Export limit exceeded: 358957 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (358957 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-52711 | 2026-06-16 | 7.5 High | ||
| Unauthenticated Broken Access Control in WooCommerce POS <= 1.8.14 versions. | ||||
| CVE-2026-49106 | 2 Crmperks, Wordpress | 2 Integration For Contact Form 7 And Constant Contact, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for Contact Form 7 and Constant Contact <= 1.1.6 versions. | ||||
| CVE-2026-49765 | 2 Crm Perks, Wordpress | 2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.8 versions. | ||||
| CVE-2026-48157 | 2026-06-16 | 6.1 Medium | ||
| Slim is a PHP micro framework that enables users to write simple web applications and APIs. In versions 4.4.0 through 4.15, if an application uses HttpException::setTitle() and/or setDescription() to include untrusted/request-derived data in the error title or description (e.g. "No products found matching '{$query}'."), an attacker could inject arbitrary HTML/JavaScript that executes in the victim's browser when they encounter an HTML error page generated by Slim. The vulnerability is present even with displayErrorDetails = false as the unescaped title and description are rendered on this error path. Built-in exceptions (HttpNotFoundException, HttpBadRequestException, etc.) ship plain-text defaults, so a vanilla Slim app with no user code is not exploitable. Only applications that feed untrusted data into setTitle() and/or setDescription() are affected. The issue has been fixed in 4.15.2. If developers are unable to immediately update their applications, they can work around this issue by avoiding passing untrusted/request-derived data into HttpException::setTitle() and setDescription() and using static, plain-text error copy instead. They should also register a custom error renderer (an ErrorRendererInterface implementation, or a subclass of HtmlErrorRenderer that escapes the title and description) for the HTML media type. | ||||
| CVE-2026-54197 | 2026-06-16 | 6.5 Medium | ||
| Unauthenticated Sensitive Data Exposure in GetGenie <= 4.4.1 versions. | ||||
| CVE-2026-6964 | 2026-06-16 | 5.3 Medium | ||
| The Video Conferencing with Zoom plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.6.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to obtain the site's Zoom SDK API key and a freshly-signed JWT that can be used with the Zoom Web SDK to join any Zoom meeting associated with those credentials without a legitimate invitation. | ||||
| CVE-2026-10828 | 1 Moxa | 2 Nport W2150a-w4 W2250a-w4 Series, Nport W2150a W2250a Series | 2026-06-16 | N/A |
| A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and prior. This vulnerability stems from insufficient input validation and improper handling of externally supplied format strings. An attacker could exploit this vulnerability by sending crafted input to the web service, causing unintended memory disclosure. Successful exploitation may allow an attacker to leak sensitive memory contents and determine critical memory addresses, potentially bypassing Address Space Layout Randomization (ASLR) protections. | ||||
| CVE-2026-39581 | 2 Activity-log.com, Wordpress | 2 Wp Sessions Time Monitoring Full Automatic, Wordpress | 2026-06-16 | 8.5 High |
| Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic <= 1.1.4 versions. | ||||
| CVE-2026-52714 | 2026-06-16 | 7.5 High | ||
| Unauthenticated Broken Access Control in SEO Plugin by Squirrly SEO <= 12.4.16 versions. | ||||
| CVE-2026-40750 | 2026-06-16 | 9.9 Critical | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in themagnifico52 Kids Online Store allows Upload a Web Shell to a Web Server. This issue affects Kids Online Store: from n/a through 0.8.9. | ||||
| CVE-2026-10829 | 1 Moxa | 2 Nport W2150a-w4 W2250a-w4 Series, Nport W2150a W2250a Series | 2026-06-16 | N/A |
| A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit this vulnerability by sending crafted input to the web service, resulting in memory corruption. Successful exploitation of this vulnerability could allow remote code execution on the target system with root privileges. | ||||
| CVE-2026-8484 | 2026-06-16 | N/A | ||
| A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS). All versions are believed to be vulnerable. This project is unmaintained at the time of CVE assignment. | ||||
| CVE-2026-12225 | 2026-06-16 | N/A | ||
| syracom AG Secure Login (2FA) for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sending HTTP requests with a crafted User-Agent header containing specific strings such as AtlassianMobileApp or JIRA. When such a User-Agent is present, the plugin does not enforce the configured 2FA checks for protected web resources. Successful exploitation allows the attacker to access the affected Atlassian application as the compromised user without completing 2FA. If the compromised account has administrative privileges, the attacker can access administrative functionality and may disable the 2FA plugin or make arbitrary administrative changes. The issue is fixed in version 3.5.0.0. | ||||
| CVE-2026-25253 | 1 Openclaw | 1 Openclaw | 2026-06-16 | 8.8 High |
| OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value. | ||||
| CVE-2026-21643 | 1 Fortinet | 1 Forticlientems | 2026-06-16 | 9.1 Critical |
| An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. | ||||
| CVE-2026-21671 | 1 Veeam | 2 Software Appliance, Veeam Backup \& Replication | 2026-06-16 | 9.1 Critical |
| A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication. | ||||
| CVE-2026-25667 | 1 Microsoft | 2 .net, Aspnetcore | 2026-06-16 | 7.5 High |
| ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing. | ||||
| CVE-2026-24516 | 1 Digitalocean | 1 Droplet Agent | 2026-06-16 | 8.8 High |
| A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component (internal/troubleshooting/actioner/actioner.go) processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting array without adequate input validation. While the code validates that artifacts exist in the validInvestigationArtifacts map, it fails to sanitize the actual command content after the "command:" prefix. This allows an attacker who can control metadata responses to inject and execute arbitrary OS commands with root privileges. The attack is triggered by sending a TCP packet with specific sequence numbers to the SSH port, which causes the agent to fetch metadata from http://169.254.169.254/metadata/v1.json. The vulnerability affects the command execution flow in internal/troubleshooting/actioner/actioner.go (insufficient validation), internal/troubleshooting/command/exec.go (direct exec.CommandContext call), and internal/troubleshooting/command/command.go (command parsing without sanitization). This can lead to complete system compromise, data exfiltration, privilege escalation, and potential lateral movement across cloud infrastructure. | ||||
| CVE-2026-23778 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dp Series Appliance | 2026-06-16 | 7.2 High |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to gain root-level access. | ||||
| CVE-2026-39480 | 2 Inisev, Wordpress | 2 Backup Migration, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in Backup Migration <= 2.1.1 versions. | ||||