31,467 indexed
CVECVE vulnerabilities
31,467 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 651–700 of 8,314 in Critical · page 14 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2026-4119 | CVE-2026-4119 CVSS 9.1 | The Create DB Tables plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 1.2.1. The plugin registers admin_post acti… |
| CVE-2026-41179 | CVE-2026-41179 CVSS 9.8 | Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1… |
| CVE-2026-41176 | CVE-2026-41176 CVSS 9.8 | Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint `options/set` is exposed without … |
| CVE-2026-41167 | CVE-2026-41167 CVSS 9.1 | Jellystat is a free and open source Statistics App for Jellyfin. Prior to version 1.1.10, multiple API endpoints in Jellystat build SQL queries by interpolatin… |
| CVE-2026-41153 | CVE-2026-41153 CVSS 9.8 | In JetBrains Junie before 252.549.29 command execution was possible via malicious project file |
| CVE-2026-41144 | CVE-2026-41144 CVSS 9.8 | F´ (F Prime) is a framework that enables development and deployment of spaceflight and other embedded software applications. Prior to version 4.2.0, the bounds… |
| CVE-2026-41104 | CVE-2026-41104 CVSS 10.0 | Deserialization of untrusted data in Microsoft Planetary Computer Pro allows an unauthorized attacker to disclose information over a network. |
| CVE-2026-41103 | CVE-2026-41103 CVSS 9.1 | Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges ov… |
| CVE-2026-41096 | CVE-2026-41096 CVSS 9.8 | Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. |
| CVE-2026-41090 | CVE-2026-41090 CVSS 9.3 | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering o… |
| CVE-2026-41089 | CVE-2026-41089 CVSS 9.8 | Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. |
| CVE-2026-41070 | CVE-2026-41070 CVSS 10.0 | openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on (SSO) auth flows. From version 1.26.3 to … |
| CVE-2026-41064 | CVE-2026-41064 CVSS 9.3 | WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's `test.php` adds `escapeshellarg` for wget bu… |
| CVE-2026-41050 | CVE-2026-41050 CVSS 9.9 | Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repositor… |
| CVE-2026-4101 | CVE-2026-4101 CVSS 9.8 | IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 thr… |
| CVE-2026-40982 | CVE-2026-40982 CVSS 9.1 | Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, … |
| CVE-2026-40976 | CVE-2026-40976 CVSS 9.1 | In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable,… |
| CVE-2026-40974 | CVE-2026-40974 CVSS 9.8 | Spring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL connection to Cassandra. Affected: Spring Boot 4.0.… |
| CVE-2026-40971 | CVE-2026-40971 CVSS 9.1 | When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. … |
| CVE-2026-40962 | CVE-2026-40962 CVSS 9.8 | FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c. |
| CVE-2026-40959 | CVE-2026-40959 CVSS 9.3 | Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod. |
| CVE-2026-40933 | CVE-2026-40933 CVSS 9.9 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, due to unsafe serialization of stdio commands in the M… |
| CVE-2026-40911 | CVE-2026-40911 CVSS 10.0 | WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies … |
| CVE-2026-40910 | CVE-2026-40910 CVSS 9.1 | frp is a fast reverse proxy. From 0.43.0 to 0.68.0, frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part o… |
| CVE-2026-40903 | CVE-2026-40903 CVSS 9.1 | goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs has an ArtiPACKED vulnerability. ArtiPACKED can lead to leakage of the GITHUB_TOKEN thr… |
| CVE-2026-40892 | CVE-2026-40892 CVSS 9.8 | PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsip_auth_create_digest2… |
| CVE-2026-40887 | CVE-2026-40887 CVSS 9.1 | Vendure is an open-source headless commerce platform. Starting in version 1.7.4 and prior to versions 2.3.4, 3.5.7, and 3.6.2, an unauthenticated SQL injection… |
| CVE-2026-40884 | CVE-2026-40884 CVSS 9.8 | goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP authentication bypass when the documented empty-username basic-auth sy… |
| CVE-2026-40860 | CVE-2026-40860 CVSS 9.8 | JmsBinding.extractBodyFromJms() in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized the payload of incoming JMS ObjectMessage values … |
| CVE-2026-40797 | CVE-2026-40797 CVSS 9.3 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder LLC WebinarIgnition allows Blind SQL Injectio… |
| CVE-2026-40687 | CVE-2026-40687 CVSS 9.1 | In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connec… |
| CVE-2026-40685 | CVE-2026-40685 CVSS 9.8 | In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header… |
| CVE-2026-40682 | CVE-2026-40682 CVSS 9.1 | XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 De… |
| CVE-2026-40630 | CVE-2026-40630 CVSS 9.8 | A vulnerability in SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper access control e… |
| CVE-2026-40621 | CVE-2026-40621 CVSS 9.8 | ELECOM wireless LAN access point devices do not require authentication to access some specific URLs. The affected product may be operated without authenticatio… |
| CVE-2026-40620 | CVE-2026-40620 CVSS 9.8 | A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or aut… |
| CVE-2026-40576 | CVE-2026-40576 CVSS 9.4 | excel-mcp-server is a Model Context Protocol server for Excel file manipulation. A path traversal vulnerability exists in excel-mcp-server versions up to and i… |
| CVE-2026-40575 | CVE-2026-40575 CVSS 9.1 | OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied `X-Forwarded-Uri… |
| CVE-2026-40572 | CVE-2026-40572 CVSS 9.0 | NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 (MemoryMapRange) allows Ring 3 user-mode pro… |
| CVE-2026-40569 | CVE-2026-40569 CVSS 9.0 | FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a mass assignment vulnerability in the mailbox connection settings… |
| CVE-2026-40525 | CVE-2026-40525 CVSS 9.1 | OpenViking prior to version 0.3.9 contains an authentication bypass vulnerability in the VikingBot OpenAPI HTTP route surface where the authentication check fa… |
| CVE-2026-40504 | CVE-2026-40504 CVSS 9.8 | Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec function that allows attackers to write out-of-bounds memory… |
| CVE-2026-40498 | CVE-2026-40498 CVSS 9.8 | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that… |
| CVE-2026-40496 | CVE-2026-40496 CVSS 9.1 | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, attachment download tokens are generated using a weak and predictable f… |
| CVE-2026-40494 | CVE-2026-40494 CVSS 9.8 | SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd… |
| CVE-2026-40493 | CVE-2026-40493 CVSS 9.8 | SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7… |
| CVE-2026-40492 | CVE-2026-40492 CVSS 9.8 | SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a… |
| CVE-2026-40487 | CVE-2026-40487 CVSS 9.0 | Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file upload validation bypass allows any authenticated user to upload arbitrary HTML, … |
| CVE-2026-40484 | CVE-2026-40484 CVSS 9.1 | ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents … |
| CVE-2026-40478 | CVE-2026-40478 CVSS 9.0 | Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability i… |