CVE Database

108577+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-35296
9.8 CRITICAL

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable …

Jun 17, 2026
CVE-2026-35295
7.5 HIGH

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Difficult to …

Jun 17, 2026
CVE-2026-35294
9.9 CRITICAL

Vulnerability in the Identity Manager Connector product of Oracle Fusion Middleware (component: Mainframe Connectors). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable …

Jun 17, 2026
CVE-2026-35293
9.8 CRITICAL

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability …

Jun 17, 2026
CVE-2026-35292
10.0 CRITICAL

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows …

Jun 17, 2026
CVE-2026-35291
6.6 MEDIUM

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Difficult to exploit vulnerability …

Jun 17, 2026
CVE-2026-35289
8.1 HIGH

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Deployment Package). Supported versions that are affected are 8.61 and 8.62. Difficult to …

Jun 17, 2026
CVE-2026-35288
8.2 HIGH

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Deployment Package). Supported versions that are affected are 8.61 and 8.62. Easily exploitable …

Jun 17, 2026
CVE-2026-35286
9.8 CRITICAL

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable …

Jun 17, 2026
CVE-2026-35285
9.9 CRITICAL

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily …

Jun 17, 2026
CVE-2026-35284
9.9 CRITICAL

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily …

Jun 17, 2026
CVE-2026-35283
9.9 CRITICAL

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily …

Jun 17, 2026
CVE-2026-35282
9.9 CRITICAL

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily …

Jun 17, 2026
CVE-2026-35281
9.9 CRITICAL

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily …

Jun 17, 2026
CVE-2026-35280
9.9 CRITICAL

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily …

Jun 17, 2026
CVE-2026-35279
8.1 HIGH

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Performance Monitor). Supported versions that are affected are 8.61 and 8.62. Difficult to …

Jun 17, 2026
CVE-2026-35278
9.8 CRITICAL

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Performance Monitor). Supported versions that are affected are 8.61 and 8.62. Easily exploitable …

Jun 17, 2026
CVE-2026-35276
8.1 HIGH

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Application Server). Supported versions that are affected are 8.61 and 8.62. Difficult to …

Jun 17, 2026
CVE-2026-35275
7.5 HIGH

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Shared Folders). The supported version that is affected is 7.2.8. Difficult to exploit vulnerability …

Jun 17, 2026
CVE-2026-35274
8.2 HIGH

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Deployment Package). Supported versions that are affected are 8.61 and 8.62. Easily exploitable …

Jun 17, 2026
CVE-2026-35272
8.4 HIGH

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Deployment Package). Supported versions that are affected are 8.61 and 8.62. Easily exploitable …

Jun 17, 2026
CVE-2026-35271
8.7 HIGH

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Weblogic). Supported versions that are affected are 8.61 and 8.62. Difficult to exploit …

Jun 17, 2026
CVE-2026-35270
9.1 CRITICAL

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable …

Jun 17, 2026
CVE-2026-35269
7.5 HIGH

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability …

Jun 17, 2026
CVE-2026-35268
9.9 CRITICAL

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows …

Jun 17, 2026
CVE-2026-35267
8.8 HIGH

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability …

Jun 17, 2026
CVE-2026-35265
8.8 HIGH

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Security). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows …

Jun 17, 2026
CVE-2026-35263
9.9 CRITICAL

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows …

Jun 17, 2026
CVE-2026-35262
8.3 HIGH

Vulnerability in the Oracle Data Integrator product of Oracle Fusion Middleware (component: Market Place). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable …

Jun 17, 2026
CVE-2026-35261
6.5 MEDIUM

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable …

Jun 17, 2026
CVE-2026-35259
8.8 HIGH

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows …

Jun 17, 2026
CVE-2026-35258
8.7 HIGH

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows …

Jun 17, 2026
CVE-2026-12348
7.4 HIGH

Address bar spoofing in Arc Search for Android allows a remote attacker to display a trusted domain in the address bar while rendering attacker-controlled content, …

Jun 17, 2026
CVE-2026-48777

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in …

Jun 16, 2026
CVE-2026-47750
7.8 HIGH

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In versions prior to master-584-0a7ae07, …

Jun 16, 2026
CVE-2026-47747
7.8 HIGH

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In versions prior to master-584-0a7ae07, …

Jun 16, 2026
CVE-2026-46448
5.4 MEDIUM

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation.

Jun 16, 2026
CVE-2026-22313
9.1 CRITICAL

The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability …

Jun 16, 2026
CVE-2026-22312
8.6 HIGH

The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to …

Jun 16, 2026
CVE-2026-12425

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting (XSS). This issue affects …

Jun 16, 2026
CVE-2026-12117
4.3 MEDIUM

Improper access control in the social login connection endpoint in Devolutions Server 2026.2.5 allows an authenticated vault member to enumerate social login entry metadata to …

Jun 16, 2026
CVE-2026-12105
6.5 MEDIUM

Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to access attachments via folder duplication with inherited permissions.

Jun 16, 2026
CVE-2026-11890
4.3 MEDIUM

Improper access control in PAM account discovery results in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to retrieve account discovery scan results.

Jun 16, 2026
CVE-2026-10303
7.4 HIGH

In ServerCo getssl version 2.49 and prior, the ACME challenge token returned to the client was not strictly validated against RFC 8555 before being used …

Jun 16, 2026
CVE-2026-0165
5.7 MEDIUM

In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote …

Jun 16, 2026
CVE-2026-0164
8.8 HIGH

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no …

Jun 16, 2026
CVE-2026-0162
8.8 HIGH

In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution …

Jun 16, 2026
CVE-2026-0161
8.8 HIGH

In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege …

Jun 16, 2026
CVE-2026-0160
8.8 HIGH

In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution …

Jun 16, 2026
CVE-2026-0158
3.3 LOW

In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with …

Jun 16, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.