Data\ CVEs and Security Vulnerabilities

Search

Expected end of text, found ':' (at char 32), (line:1, col:33)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (358142 CVEs found)

Export CSV

CVE	Updated	CVSS v3.1
CVE-2026-39591	2026-06-15	9.9 Critical
Subscriber Arbitrary File Upload in WP-BusinessDirectory <= 4.0.0 versions.
CVE-2026-39587	2026-06-15	8.1 High
Unauthenticated Privilege Escalation in WP BASE Booking <= 5.9.0 versions.
CVE-2026-39584	2026-06-15	6.5 Medium
Subscriber Broken Access Control in RepairBuddy <= 4.1132 versions.
CVE-2026-39583	2026-06-15	9.8 Critical
Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery <= 2.6.62 versions.
CVE-2026-39579	2026-06-15	8.8 High
Contributor Privilege Escalation in B Blocks <= 2.0.31 versions.
CVE-2026-39540	2026-06-15	6.5 Medium
Subscriber Cross Site Scripting (XSS) in Shipment Tracker for Woocommerce <= 1.5.3.2 versions.
CVE-2026-39534	2026-06-15	7.5 High
Unauthenticated Broken Access Control in WP Directory Kit <= 1.5.0 versions.
CVE-2026-39533	2026-06-15	7.5 High
Unauthenticated Broken Access Control in AWP Classifieds <= 4.4.4 versions.
CVE-2026-39532	2026-06-15	8.8 High
Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions.
CVE-2026-39530	2026-06-15	9.3 Critical
Unauthenticated SQL Injection in SpeakOut! Email Petitions <= 4.6.5 versions.
CVE-2026-39527	2026-06-15	5.4 Medium
Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions.
CVE-2026-39525	2026-06-15	6.5 Medium
Unauthenticated Broken Access Control in Booking Activities <= 1.16.48.1 versions.
CVE-2026-39524	2026-06-15	7.5 High
Unauthenticated Broken Access Control in Masteriyo - LMS <= 2.1.5 versions.
CVE-2026-39519	2026-06-15	9.3 Critical
Unauthenticated SQL Injection in GeekyBot <= 1.2.0 versions.
CVE-2026-39518	2026-06-15	7.1 High
Subscriber Insecure Direct Object References (IDOR) in EventPrime <= 4.3.0.0 versions.
CVE-2026-39515	2026-06-15	6.5 Medium
Subscriber Broken Access Control in Motors < 1.4.107 versions.
CVE-2026-39514	2026-06-15	7.1 High
Unauthenticated Cross Site Scripting (XSS) in Paid Member Subscriptions <= 2.17.3 versions.
CVE-2026-39513	2026-06-15	7.5 High
Unauthenticated Broken Access Control in Easy Appointments <= 3.12.21 versions.
CVE-2026-39512	2026-06-15	9.3 Critical
Unauthenticated SQL Injection in GeoDirectory <= 2.8.152 versions.
CVE-2026-39511	2026-06-15	9.3 Critical
Unauthenticated SQL Injection in WP Photo Album Plus <= 9.1.08.001 versions.

« first previous Page 10 of 17908. next last »