31,467 indexed
CVECVE vulnerabilities
31,467 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 851–900 of 8,314 in Critical · page 18 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2026-3587 | CVE-2026-3587 CVSS 10.0 | An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device. |
| CVE-2026-3584 | CVE-2026-3584 CVSS 9.8 | The Kali Forms plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.4.9 via the 'form_process' function. This is… |
| CVE-2026-35652 | CVE-2026-35652 CVSS 9.1 | OpenClaw before 2026.3.22 contains an authorization bypass vulnerability in interactive callback dispatch that allows non-allowlisted senders to execute action… |
| CVE-2026-3564 | CVE-2026-3564 CVSS 9.0 | A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, inclu… |
| CVE-2026-35616 | Fortinet FortiClient EMS Improper Access Control Vulnerability KEVCVSS 9.8Fortinet | Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands … |
| CVE-2026-35614 | CVE-2026-35614 CVSS 9.8 | Frappe is a full-stack web application framework. Prior to 16.14.0 and 15.104.0, Frappe has a SQL injection in bulk_update. This vulnerability is fixed in 16.1… |
| CVE-2026-35589 | CVE-2026-35589 CVSS 9.3 | nanobot is a personal AI assistant. Versions prior to 0.1.5 contain a Cross-Site WebSocket Hijacking (CSWSH) vulnerability exists in the bridge's WebSocket ser… |
| CVE-2026-35580 | CVE-2026-35580 CVSS 9.1 | Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, GitHub Actions workflow files contained shell injection points where user-controlled work… |
| CVE-2026-35579 | CVE-2026-35579 CVSS 9.8 | CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations incorrectly handle TSIG authenticat… |
| CVE-2026-35573 | CVE-2026-35573 CVSS 9.1 | ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authent… |
| CVE-2026-35561 | CVE-2026-35561 CVSS 9.8 | Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat a… |
| CVE-2026-35546 | CVE-2026-35546 CVSS 9.8 | Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, enabling attackers to plant and execut… |
| CVE-2026-35503 | CVE-2026-35503 CVSS 9.8 | A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded val… |
| CVE-2026-35490 | CVE-2026-35490 CVSS 9.8 | changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @login_optionally_required decorator is placed before (outer to) … |
| CVE-2026-3549 | CVE-2026-3549 CVSS 9.8 | Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing b… |
| CVE-2026-3548 | CVE-2026-3548 CVSS 9.8 | Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storin… |
| CVE-2026-35477 | CVE-2026-35477 CVSS 9.9 | InvenTree is an Open Source Inventory Management System. From 1.2.3 to 1.2.6, the fix for CVE-2026-27629 upgraded the PART_NAME_FORMAT validator to use jinja2.… |
| CVE-2026-35471 | CVE-2026-35471 CVSS 9.8 | goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, tdeleteFile() missing return after path traversal check. This vulnerability is fixed in 2.0.0… |
| CVE-2026-35459 | CVE-2026-35459 CVSS 9.1 | pyLoad is a free and open-source download manager written in Python. In 0.5.0b3.dev96 and earlier, pyLoad has a server-side request forgery (SSRF) vulnerabilit… |
| CVE-2026-35458 | CVE-2026-35458 CVSS 9.8 | Gotenberg is an API for converting document formats. In 8.29.1 and earlier, Gotenberg uses dlclark/regexp2 to compile user-supplied scope patterns without sett… |
| CVE-2026-3545 | CVE-2026-3545 CVSS 9.6 | Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a cra… |
| CVE-2026-35435 | CVE-2026-35435 CVSS 10.0 | Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network. |
| CVE-2026-35431 | CVE-2026-35431 CVSS 10.0 | Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network. |
| CVE-2026-35428 | CVE-2026-35428 CVSS 9.6 | Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform spoofing ov… |
| CVE-2026-35408 | CVE-2026-35408 CVSS 9.3 | Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus's Single Sign-On (SSO) login pages lacked a Cross-O… |
| CVE-2026-35393 | CVE-2026-35393 CVSS 9.8 | goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, the POST multipart upload directory not sanitized. This vulnerability is fixed in 2.0.0-beta.… |
| CVE-2026-35392 | CVE-2026-35392 CVSS 9.8 | goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, PUT upload in httpserver/updown.go has no path sanitization. This vulnerability is fixed in 2… |
| CVE-2026-3535 | CVE-2026-3535 CVSS 9.8 | The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the `DSGVOGWPdownloadGoogleF… |
| CVE-2026-35216 | CVE-2026-35216 CVSS 9.0 | Budibase is an open-source low-code platform. Prior to version 3.33.4, an unauthenticated attacker can achieve Remote Code Execution (RCE) on the Budibase serv… |
| CVE-2026-35197 | CVE-2026-35197 CVSS 9.8 | dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code.… |
| CVE-2026-35184 | CVE-2026-35184 CVSS 9.8 | EcclesiaCRM is CRM Software for church management. Prior to 8.0.0, there is a SQL injection vulnerability in v2/templates/query/queryview.php via the custom an… |
| CVE-2026-35178 | CVE-2026-35178 CVSS 9.8 | Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbenc… |
| CVE-2026-35171 | CVE-2026-35171 CVSS 9.8 | Kedro is a toolbox for production-ready data science. Prior to 1.3.0, Kedro allows the logging configuration file path to be set via the KEDRO_LOGGING_CONFIG e… |
| CVE-2026-35157 | CVE-2026-35157 CVSS 9.8 | Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File… |
| CVE-2026-35053 | CVE-2026-35053 CVSS 9.8 | OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, the Worker service's ManualAPI exposes workflow execution endpoint… |
| CVE-2026-35052 | CVE-2026-35052 CVSS 9.8 | D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to 3.22.0, users hosting D-Tale publicly wh… |
| CVE-2026-35051 | CVE-2026-35051 CVSS 10.0 | Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is an authentication bypass vulnerability in Traef… |
| CVE-2026-35047 | CVE-2026-35047 CVSS 9.8 | Brave CMS is an open-source CMS. Prior to 2.0.6, an Unrestricted File Upload vulnerability in the CKEditor endpoint allows attackers to upload arbitrary files,… |
| CVE-2026-35044 | CVE-2026-35044 CVSS 9.6 | BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.38, the Dockerfile generation function … |
| CVE-2026-35039 | CVE-2026-35039 CVSS 9.1 | fast-jwt provides fast JSON Web Token (JWT) implementation. From 0.0.1 to before 6.2.0, setting up a custom cacheKeyBuilder method which does not properly crea… |
| CVE-2026-35035 | CVE-2026-35035 CVSS 9.0 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.2.0… |
| CVE-2026-35033 | CVE-2026-35033 CVSS 9.1 | Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain an unauthenticated arbitrary file read vulnerability via ffmpeg argument… |
| CVE-2026-35030 | CVE-2026-35030 CVSS 9.1 | LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authentication is enabled (enable_jwt_auth: tru… |
| CVE-2026-35022 | CVE-2026-35022 CVSS 9.8 | Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in authentication helper execution where helper configuration valu… |
| CVE-2026-35002 | CVE-2026-35002 CVSS 9.8 | Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary Pyt… |
| CVE-2026-34989 | CVE-2026-34989 CVSS 9.0 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 31.0.0.0… |
| CVE-2026-34987 | CVE-2026-34987 CVSS 9.9 | Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch (baseline) non-default compiler backend may al… |
| CVE-2026-34977 | CVE-2026-34977 CVSS 9.8 | Aperi'Solve is an open-source steganalysis web platform. Prior to 3.2.1, when uploading a JPEG, a user can specify an optional password to accompany the JPEG. … |
| CVE-2026-34976 | CVE-2026-34976 CVSS 10.0 | Dgraph is an open source distributed GraphQL database. Prior to 25.3.1, the restoreTenant admin mutation is missing from the authorization middleware config (a… |
| CVE-2026-34955 | CVE-2026-34955 CVSS 10.0 | PraisonAI is a multi-agent teams system. Prior to version 4.5.97, SubprocessSandbox in all modes (BASIC, STRICT, NETWORK_ISOLATED) calls subprocess.run() with … |