CVE Database

36500+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-5396
8.2 HIGH

The Fluent Forms plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 6.1.21. This is due …

May 14, 2026
CVE-2026-1659
7.5 HIGH

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have …

May 14, 2026
CVE-2025-14870
7.5 HIGH

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have …

May 14, 2026
CVE-2025-14869
7.5 HIGH

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have …

May 14, 2026
CVE-2026-46446
7.1 HIGH

SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to c_password = '%@' in …

May 14, 2026
CVE-2026-46445
7.1 HIGH

SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection.

May 14, 2026
CVE-2026-46419
7.5 HIGH

Yubico webauthn-server-core (aka java-webauthn-server) 2.8.0 before 2.8.2 incorrectly checks a function's return value in the second factor flow, leading to impersonation.

May 14, 2026
CVE-2026-32991
7.1 HIGH

Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account.

May 13, 2026
CVE-2026-29206
8.1 HIGH

Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled.

May 13, 2026
CVE-2026-44478
7.5 HIGH

hoppscotch is an open source API development ecosystem. The fix for CVE-2026-28215 in version 2026.2.0 addresses the unauthenticated POST /v1/onboarding/config endpoint by checking onboardingCompleted and …

May 13, 2026
CVE-2026-44471
7.8 HIGH

gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, …

May 13, 2026
CVE-2026-44447
8.8 HIGH

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.0, some endpoints were vulnerable to SQL injection through specially crafted requests, …

May 13, 2026
CVE-2026-44446
8.8 HIGH

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.104.3 and 16.14.0, some endpoints were vulnerable to SQL injection through specially …

May 13, 2026
CVE-2026-42463
8.1 HIGH

SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR (Insecure Direct Object Reference) …

May 13, 2026
CVE-2026-32993
8.3 HIGH

Improper sanitization of the `status` query parameter of the `/unprotected/nova_error` endpoint allows unauthenticated attacker to inject arbitrary HTTP header to the response.

May 13, 2026
CVE-2026-32992
8.2 HIGH

SSL verification is disabled in the DNS Cluster system. This could allow for a malicious server to man-in-the-middle the request and capture credentials.

May 13, 2026
CVE-2026-29205
8.6 HIGH

Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints.

May 13, 2026
CVE-2026-45708
7.2 HIGH

CubeCart is an ecommerce software solution. Prior to 6.7.3, an admin with documents edit permission can save raw <?php … ?> into the Invoice Editor. …

May 13, 2026
CVE-2026-45229
8.8 HIGH

Quark Drive before 0.8.5 contains a mass assignment vulnerability in the POST /update endpoint that allows authenticated attackers to overwrite administrator credentials by posting an …

May 13, 2026
CVE-2026-45055
8.1 HIGH

CubeCart is an ecommerce software solution. Prior to 6.7.2, CubeCart 6.6.x – 6.7.1 builds CC_STORE_URL directly from the Host request header at bootstrap, with no …

May 13, 2026
CVE-2026-44380
7.2 HIGH

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, an improper access control vulnerability in the authentication key reset functionality allowed …

May 13, 2026
CVE-2026-42602
8.1 HIGH

azureauthextension is the Azure Authenticator Extension. From 0.124.0 to 0.150.0, a server-side authentication bypass in azureauthextension allows any party who holds a single valid Azure …

May 13, 2026
CVE-2026-42561
7.5 HIGH

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.27, python-multipart has a denial of service vulnerability in multipart part header parsing. When parsing …

May 13, 2026
CVE-2026-42304
7.5 HIGH

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service (DoS) …

May 13, 2026
CVE-2026-39358
7.2 HIGH

CubeCart is an ecommerce software solution. Prior to 6.6.0, Authenticated Time-Based Blind SQL Injection vulnerabilities were identified in the sorting parameters (sort[price], sort_activity, sort_admin, and …

May 13, 2026
CVE-2026-21821
8.3 HIGH

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no …

May 13, 2026
CVE-2025-27853
7.3 HIGH

The locally served web site on the Garmin WDU (v1 1.4.6 and v2 5.0) allows its authentication to be bypassed. The WDU web site only …

May 13, 2026
CVE-2025-27850
7.5 HIGH

The locally served web site on the Garmin WDU (v1 1.4.6 and v2 5.0) allows a symlink attack. If a malicious graphics package containing symlinks …

May 13, 2026
CVE-2026-42552
7.5 HIGH

Flight is an extensible micro-framework for PHP. Prior to 3.18.1, the default error handler Engine::_error() writes the full exception message, exception code, and stack trace …

May 13, 2026
CVE-2026-42551
7.5 HIGH

Flight is an extensible micro-framework for PHP. Prior to 3.18.1, Request::getMethod() unconditionally honors the X-HTTP-Method-Override header and the $_REQUEST['_method'] parameter on any HTTP verb (including …

May 13, 2026
CVE-2026-42550
8.8 HIGH

Flight is an extensible micro-framework for PHP. Prior to 3.18.1, SimplePdo::insert(), SimplePdo::update(), and SimplePdo::delete() build SQL statements by concatenating the $table argument and the keys …

May 13, 2026
CVE-2026-33377
7.1 HIGH

An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard. The user must have write access to the …

May 13, 2026
CVE-2026-33376
7.4 HIGH

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate …

May 13, 2026
CVE-2026-42587
7.5 HIGH

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer size and prevent …

May 13, 2026
CVE-2026-42584
7.3 HIGH

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll() once …

May 13, 2026
CVE-2026-42583
7.5 HIGH

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocates a ByteBuf of size decompressedLength (up to 32 MB per …

May 13, 2026
CVE-2026-42582
7.5 HIGH

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final, when decoding header blocks, the non-Huffman branch of io.netty.handler.codec.http3.QpackDecoder#decodeHuffmanEncodedLiteral may execute new byte[length] for …

May 13, 2026
CVE-2026-42579
7.5 HIGH

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's DNS codec does not enforce RFC 1035 domain name constraints during …

May 13, 2026
CVE-2026-42578
7.5 HIGH

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The …

May 13, 2026
CVE-2026-42577
7.5 HIGH

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive …

May 13, 2026
CVE-2026-41132
7.4 HIGH

CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, the configured SMTP server may …

May 13, 2026
CVE-2026-33583
8.7 HIGH

Exposure of the QKEY (used as input into the ‘OTA-Quantum’ device registration process) and internal system keys via an unauthenticated and unencrypted HTTP GET method …

May 13, 2026
CVE-2026-30906
7.8 HIGH

Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege …

May 13, 2026
CVE-2026-30905
7.8 HIGH

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to …

May 13, 2026
CVE-2026-45109
7.5 HIGH

Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix addressing CVE-2026-44575 …

May 13, 2026
CVE-2026-44579
7.5 HIGH

Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature …

May 13, 2026
CVE-2026-44578
8.6 HIGH

Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can …

May 13, 2026
CVE-2026-44004
7.5 HIGH

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, sandboxed code can call Buffer.alloc() with an arbitrary size to allocate memory directly on …

May 13, 2026
CVE-2026-44001
8.6 HIGH

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox escape vulnerability in vm2 v3.10.5 allows any sandboxed code to crash the …

May 13, 2026
CVE-2026-43998
8.5 HIGH

vm2 is an open source vm/sandbox for Node.js. In 3.10.5, NodeVM's require.root path restriction can be bypassed using filesystem symlinks, allowing sandboxed code to load …

May 13, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.