Search

Expected end of text, found '/' (at char 53), (line:1, col:54)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (359242 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-54810 2026-06-17 7.5 High
Missing Authorization vulnerability in Nexi Payments Nexi XPay allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexi XPay: from n/a through 8.3.1.
CVE-2026-22283 2026-06-17 7.5 High
Dell PowerFlex Manager, version(s) Version prior to 4.8, contain(s) an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2026-47340 1 Apache 1 Dolphinscheduler 2026-06-17 6.5 Medium
Allow authenticated users to access alert instances associated with alert groups they do not have permission to access. in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.
CVE-2025-69158 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Granola <= 1.13 versions.
CVE-2025-69189 2026-06-17 7.3 High
Missing Authorization vulnerability in EMV JobBank allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobBank: from n/a through 1.2.3.
CVE-2024-24709 2 Shareaholic, Wordpress 2 Shareaholic, Wordpress 2026-06-17 4.3 Medium
Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shareaholic: from n/a through 9.7.11.
CVE-2026-32967 1 Apache 1 Dolphinscheduler 2026-06-17 6.5 Medium
Incorrect Authorization vulnerability of `/v2` experimental interface in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.
CVE-2026-42357 2026-06-17 6.5 Medium
Incorrect Authorization vulnerability allows users to access workflow instance information belonging to projects they do not have permission to access. This issue affects Apache DolphinScheduler versions prior to 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes this issue.
CVE-2026-32966 2026-06-17 7.5 High
DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.
CVE-2026-22339 2026-06-17 7.1 High
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
CVE-2024-49269 2026-06-17 7.1 High
Unauthenticated Cross Site Scripting (XSS) in my flatonica <= 0.0.8 versions.
CVE-2026-22338 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions.
CVE-2025-59560 2026-06-17 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Sonaar <= 4.27.4 versions.
CVE-2025-69117 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Ingenioso <= 1.14.0 versions.
CVE-2026-22329 2026-06-17 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.
CVE-2025-69161 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Snowy <= 1.13 versions.
CVE-2025-69179 2026-06-17 9.8 Critical
Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions.
CVE-2026-22326 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions.
CVE-2026-22330 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Right Way <= 4.0 versions.
CVE-2026-22332 2026-06-17 9.3 Critical
Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.