CVE Database

108042+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-13555
7.3 HIGH

A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/mod_users/controller.php?action=add. The manipulation …

Jun 29, 2026
CVE-2026-13554
4.3 MEDIUM

A vulnerability has been found in itsourcecode Online Hotel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/mod_amenities/controller.php?action=add of …

Jun 29, 2026
CVE-2026-13553
7.3 HIGH

A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/mod_amenities/controller.php?action=add. Executing a manipulation of …

Jun 29, 2026
CVE-2026-13552
7.3 HIGH

A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/mod_amenities/controller.php?action=edit. Performing a manipulation of the …

Jun 29, 2026
CVE-2026-9267

Eclipse tinydtls before commit b3efd41ad111a4920f599f51ffa4f5e9f1e72221 contains an out-of-bounds read vulnerability in the check_server_certificate() function that allows unauthenticated attackers to trigger reads beyond valid buffer boundaries …

Jun 29, 2026
CVE-2026-57966
4.4 MEDIUM

A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on …

Jun 29, 2026
CVE-2026-57965
5.1 MEDIUM

A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This vulnerability …

Jun 29, 2026
CVE-2026-57676
4.3 MEDIUM

Authorization Bypass Through User-Controlled Key vulnerability in Matteo Manna Simple User Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple User …

Jun 29, 2026
CVE-2026-22078
7.3 HIGH

Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel.

Jun 29, 2026
CVE-2026-13595
6.8 MEDIUM

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a …

Jun 29, 2026
CVE-2026-13551
7.3 HIGH

A security vulnerability has been detected in itsourcecode Baptism Information Management System 1.0. This affects an unknown function of the file /editBaptism.php. Such manipulation of …

Jun 29, 2026
CVE-2026-13550
7.3 HIGH

A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /delbaptism.php. This manipulation …

Jun 29, 2026
CVE-2026-13549
5.4 MEDIUM

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the …

Jun 29, 2026
CVE-2026-13548
6.3 MEDIUM

A vulnerability was identified in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /doctortimings.php. The manipulation of the argument editid …

Jun 29, 2026
CVE-2026-13547
7.3 HIGH

A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of …

Jun 29, 2026
CVE-2026-13546
7.3 HIGH

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. …

Jun 29, 2026
CVE-2026-13545
8.8 HIGH

A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub_400E40 of the file setconf.cgi of the component POST Parameter Handler. Such …

Jun 29, 2026
CVE-2026-9676
4.3 MEDIUM

The F4 Post Tree WordPress plugin before 2.0.5 does not perform capability checks or CSRF/nonce verification on one of its AJAX actions, allowing authenticated users …

Jun 29, 2026
CVE-2026-13544
6.3 MEDIUM

A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown functionality of the file /api/users of the …

Jun 29, 2026
CVE-2026-13543
5.6 MEDIUM

A vulnerability was detected in Documenso up to 2.11.0. Affected by this vulnerability is an unknown functionality of the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts of the component Google …

Jun 29, 2026
CVE-2026-13542
6.3 MEDIUM

A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /doctorprofile.php. The manipulation of the …

Jun 29, 2026
CVE-2026-13541
6.3 MEDIUM

A weakness has been identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /doctorchangepassword.php. Executing a manipulation of the …

Jun 29, 2026
CVE-2026-13540
6.3 MEDIUM

A security flaw has been discovered in GitBucket up to 4.46.1. This affects the function Git.cloneRepository.setURI of the file src/main/scala/gitbucket/core/service/RepositoryCreationService.scala. Performing a manipulation of the …

Jun 29, 2026
CVE-2026-13539
8.8 HIGH

A vulnerability was identified in Wavlink WL-NU516U1-A M16U1_V240425. The impacted element is the function sub_407504 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. …

Jun 29, 2026
CVE-2026-10083
7.5 HIGH

The APCu Manager WordPress plugin before 4.5.0 does not escape APCu object-cache keys before rendering them in an admin-area page, leading to a Stored Cross-Site …

Jun 29, 2026
CVE-2025-7386
6.8 MEDIUM

Information exposure vulnerability in Hitachi Storage Navigator. This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN …

Jun 29, 2026
CVE-2025-2902
8.3 HIGH

Improper Authorization Vulnerability of Maintenance Utility in Hitachi Virtual Storage Platform. This issue affects Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, …

Jun 29, 2026
CVE-2025-0824
3.7 LOW

Lack of validation for firmware update in Hitachi Hitachi Virtual Storage Platform One Block 23, 24, 26, 28. This issue affects Hitachi Virtual Storage Platform …

Jun 29, 2026
CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agp_amd64_probe() A NULL pointer dereference was observed in the …

Jun 29, 2026
CVE-2026-13538
6.3 MEDIUM

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1_V240425. The affected element is the function sub_401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. …

Jun 29, 2026
CVE-2026-13537
4.3 MEDIUM

A vulnerability was found in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function. The manipulation results in cross-site request forgery. The attack …

Jun 29, 2026
CVE-2026-13536
4.3 MEDIUM

A vulnerability has been found in GotoHTTP up to 10.2. This issue affects some unknown processing of the file /reg.12x. The manipulation of the argument …

Jun 29, 2026
CVE-2026-13535
6.3 MEDIUM

A flaw has been found in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function GetFileInfo of the file hrsystem/application/models/Employee_model.php of the component …

Jun 29, 2026
CVE-2026-13534
5.0 MEDIUM

A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. …

Jun 29, 2026
CVE-2026-13533
5.3 MEDIUM

A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml …

Jun 29, 2026
CVE-2026-13532
6.3 MEDIUM

A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /departmentDoctor.php. This manipulation …

Jun 29, 2026
CVE-2026-13531
6.3 MEDIUM

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /department.php. The manipulation of the …

Jun 29, 2026
CVE-2026-13530
6.3 MEDIUM

A vulnerability was identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /appointmentdetail.php of the component Appointment Handler. The …

Jun 29, 2026
CVE-2026-13529
5.6 MEDIUM

A vulnerability was determined in YzmCMS up to 7.5. This affects an unknown function of the file /application/install/index.php. Executing a manipulation of the argument siteurl …

Jun 29, 2026
CVE-2026-13528
7.3 HIGH

A vulnerability was found in YunaiV/zhijiantianya ruoyi-vue-pro up to 2026.04-jdk8-SNAPSHOT. The impacted element is the function generateUploadPath of the file yudao-module-infra/src/main/java/cn/iocoder/yudao/module/infra/service/file/FileServiceImpl.java of the component AppFileController …

Jun 29, 2026
CVE-2026-13527
7.3 HIGH

A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0. The affected element is an unknown function of the file /preview4.php. Such …

Jun 29, 2026
CVE-2026-13526
7.3 HIGH

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_class.php. This manipulation of …

Jun 29, 2026
CVE-2026-13525
6.3 MEDIUM

A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employee_model.php of the component Update_Earn_Leave …

Jun 29, 2026
CVE-2026-13524
5.6 MEDIUM

A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP …

Jun 29, 2026
CVE-2026-13523
3.3 LOW

A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Executing …

Jun 29, 2026
CVE-2026-13522
4.3 MEDIUM

A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of the file SlimPDFReader.exe of …

Jun 29, 2026
CVE-2026-13521
7.3 HIGH

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php. Affected by this vulnerability is an unknown functionality of the file /preview5.php. Such …

Jun 29, 2026
CVE-2026-13520
6.3 MEDIUM

A vulnerability was determined in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /appointmentapproval.php of the component Appointment Handler. This …

Jun 29, 2026
CVE-2026-13519
8.8 HIGH

A vulnerability was found in Tenda JD12L 16.03.53.23. This impacts the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page results in …

Jun 29, 2026
CVE-2026-13518
8.8 HIGH

A vulnerability has been found in Tenda JD12L 16.03.53.23. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads …

Jun 29, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.