUM

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. All new installations of DNN 10.x.x - 10.2.1 have the …

Apr 17, 2026
CVE-2026-40305
4.3 MEDIUM

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Starting in version 6.0.0 and prior to version 10.2.2, in …

Apr 17, 2026
CVE-2026-40304
5.3 MEDIUM

zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the unaccess handler (controller/unaccess.go) contains a logical error in its …

Apr 17, 2026
CVE-2026-40258
9.1 CRITICAL

The Gramps Web API is a Python REST API for the genealogical research software Gramps. Versions 1.6.0 through 3.11.0 have a path traversal vulnerability (Zip …

Apr 17, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.