31,467 indexed
CVECVE vulnerabilities
31,467 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 851–900 of 8,161 in High · page 18 of 164
| ID | Title | Summary |
|---|---|---|
| CVE-2026-43176 | CVE-2026-43176 CVSS 8.8 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 9… |
| CVE-2026-43172 | CVE-2026-43172 CVSS 8.8 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix 22000 series SMEM parsing If the firmware were to report three LMACs (… |
| CVE-2026-43158 | CVE-2026-43158 CVSS 8.8 | In the Linux kernel, the following vulnerability has been resolved: xfs: fix freemap adjustments when adding xattrs to leaf blocks xfs/592 and xfs/794 both t… |
| CVE-2026-4314 | CVE-2026-4314 CVSS 8.8 | The 'The Ultimate WordPress Toolkit – WP Extended' plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.4. This… |
| CVE-2026-43139 | CVE-2026-43139 CVSS 8.6 | In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6_get_saddr() xfrm6_get_saddr() does not check the … |
| CVE-2026-43134 | CVE-2026-43134 CVSS 8.1 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ This adds a check for … |
| CVE-2026-43113 | CVE-2026-43113 CVSS 8.8linux | In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing tx_frames wl1251_tx_packet_cb() uses th… |
| CVE-2026-43112 | CVE-2026-43112 CVSS 8.8linux | In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath When cifs_sanitize_prepath… |
| CVE-2026-43110 | CVE-2026-43110 CVSS 8.8linux | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: validate bsscfg indices in IF events brcmf_fweh_handle_if_event() validat… |
| CVE-2026-43051 | CVE-2026-43051 CVSS 8.1 | In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq The wacom_intuos_bt_irq() funct… |
| CVE-2026-43048 | CVE-2026-43048 CVSS 8.8 | In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset() The memset() in hid_report_r… |
| CVE-2026-43018 | CVE-2026-43018 CVSS 8.8 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt hci_conn look… |
| CVE-2026-43001 | CVE-2026-43001 CVSS 7.9openstack | An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied project_id for an EC2-type credenti… |
| CVE-2026-4296 | CVE-2026-4296 CVSS 8.8 | An incorrect regular expression vulnerability was identified in GitHub Enterprise Server that allowed an attacker to bypass OAuth redirect URI validation. An a… |
| CVE-2026-42945 | CVE-2026-42945 CVSS 8.1f5 | NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed b… |
| CVE-2026-42930 | CVE-2026-42930 CVSS 8.7f5 | When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP syste… |
| CVE-2026-42924 | CVE-2026-42924 CVSS 8.7f5 | An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privil… |
| CVE-2026-42860 | CVE-2026-42860 CVSS 8.5 | The Open edx Enterprise Service app provides enterprise features to the Open edX platform. From 7.0.2 to 7.0.4, the sync_provider_data endpoint in SAMLProvider… |
| CVE-2026-42844 | CVE-2026-42844 CVSS 8.8 | Grav is a file-based Web platform. In Grav 2.0.0-beta.2, a low-privileged authenticated API user with api.media.write can abuse /api/v1/blueprint-upload to wri… |
| CVE-2026-42843 | CVE-2026-42843 CVSS 8.8 | Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Pr… |
| CVE-2026-42742 | CVE-2026-42742 CVSS 8.5 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blin… |
| CVE-2026-42741 | CVE-2026-42741 CVSS 8.5 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Ninja Forms Views – Display & Edit Ninja F… |
| CVE-2026-4272 | CVE-2026-4272 CVSS 8.1 | Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows Authentication Abuse.This issue affects Handheld Scanners: fro… |
| CVE-2026-42611 | CVE-2026-42611 CVSS 8.9 | Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged (with the ability to create a page) user can cause XSS with the injection of svg ele… |
| CVE-2026-4261 | CVE-2026-4261 CVSS 8.8 | The Expire Users plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.2. This is due to the plugin allowing a u… |
| CVE-2026-42609 | CVE-2026-42609 CVSS 8.1 | Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a business logic vulnerability in the Grav Admin Panel allows a low-privileged user (with only user c… |
| CVE-2026-42606 | CVE-2026-42606 CVSS 8.8 | AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the ApplyXForwarded middleware unconditionally trusts the client-su… |
| CVE-2026-42605 | CVE-2026-42605 CVSS 8.8 | AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the currentDirectory request parameter in the Flow.js media upload … |
| CVE-2026-42603 | CVE-2026-42603 CVSS 8.8 | OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Prior to 2.1.2, .github/workflows/… |
| CVE-2026-42602 | CVE-2026-42602 CVSS 8.1opentelemetry | azureauthextension is the Azure Authenticator Extension. From 0.124.0 to 0.150.0, a server-side authentication bypass in azureauthextension allows any party wh… |
| CVE-2026-42595 | CVE-2026-42595 CVSS 8.6 | Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, Gotenberg's Chromium URL-to-PDF endpoint (/forms/chromium/convert/url) has no defau… |
| CVE-2026-42591 | CVE-2026-42591 CVSS 8.2 | Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint (/forms/libreoffice/convert) passes uploaded do… |
| CVE-2026-42590 | CVE-2026-42590 CVSS 8.2 | Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's… |
| CVE-2026-42564 | CVE-2026-42564 CVSS 8.2 | jotty·page is a self-hosted app for your checklists and notes. Prior to 1.22.0, an unauthenticated path traversal vulnerability exists in /api/app-icons/[filen… |
| CVE-2026-42562 | CVE-2026-42562 CVSS 8.3 | Plainpad is a self hosted note taking app. Prior to version 1.1.1, Plainpad allows a low-privilege authenticated user to self-escalate to administrator by subm… |
| CVE-2026-42559 | CVE-2026-42559 CVSS 8.8 | RMCP is an official Rust SDK for the Model Context Protocol. Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport (crates/rmcp/src/transpo… |
| CVE-2026-42550 | CVE-2026-42550 CVSS 8.8 | Flight is an extensible micro-framework for PHP. Prior to 3.18.1, SimplePdo::insert(), SimplePdo::update(), and SimplePdo::delete() build SQL statements by con… |
| CVE-2026-42524 | CVE-2026-42524 CVSS 8.0 | Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting (XSS) vul… |
| CVE-2026-42512 | CVE-2026-42512 CVSS 8.1 | As dhclient is building an environment to pass to dhclient-script, it may need to resize the array of string pointers. The code which expands the array incorr… |
| CVE-2026-42511 | CVE-2026-42511 CVSS 8.1 | The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the … |
| CVE-2026-42503 | CVE-2026-42503 CVSS 8.8 | gopls by default communicates via pipe. However, -port and -listen flags are supported as means of debugging. If -listen is given a value without an explicit h… |
| CVE-2026-4248 | CVE-2026-4248 CVSS 8.0 | The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the '{use… |
| CVE-2026-42471 | CVE-2026-42471 CVSS 8.1 | Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke client (Connection.php:76) calls unserialize() on data received from … |
| CVE-2026-42469 | CVE-2026-42469 CVSS 8.6 | Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_canswitch.cpp the parser does not properly validate a CANswitch… |
| CVE-2026-42468 | CVE-2026-42468 CVSS 8.8 | Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_pcap.cpp , the parser's phdr.len field is not properly validate… |
| CVE-2026-42463 | CVE-2026-42463 CVSS 8.1 | SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR (Insecure Direct Obj… |
| CVE-2026-42452 | CVE-2026-42452 CVSS 8.1 | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a tem… |
| CVE-2026-42449 | CVE-2026-42449 CVSS 8.5 | n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. In versions 2.47.4 through 2.47.13, the SDK … |
| CVE-2026-42439 | CVE-2026-42439 CVSS 8.5 | OpenClaw before 2026.4.10 contains a server-side request forgery policy bypass vulnerability in the browser tabs action select and close routes. Attackers can … |
| CVE-2026-42435 | CVE-2026-42435 CVSS 8.8 | OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing attackers to inject environment variab… |