1-click Login\ CVEs and Security Vulnerabilities

Export limit exceeded: 359276 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 27), (line:1, col:28)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (359276 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-48868			2026-06-15	7.5 High
Unauthenticated Insecure Direct Object References (IDOR) in Simple Shopping Cart <= 5.2.9 versions.
CVE-2026-45441			2026-06-15	7.5 High
Unauthenticated Other Vulnerability Type in WpEvently <= 5.3.3 versions.
CVE-2026-42662			2026-06-15	6.5 Medium
Unauthenticated Bypass Vulnerability in Event Tickets <= 5.27.5 versions.
CVE-2026-42381			2026-06-15	9.3 Critical
Unauthenticated SQL Injection in Funnel Builder by FunnelKit <= 3.15.0.1 versions.
CVE-2026-42378			2026-06-15	6.5 Medium
Subscriber Broken Authentication in WP Full Stripe Free <= 8.4.1 versions.
CVE-2026-40796			2026-06-15	6.5 Medium
Subscriber Sensitive Data Exposure in WPPizza <= 3.19.9 versions.
CVE-2026-40776			2026-06-15	7.5 High
Unauthenticated Broken Access Control in WP Event SOlution <= 4.1.8 versions.
CVE-2026-40775			2026-06-15	7.3 High
Unauthenticated Broken Access Control in Royal MCP <= 1.4.2 versions.
CVE-2026-40773			2026-06-15	6.5 Medium
Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions.
CVE-2026-40772			2026-06-15	10 Critical
Unauthenticated Arbitrary File Upload in GeekyBot <= 1.2.2 versions.
CVE-2026-40741			2026-06-15	7.5 High
Unauthenticated Broken Access Control in Redsys for WooCommerce Light <= 7.0.0 versions.
CVE-2026-39591			2026-06-15	9.9 Critical
Subscriber Arbitrary File Upload in WP-BusinessDirectory <= 4.0.0 versions.
CVE-2026-42909	1 Microsoft	30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more	2026-06-15	7.5 High
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-39507			2026-06-15	7.1 High
Unauthenticated Cross Site Scripting (XSS) in Social Slider Feed <= 2.3.2 versions.
CVE-2026-39492			2026-06-15	9.3 Critical
Unauthenticated SQL Injection in WP Maps <= 4.9.1 versions.
CVE-2026-9691			2026-06-15	9.8 Critical
Unauthenticated PHP Object Injection in Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 versions.
CVE-2026-11931	1 Aws	1 Kiro Ide	2026-06-15	5.5 Medium
Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions (0644) instead of owner-restricted permissions (0600). To remediate this issue, users should upgrade to Kiro IDE version 0.11.133 or later. After upgrading and restarting the application, the cache file permissions are automatically updated on the next token refresh. Users operating in a multi-user environment can invalidate existing tokens by reauthenticating.
CVE-2026-42985	1 Microsoft	30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more	2026-06-15	8.8 High
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42992	1 Microsoft	23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more	2026-06-15	7.5 High
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42993	1 Microsoft	15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more	2026-06-15	7.5 High
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

« first previous Page 100 of 17964. next last »