| CVE-2026-12183 |
|
13.06.2026 |
9.3 |
| CVE-2026-11624 |
|
13.06.2026 |
9.4 |
| CVE-2026-46716 |
Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron |
12.06.2026 |
9.9 |
| CVE-2026-53519 |
Nezha Monitoring: Pre-auth path traversal via /dashboard.. prefix confusion leaks jwt_secret_key |
12.06.2026 |
9.1 |
| CVE-2026-53609 |
Apostrophe has Server-Side Prototype Pollution in apos.util.set via patch operators that leads to process-wide authorization bypass |
12.06.2026 |
9.1 |
| CVE-2026-44990 |
Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html` |
12.06.2026 |
9.3 |
| CVE-2026-28742 |
Naxclow IoT Platform Use of hard-coded cryptographic key |
12.06.2026 |
9.2 |
| CVE-2026-50101 |
Naxclow IoT Platform Not using password aging |
12.06.2026 |
9.2 |
| CVE-2026-48558 |
SimpleHelp Authentication Bypass via Missing OIDC JWT Signature Verification |
13.06.2026 |
9.5 |
| CVE-2026-45833 |
|
12.06.2026 |
9.4 |
| CVE-2026-50083 |
Aqara hardcoded OAuth client credentials |
12.06.2026 |
9.1 |
| CVE-2026-50084 |
Aqara API cross-account access |
12.06.2026 |
9.6 |
| CVE-2026-50086 |
Aqara unauthenticated AES oracle |
12.06.2026 |
10 |
| CVE-2026-50090 |
Aqara OAuth redirect_uri validation bypass |
12.06.2026 |
9.3 |
| CVE-2026-50091 |
Aqara Home Android SDK hardcoded keys |
12.06.2026 |
9.1 |
| CVE-2026-10557 |
Yarbo Android/iOS Mobile Application and Cloud Infrastructure Use of Hard-coded Credentials |
12.06.2026 |
9.3 |
| CVE-2026-47131 |
vm2: Sandbox Escape |
13.06.2026 |
10 |
| CVE-2026-47137 |
vm2: GHSA-8hg8-63c5-gwmx patch bypass: nesting:true without explicit require still allows full RCE |
13.06.2026 |
10 |
| CVE-2026-47140 |
vm2: NodeVM builtin denylist bypass via process and inspector/promises allows host code execution |
13.06.2026 |
10 |
| CVE-2026-47208 |
vm2: Sandbox Breakout Using Promise Species |
13.06.2026 |
10 |
| CVE-2026-47210 |
vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass |
13.06.2026 |
9.8 |
| CVE-2026-53787 |
Amasty Order Attributes for Magento 2 < 4.0.0 Unauthenticated Arbitrary File Upload |
13.06.2026 |
9.3 |
| CVE-2026-54133 |
jmespath.php has CompilerRuntime code injection via unescaped function names |
12.06.2026 |
9.8 |
| CVE-2026-6853 |
OTP Bypass in Başbelen Group's Pause+ Mobile App |
12.06.2026 |
9.8 |
| CVE-2026-11849 |
IEI Integration Corp|iRM-IEI Remote Management - Hard-coded Credentials |
12.06.2026 |
9.3 |
| CVE-2026-11535 |
|
12.06.2026 |
9.4 |
| CVE-2026-47365 |
|
12.06.2026 |
9.9 |
| CVE-2026-47367 |
|
12.06.2026 |
9.9 |
| CVE-2026-47369 |
|
13.06.2026 |
9.9 |
| CVE-2026-47370 |
|
13.06.2026 |
9.9 |
| CVE-2026-48611 |
|
12.06.2026 |
9.8 |
| CVE-2026-42846 |
ClipBucket: Remote Play URL Command Injection |
12.06.2026 |
9.8 |
| CVE-2026-45060 |
ClipBucket: Blind SQL Injection in progress_video.php |
12.06.2026 |
9.8 |
| CVE-2026-39494 |
WordPress Product Filter by WBW plugin <= 3.1.2 - SQL Injection vulnerability |
12.06.2026 |
9.3 |
| CVE-2026-42647 |
WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability |
12.06.2026 |
9.3 |
| CVE-2026-49060 |
WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Privilege Escalation vulnerability |
12.06.2026 |
9.8 |
| CVE-2026-41005 |
UAA accepts SAML Encrypted Assertions authentication bypass |
13.06.2026 |
9 |
| CVE-2026-49973 |
Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings |
13.06.2026 |
9.2 |
| CVE-2026-45177 |
Idira Secrets Manager SaaS Edge: Authentication Bypass of an internal validation mechanism |
11.06.2026 |
9.1 |
| CVE-2026-47172 |
Quest Bot: Untrusted pull request code can be built and deployed by privileged `workflow_run` deployment. |
11.06.2026 |
9.5 |
| CVE-2026-47174 |
Duck Site: Untrusted pull request code can trigger privileged production deployment |
11.06.2026 |
9.5 |
| CVE-2026-49261 |
MariaDB server has unsafe parameter handling in `wsrep_notify_cmd` |
12.06.2026 |
10 |
| CVE-2026-11839 |
Arbitrary File Upload in Basarsoft's Rotaban |
11.06.2026 |
9.9 |
| CVE-2026-11561 |
SSTI in Soagen Informatics' Apinizer |
12.06.2026 |
9.8 |
| CVE-2026-7852 |
Unrestricted File Upload in Limatek's LimRAD NAC |
11.06.2026 |
9.8 |
| CVE-2026-4764 |
Privilege Escalation in Dialogflow CX via Playbook Import |
11.06.2026 |
9.4 |
| CVE-2026-35273 |
|
13.06.2026 |
9.8 |
| CVE-2026-46695 |
BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files |
11.06.2026 |
10 |
| CVE-2026-46703 |
BoxLite: Path Traversal Vulnerability in boxlite Leads to Arbitrary File Write on the Host |
11.06.2026 |
9.6 |
| CVE-2026-20253 |
Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise |
11.06.2026 |
9.8 |
| CVE-2026-46614 |
Fission router exposes /fission-function/<ns>/<name> on its public listener, allowing invocation of any function without an HTTPTrigger |
11.06.2026 |
9.8 |
| CVE-2026-50545 |
Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover |
12.06.2026 |
9.9 |
| CVE-2026-50563 |
Fission Container Executor Function PodSpec Injection Leading to Node Escape |
12.06.2026 |
9.9 |
| CVE-2026-50564 |
Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape |
12.06.2026 |
9.9 |
| CVE-2026-50566 |
Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation |
12.06.2026 |
9.9 |
| CVE-2026-45550 |
Roxy-WI: IDOR on PUT /smon/check — any user can rewrite any tenant's monitoring URL/IP/body |
10.06.2026 |
9.1 |
| CVE-2026-45552 |
Roxy-WI: Cross-tenant authorization bypass on /install/* — guest can run Ansible / SSH on every registered server |
10.06.2026 |
9.9 |
| CVE-2026-45556 |
Roxy-WI: Authenticated arbitrary file write on every managed load balancer (and downstream RCE) via WAF rule save `config_file_name` |
10.06.2026 |
9.9 |
| CVE-2026-45558 |
Roxy-WI: Authenticated RCE on every managed HAProxy load balancer via `option` field config injection in section save |
10.06.2026 |
9.9 |
| CVE-2026-53469 |
Migration-planner: unprotected delete endpoint wipes all tenant data |
10.06.2026 |
9.1 |
| CVE-2026-53470 |
Migration-planner: getsourcedownloadurl missing organization check |
10.06.2026 |
9.6 |
| CVE-2026-53471 |
Migration-planner: agent api ignores jwt source_id claim |
10.06.2026 |
9.6 |
| CVE-2026-53474 |
Migration-planner: second-order sql injection via rvtools upload |
10.06.2026 |
9.6 |
| CVE-2026-53475 |
Assisted-migration-agent: tls verification disabled on all vcenter connections |
10.06.2026 |
9.3 |
| CVE-2026-53476 |
Assisted-migration-agent: vddk tarball chained-symlink arbitrary file write |
10.06.2026 |
9.6 |
| CVE-2025-6254 |
Doctreat Core <= 1.6.8 - Unauthenticated Privilege Escalation |
10.06.2026 |
9.8 |
| CVE-2025-66276 |
QTS |
10.06.2026 |
9.2 |
| CVE-2026-45328 |
ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers |
10.06.2026 |
9.3 |
| CVE-2026-44963 |
|
10.06.2026 |
9.4 |
| CVE-2026-47928 |
ColdFusion | Improper Input Validation (CWE-20) |
11.06.2026 |
9.6 |
| CVE-2026-47938 |
Adobe Campaign Classic (ACC) | Server-Side Request Forgery (SSRF) (CWE-918) |
10.06.2026 |
10 |
| CVE-2026-48303 |
Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863) |
10.06.2026 |
10 |
| CVE-2026-34691 |
Adobe Experience Manager Forms JEE | Cross-site Scripting (Stored XSS) (CWE-79) |
09.06.2026 |
9.3 |
| CVE-2026-26142 |
Nuance PowerScribe Remote Code Execution Vulnerability |
10.06.2026 |
9.8 |
| CVE-2026-42904 |
Windows TCP/IP Elevation of Privilege Vulnerability |
10.06.2026 |
9.6 |
| CVE-2026-44815 |
DHCP Client Service Remote Code Execution Vulnerability |
10.06.2026 |
9.8 |
| CVE-2026-45602 |
Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability |
10.06.2026 |
9.1 |
| CVE-2026-45657 |
Windows Kernel Remote Code Execution Vulnerability |
10.06.2026 |
9.8 |
| CVE-2026-47281 |
Visual Studio Code Elevation of Privilege Vulnerability |
10.06.2026 |
9.6 |
| CVE-2026-47291 |
HTTP.sys Remote Code Execution Vulnerability |
10.06.2026 |
9.8 |
| CVE-2026-47643 |
Azure Stack Edge Remote Code Execution Vulnerability |
10.06.2026 |
9.8 |
| CVE-2026-49840 |
FreeSWITCH: Pre-authentication heap buffer overflow in libesl `Content-Length` parsing |
09.06.2026 |
9.1 |
| CVE-2026-49841 |
FreeSWITCH: Pre-authentication heap buffer overflow in `mod_verto` HTTP POST body read |
11.06.2026 |
9.8 |
| CVE-2026-10520 |
|
12.06.2026 |
10 |
| CVE-2026-10523 |
|
10.06.2026 |
9.9 |
| CVE-2026-25089 |
|
10.06.2026 |
9.1 |
| CVE-2026-8025 |
SQLi in MOSK Informatics' CBS Platform |
09.06.2026 |
9.8 |
| CVE-2026-46325 |
RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE |
14.06.2026 |
9.8 |
| CVE-2026-7486 |
SQLi in Netcad's E-İmar |
09.06.2026 |
9.8 |
| CVE-2017-20251 |
WordPress Insert PHP Plugin 4.7.0 PHP Code Injection via REST API |
09.06.2026 |
9.3 |
| CVE-2026-46316 |
KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry |
14.06.2026 |
9.3 |
| CVE-2026-10731 |
SQL injection in Nemon products |
09.06.2026 |
9.3 |
| CVE-2026-41031 |
A Stored Cross-Site Scripting (XSS) vulnerability occurs in Vinna Process Monitor |
09.06.2026 |
9.3 |
| CVE-2026-5067 |
Out-of-bounds read/write in HTTP WebSocket upgrade via non-null-terminated Sec-WebSocket-Key |
09.06.2026 |
9.8 |
| CVE-2026-27671 |
Memory Corruption vulnerability in Application Server ABAP of SAP NetWeaver and ABAP Platform |
09.06.2026 |
9.8 |
| CVE-2026-40128 |
Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container) |
10.06.2026 |
9 |
| CVE-2026-44748 |
XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform |
09.06.2026 |
9.9 |
| CVE-2026-52778 |
YesWiki has Unsafe eval() in Formula Calculator - Remote Code Execution (RCE) & Denial of Service (DoS) |
09.06.2026 |
9.8 |
| CVE-2026-25555 |
OpenBullet2 0.3.2 Authentication Bypass via X-Api-Key Header |
08.06.2026 |
9.3 |
| CVE-2026-39910 |
STACKIT IaaS API Privilege Escalation via Service Account Attachment |
09.06.2026 |
9.3 |
| CVE-2026-41448 |
AdGuard Home Authentication Bypass via Path Traversal in Admin-Token Cookie |
08.06.2026 |
9.2 |
| CVE-2026-46289 |
lib/scatterlist: fix length calculations in extract_kvec_to_sg |
14.06.2026 |
9.8 |
| CVE-2026-46442 |
Flowise: Authenticated Host RCE via POST /api/v1/node-custom-function and NodeVM Sandbox Escape |
09.06.2026 |
9.4 |
| CVE-2026-47430 |
Cordova Plugin InAppBrowser: iOS: Arbitrary Cordova callback IDs can be dispatched without validation from InAppBrowser WebViews |
08.06.2026 |
9.5 |
| CVE-2026-11499 |
Tenda HG7HG9/HG10 formDOMAINBLK stack-based overflow |
08.06.2026 |
9.3 |
| CVE-2023-54352 |
WordPress Seotheme Remote Code Execution Unauthenticated |
08.06.2026 |
9.3 |
| CVE-2024-58348 |
WordPress Background Image Cropper 1.2 Remote Code Execution |
08.06.2026 |
9.3 |
| CVE-2024-58349 |
WordPress Theme Travelscape 1.0.3 Arbitrary File Upload |
08.06.2026 |
9.3 |