CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-41120 25.06.2026 9.8
CVE-2026-54823 WordPress Widget Options plugin <= 4.2.3 - Remote Code Execution (RCE) vulnerability 25.06.2026 9.9
CVE-2026-54836 WordPress Filter & Grids plugin <= 3.11.5 - SQL Injection vulnerability 25.06.2026 9.3
CVE-2026-54843 WordPress MDTF plugin <= 1.3.7 - SQL Injection vulnerability 25.06.2026 9.3
CVE-2026-54849 WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.11 - SQL Injection vulnerability 25.06.2026 9.3
CVE-2026-41566 Apache Kvrocks: Improper permission for the APPLYBATCH command 25.06.2026 9.4
CVE-2026-46752 Apache Kvrocks: Stack buffer overflow in Lua bit.tohex() 25.06.2026 10
CVE-2026-39948 Cacti has SQL Injection via rfilter parameter in RLIKE clauses 25.06.2026 9.3
CVE-2026-39955 Cacti has Pre-Authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php 25.06.2026 9.8
CVE-2026-39938 Cacti: Unauthenticated RCE on Graph Image 25.06.2026 9.8
CVE-2026-39893 Cacti: Pre-authentication SQL injection via rfilter RLIKE clause in graph_view.php 25.06.2026 9.8
CVE-2026-50551 SiYuan: Stored XSS to RCE via Unsanitized Attribute View Asset Cell Content 25.06.2026 9.9
CVE-2026-54067 SiYuan: Stored XSS to RCE via CSS-snippet <style> breakout in renderSnippet() 25.06.2026 9.9
CVE-2026-54069 SiYuan: Unauthenticated Admin API Access via Blanket chrome-extension:// Origin Allowlist 25.06.2026 9.2
CVE-2026-54158 SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML() 24.06.2026 9.9
CVE-2026-55454 Appsmith: Caddy admin API exposed without authentication 25.06.2026 9.9
CVE-2026-55570 SiYuan: Stored XSS results to Electron RCE in SiYuan marketplace via unescaped `data-obj` attribute (Bypass for CVE-2026-45375's patch) 25.06.2026 9
CVE-2026-55666 Rocket.Chat: Email Parameter Fallback Leads To Account Takeover Within Apple OAuth 24.06.2026 9.3
CVE-2026-33543 FOSSBilling: Authentication bypass allows unauthenticated administrator creation 25.06.2026 9.3
CVE-2026-45688 Rocket.Chat: Pre-Auth NoSQL Injection in CAS Login Handler leading to Arbitrary CAS/SAML User Session Hijack 24.06.2026 9.1
CVE-2026-45689 Rocket.Chat: Pre-Auth NoSQL Injection in OAuth2 Token Endpoint leading to Arbitrary User ATO 25.06.2026 9.1
CVE-2026-46423 Rocket.Chat: SAML signature validation skipped when IdP certificate field is empty 25.06.2026 9.3
CVE-2026-52811 Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym 24.06.2026 9
CVE-2026-52813 Gogs: Path Traversal in organization name results in RCE through Git hooks 25.06.2026 10
CVE-2026-52806 Gogs: RCE via git rebase --exec argument injection in pull request merge 25.06.2026 9.9
CVE-2026-49980 Rclone: Unauthenticated command execution in `rclone rcd --rc-serve` via inline remote instantiation, bypassing CVE-2026-41179 fix 25.06.2026 9.8
CVE-2026-53943 Ghost: Cache-poisoning XSS in Ghost frontend via x-ghost-preview header 24.06.2026 9.6
CVE-2026-56121 Feast < 0.63.0 Unauthenticated RCE via ApplyFeatureView gRPC Deserialization 24.06.2026 9.3
CVE-2026-12537 Unauthenticated Remote Code Execution in Gemini CLI CI/CD Workflows 24.06.2026 10
CVE-2026-56223 Capgo - Account Takeover via Cross-Domain SSO Email Assertion in provision-user 24.06.2026 9.3
CVE-2026-56237 Capgo - Unauthenticated API Key Generation via Client-Side Parameter Manipulation 24.06.2026 9.3
CVE-2026-12416 Invoice Generator <= 1.0.0 - Unauthenticated Account Takeover via Weak Password Reset Validation via 'reset_user_id' Parameter 25.06.2026 9.8
CVE-2026-12417 SignUp & SignIn <= 1.0.0 - Unauthenticated Privilege Escalation via Weak Password Reset Validation via 'reset_activation_code' Leading to Account Takeover 24.06.2026 9.8
CVE-2026-12485 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12486 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-12846 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12847 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12848 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12849 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-12850 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-12851 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-54588 Poweradmin has Host Header Injection in OIDC redirect_uri, SAML ACS/SLO URL, and Logout Redirect Construction. 24.06.2026 9.6
CVE-2026-11807 Eda-server: websocket missing authorization allows credential theft via activation_id spoofing 24.06.2026 9.6
CVE-2026-53753 Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API 23.06.2026 9.8
CVE-2026-53662 immich: One-click account takeover via XSS in login page continue redirect 23.06.2026 9.6
CVE-2026-54157 LobeHub: Unauthenticated SSRF in `/webapi/proxy` 23.06.2026 9
CVE-2026-54257 Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow 23.06.2026 9.3
CVE-2026-44789 n8n: HTTP Request Node Pagination Prototype Pollution to RCE 24.06.2026 9.4
CVE-2026-44790 n8n: Arbitrary File Read via Git Node 23.06.2026 9.4
CVE-2026-44791 n8n: XML Node Prototype Pollution Patch Bypass 23.06.2026 9.4
CVE-2026-48519 Langflow: Unauthenticated RCE in Shareable Playgrounds 24.06.2026 9.6
CVE-2026-55255 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow 24.06.2026 9.9
CVE-2026-55447 Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit 24.06.2026 9.6
CVE-2026-55450 Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak 23.06.2026 9.3
CVE-2026-27604 FOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin Functions 23.06.2026 10
CVE-2026-28496 FOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCE 23.06.2026 9.4
CVE-2026-35019 NetComm NF20MESH < R6B032 Hardcoded AES Key Authentication Bypass 23.06.2026 9.2
CVE-2026-44089 Buffer Overflow in Totolink EX1200L router 23.06.2026 9.4
CVE-2026-56258 Crawl4AI - Arbitrary File Write via output_path Symlink and TOCTOU 23.06.2026 9.2
CVE-2026-56315 picklescan - Remote Code Execution via Unblocked Standard Library Modules 23.06.2026 9.3
CVE-2026-11374 Account Takeover via Predictable SSO Ticket Generation 24.06.2026 9
CVE-2026-12866 23.06.2026 9.2
CVE-2026-48746 vLLM: OpenAI auth bypass 23.06.2026 9.1
CVE-2026-56266 Crawl4AI - Server-Side Request Forgery via Direct Crawl Endpoints 23.06.2026 9.2
CVE-2026-44727 Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP 23.06.2026 9.3
CVE-2026-45034 PhpSpreadsheet: File::prohibitWrappers bypass 23.06.2026 9.2
CVE-2026-49468 LiteLLM: Authentication Bypass via Host Header Injection 24.06.2026 9.5
CVE-2026-10789 MCP Extension Code Injection Vulnerability in Autodesk Fusion Desktop 23.06.2026 9.6
CVE-2026-12249 Canonical ADSys Trust Store Poisoning via Plaintext HTTP Certificate Auto-Enrollment 22.06.2026 9
CVE-2026-12628 Hardcoded credential in the IBM Storage Protect Snapshot For Windows leads to unauthorized access to system 25.06.2026 9.1
CVE-2026-7664 Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS 23.06.2026 9.8
CVE-2026-10561 Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection 23.06.2026 10
CVE-2026-28381 Local File Read/Write to Potential Privilege Escalation via Snowflake GET/PUT 24.06.2026 9.6
CVE-2026-56423 MISP Core: Broken access control allows instance-wide unauthorized deletion of event reports and sharing groups via bulk deletion endpoints 23.06.2026 9.4
CVE-2026-56425 MISP AAD authentication plugin - Improper OAuth State Handling, Missing Session Rotation, Insecure Redirect URI Validation, and Log Injection 23.06.2026 9.3
CVE-2026-56447 MISP remote code execution via arbitrary rdkafka configuration path 22.06.2026 9.3
CVE-2026-7165 Multiple vulnerabilities in the Assassin game by Gaudire 22.06.2026 9.4
CVE-2026-7166 Multiple vulnerabilities in the Assassin game by Gaudire 22.06.2026 9.2
CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields 23.06.2026 9.4
CVE-2026-11746 22.06.2026 9.4
CVE-2026-56265 Crawl4AI - Authentication Bypass via Hardcoded JWT Signing Key 22.06.2026 9.3
CVE-2026-56395 SiYuan - Remote Code Execution via Malicious Bazaar Package Metadata and README 22.06.2026 9.4
CVE-2026-56397 SiYuan - Remote Code Execution via Malicious Bazaar Package Metadata and README 24.06.2026 9.4
CVE-2026-56345 AVideo - Arbitrary User Session Hijacking via Meet Plugin uploadRecordedVideo Endpoint 23.06.2026 9.2
CVE-2026-5366 Git Argument Injection in prefecthq/prefect 22.06.2026 9.9
CVE-2024-58351 Flowise - Remote Code Execution via overrideConfig Parameter 22.06.2026 9.3
CVE-2019-25763 WordPress Ultimate Addons for Beaver Builder 1.2.4.1 Authentication Bypass 22.06.2026 9.3
CVE-2022-50972 WooCommerce 7.1.0 Remote Code Execution via class-wc-meta-box-product-images.php 22.06.2026 9.3
CVE-2026-48908 Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2 25.06.2026 10
CVE-2026-48909 Joomla Extension - joomshaper.com - PHP Object injection in SP LMS extension for Joomla < 4.1.4 23.06.2026 9.5
CVE-2026-48939 Joomla Extension - icagenda.com - Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15 25.06.2026 10
CVE-2026-11551 Branda – White Label & Branding, Free Login Page Customizer <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover 23.06.2026 9.8
CVE-2026-56073 Cap-go - OTP Bypass via Response Manipulation in Email Verification 22.06.2026 9.3
CVE-2026-56081 Cap-go - Account Lockout via 2FA Misconfiguration on Unverified Email 22.06.2026 9.3
CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability 24.06.2026 10
CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability 24.06.2026 9.6
CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability 25.06.2026 9.9
CVE-2026-48772 ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL 22.06.2026 10
CVE-2026-48773 ProxySQL pre-auth heap overflow in MySQL and PostgreSQL first-packet handling 22.06.2026 9.8
CVE-2026-48137 Untrusted pointer dereference in NI grpc-device sideband streaming API 22.06.2026 9.3
CVE-2026-9142 Insecure Default Credentials vulnerability in NI grpc-device when TLS configuration is not present 22.06.2026 9.3
CVE-2026-44939 Command injection through unsanitized YAML parameter in Rancher 24.06.2026 9.4
CVE-2026-50242 24.06.2026 10
CVE-2026-56141 24.06.2026 9.8
CVE-2026-56142 24.06.2026 9.6
CVE-2026-54414 FileRise shared-folder upload path traversal allows arbitrary file write and admin takeover 22.06.2026 9.3
CVE-2026-7515 BetterDocs Pro <= 3.8.0 - Unauthenticated Local File Inclusion via doc_style 22.06.2026 9.8
CVE-2026-8713 Avada (Fusion) Builder <= 3.15.3 - Unauthenticated Arbitrary File Deletion via Form Entry Value 22.06.2026 9.1
CVE-2026-12045 pgAdmin 4: AI Assistant read-only transaction bypass allows unauthorised writes and remote code execution 23.06.2026 9.4
CVE-2026-12046 pgAdmin 4: Unauthenticated pickle deserialization in SQL Editor close / update_connection routes enables remote code execution 23.06.2026 9.5
CVE-2026-12048 pgAdmin 4: Stored XSS via untrusted error and plan-node text rendered through html-react-parser 22.06.2026 9.3
CVE-2026-40624 AVer PTC cameras Files or Directories Accessible to External Parties 22.06.2026 9.3
CVE-2026-47647 Dynamics 365 Elevation of Privilege Vulnerability 24.06.2026 9.9
CVE-2026-54130 M365 Copilot Information Disclosure Vulnerability 24.06.2026 9.8
CVE-2026-49257 mcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bind 22.06.2026 10
CVE-2026-49454 Relyra SAML SignatureValue not cryptographically verified -> authentication bypass 22.06.2026 9.1
CVE-2026-49252 deepstream is vulnerable to prototype pollution 22.06.2026 9.9
CVE-2026-47846 18.06.2026 9.8
CVE-2026-54390 JTL Shop < 5.7.2 Server-Side Template Injection via Smarty Renderer 23.06.2026 9.3

Latest Updates

CVE Title Updated Score
CVE-2026-12844 List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function 25.06.2026
CVE-2026-48940 Joomla Extension - getk2.com - Stored-XSS in K2 extension for Joomla < 2.26 25.06.2026
CVE-2026-48941 Joomla Extension - getk2.com - Unauthenticated folder delete in K2 extension for Joomla < 2.26 25.06.2026
CVE-2026-48942 Joomla Extension - getk2.com - Stored-XSS in K2 extension for Joomla < 2.26 25.06.2026
CVE-2026-48943 Joomla Extension - getk2.com - Authenticated user property mass-assignment in K2 extension for Joomla < 2.26 25.06.2026
CVE-2026-48944 Joomla Extension - getk2.com - Exposure of sensitive files via attachment copy in K2 extension for Joomla < 2.26 25.06.2026
CVE-2026-48945 Joomla Extension - getk2.com - Privileged RCE vulnerability in K2 extension for Joomla < 2.26 25.06.2026
CVE-2026-48946 Joomla Extension - getk2.com - Privileged RCE vulnerability in K2 extension for Joomla < 2.26 25.06.2026
CVE-2026-4522 25.06.2026
CVE-2026-54036 LibreChat: 2FA Re-enrollment Allows Full Account 2FA Takeover Without OTP Verification 25.06.2026 5.3
CVE-2026-55477 Authenticated Arbitrary File Write via Database Import and Xray Log Path Manipulation 25.06.2026 7.2
CVE-2026-55693 Vim: Out-of-bounds Write in Spell File Word Count 25.06.2026
CVE-2026-55892 Vim: Out-of-bounds Write in Spell File Prefix Dump 25.06.2026 5.5
CVE-2026-55895 Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename 25.06.2026
CVE-2026-57438 Nokogiri: Possible Use-After-Free in XInclude Processing 25.06.2026
CVE-2026-57451 Vim: Out-of-bounds Read in Text Property Count 25.06.2026 5.3
CVE-2026-57452 Vim: Out-of-bounds Read with libsodium-encrypted Files 25.06.2026 5.5
CVE-2026-57453 Vim: PowerShell Command Injection via Unescaped Filename in zip.vim Extraction 25.06.2026 6.5
CVE-2026-57454 Vim: Out-of-bounds Read with Text Properties 25.06.2026
CVE-2026-57455 Vim: Stack out-of-bounds write in `spell_soundfold_sofo()` via an over-length `soundfold()` argument 25.06.2026
CVE-2026-57456 Vim: Arbitrary Code Execution via Python Omni-Completion Docstrings 25.06.2026
CVE-2026-9650 25.06.2026
CVE-2026-9651 25.06.2026
CVE-2026-9716 25.06.2026
CVE-2026-9717 25.06.2026
CVE-2026-9718 25.06.2026
CVE-2026-13222 Insufficient validation of payment status in pretix-oppwa 25.06.2026
CVE-2026-13223 Insufficient validation of payment status in pretix-computop 25.06.2026
CVE-2026-13225 Stored XSS in ticket confirmation page 25.06.2026
CVE-2026-13314 Stored XSS in pretix-digital 25.06.2026
CVE-2026-46735 25.06.2026 7.8
CVE-2026-49319 Alps Electric Co., Ltd. R53R0 Remote Keyless Entry System (RKES) Replay Attack 25.06.2026 6.5
CVE-2026-57234 Nokogiri: XML::Schema on JRuby allows network requests when NONET is set, bypassing CVE-2020-26247 25.06.2026 2.6
CVE-2026-57235 Nokogiri: Possible Out-of-Bounds Read in `Nokogiri::XML::NodeSet#[]` 25.06.2026
CVE-2026-57236 Nokogiri: Possible Use-After-Free when `Nokogiri::XML::Document#encoding=` raises an exception 25.06.2026
CVE-2026-57434 Nokogiri: Null Pointer Dereference calling methods on uninitialized wrapper classes 25.06.2026
CVE-2026-57435 Nokogiri: Possible Use-After-Free when setting an attribute value via `Nokogiri::XML::Attr#value=` or `#content=` 25.06.2026
CVE-2026-57436 Nokogiri: Possible Use-After-Free when setting `Document#root=` to an invalid node type 25.06.2026
CVE-2026-57437 Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime 25.06.2026
CVE-2026-57532 25.06.2026
CVE-2026-57533 25.06.2026
CVE-2026-57534 Stored XSS in pretix-pages 25.06.2026
CVE-2026-57535 25.06.2026
CVE-2026-57536 Insufficient validation of payment status in pretix-mollie 25.06.2026
CVE-2026-57587 SQL Injection in Nessus via Reverse DNS Lookup 25.06.2026 5.3
CVE-2026-57588 SQL Injection in Nessus via Malicious Scan Result File Import 25.06.2026 3.3
CVE-2026-6432 Improper bounds validation in EmberZNet SDK 25.06.2026
CVE-2026-12755 25.06.2026
CVE-2026-27366 WordPress MainWP Child plugin <= 6.1.1 - Broken Access Control vulnerability 25.06.2026 7.5
CVE-2026-2815 Incorrect use of the PUF key for user key generation in EFR32xG27 results in predictable keys 25.06.2026
CVE-2026-40012 Information about ECS zero scoped answers might leak to clients that use a specific ECS 25.06.2026 5.3
CVE-2026-41120 25.06.2026 9.8
CVE-2026-42387 Insufficient input validation in ZoneToCache 25.06.2026 5.9
CVE-2026-42388 Missing input validation for catalog zones 25.06.2026 5.9
CVE-2026-42389 Reject more queries with invalid header values 25.06.2026 5.3
CVE-2026-42390 ZONEMD validation can be bypassed 25.06.2026 5.3
CVE-2026-46732 25.06.2026 6.7
CVE-2026-46733 25.06.2026 7.8
CVE-2026-46734 25.06.2026 7.3
CVE-2026-47145 Color Control hue/saturation assertion abort in EmberZNet v9.0.2 25.06.2026
CVE-2026-47146 Color Control color-temperature assertion abort in EmberZNet v9.0.2 25.06.2026
CVE-2026-47147 OTA server raw parser missing per-field bounds validation in EmberZNet v9.0.2 25.06.2026
CVE-2026-47148 Groups GetGroupMembership count/list-length mismatch in EmberZNet v9.0.2 25.06.2026
CVE-2026-47149 Door Lock GetUserType invalid table index in EmberZNet v9.0.2 25.06.2026
CVE-2026-47150 IAS Zone enroll invalid table index and write in EmberZNet 9.0.2 25.06.2026
CVE-2026-47151 Door Lock ClearWeekdaySchedule invalid table index and write in EmberZNet v9.0.2 25.06.2026
CVE-2026-47152 Level Control Move divide-by-zero in EmberZNet v9.0.2 25.06.2026
CVE-2026-47153 Level Control Step With On/Off divide-by-zero in EmberZNet v9.0.2 25.06.2026
CVE-2026-47154 Simple Metering GetProfileResponse interval-bounds bug in EmberZNet v9.0.2 25.06.2026
CVE-2026-49506 25.06.2026 7.2
CVE-2026-4526 Global ZCL command parser missing minimum-length validation in EmberZNet v9.0.2 25.06.2026
CVE-2026-52690 Spoofed answers can mark an authoritative non-EDNS capable 25.06.2026 5.9
CVE-2026-54821 WordPress Visual Link Preview plugin <= 2.3.1 - Sensitive Data Exposure vulnerability 25.06.2026 7.4
CVE-2026-54822 WordPress SALESmanago & Leadoo plugin <= 3.11.2 - SQL Injection vulnerability 25.06.2026 8.5
CVE-2026-54823 WordPress Widget Options plugin <= 4.2.3 - Remote Code Execution (RCE) vulnerability 25.06.2026 9.9
CVE-2026-54828 WordPress Motors plugin <= 1.4.109 - Broken Access Control vulnerability 25.06.2026 7.5
CVE-2026-54829 WordPress WP Photo Album Plus plugin <= 9.1.13.005 - SQL Injection vulnerability 25.06.2026 7.5
CVE-2026-54830 WordPress Five Star Restaurant Reservations plugin <= 2.7.19 - Broken Access Control vulnerability 25.06.2026 7.5
CVE-2026-54836 WordPress Filter & Grids plugin <= 3.11.5 - SQL Injection vulnerability 25.06.2026 9.3
CVE-2026-54838 WordPress WC Vendors Marketplace plugin <= 2.6.8 - SQL Injection vulnerability 25.06.2026 8.5
CVE-2026-54841 WordPress Vitepos plugin <= 3.4.2 - Sensitive Data Exposure vulnerability 25.06.2026 7.5
CVE-2026-54842 WordPress Royal MCP plugin <= 1.4.25 - Broken Access Control vulnerability 25.06.2026 8.1
CVE-2026-54843 WordPress MDTF plugin <= 1.3.7 - SQL Injection vulnerability 25.06.2026 9.3
CVE-2026-54844 WordPress CheckView Automated Testing plugin <= 2.1.0 - Broken Access Control vulnerability 25.06.2026 7.5
CVE-2026-54845 WordPress MDTF plugin <= 1.3.8 - Local File Inclusion vulnerability 25.06.2026 8.1
CVE-2026-54848 WordPress APIExperts Square for WooCommerce plugin <= 4.7.3 - Sensitive Data Exposure vulnerability 25.06.2026 8.3
CVE-2026-54849 WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.11 - SQL Injection vulnerability 25.06.2026 9.3
CVE-2026-56005 WordPress WP Activity Log plugin <= 5.6.3.1 - Cross Site Scripting (XSS) vulnerability 25.06.2026 7.1
CVE-2026-56006 WordPress H5P plugin <= 1.17.6 - Reflected Cross Site Scripting (XSS) vulnerability 25.06.2026 7.1
CVE-2026-56013 WordPress License Manager for WooCommerce plugin <= 3.0.15 - Insecure Direct Object References (IDOR) vulnerability 25.06.2026 6.5
CVE-2026-56014 WordPress Master Slider plugin <= 3.11.2 - Cross Site Scripting (XSS) vulnerability 25.06.2026 7.1
CVE-2026-56023 WordPress UPI QR Code Payment Gateway for WooCommerce plugin <= 1.6.2 - Broken Access Control vulnerability 25.06.2026 5.4
CVE-2026-56042 WordPress Advanced Order Export For WooCommerce plugin <= 4.0.9 - Cross Site Scripting (XSS) vulnerability 25.06.2026 7.1
CVE-2026-56049 WordPress Post Snippets plugin <= 4.0.19 - Remote Code Execution (RCE) vulnerability 25.06.2026 8.5
CVE-2026-56050 WordPress PPOM for WooCommerce plugin <= 33.0.18 - Broken Access Control vulnerability 25.06.2026 6.5
CVE-2026-56051 WordPress TablePress plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability 25.06.2026 7.1
CVE-2026-56053 WordPress EventPrime plugin <= 4.3.4.1 - PHP Object Injection vulnerability 25.06.2026 8.8
CVE-2026-56054 WordPress JS Help Desk plugin <= 3.1.1 - Arbitrary File Deletion vulnerability 25.06.2026 7.7
CVE-2026-56071 WordPress Forminator plugin <= 1.53.1 - Cross Site Scripting (XSS) vulnerability 25.06.2026 7.1
CVE-2026-56122 Winstone Servlet Engine 0.9.10 Path Traversal via HTTP Request Paths 25.06.2026
CVE-2026-57429 WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability 25.06.2026 6.5
CVE-2026-57619 WordPress Elementor Website Builder plugin <= 4.1.3 - Sensitive Data Exposure vulnerability 25.06.2026 6.5
CVE-2026-33612 ZoneToCache can poison the cache 25.06.2026 7.5
CVE-2026-40011 Prometheus denial of service via crafted DNS queries 25.06.2026 3.7
CVE-2026-40208 Denial of service via DoH3 queries 25.06.2026 3.7
CVE-2026-40209 Denial of service via IXFR queries 25.06.2026 5.3
CVE-2026-40210 Out-of-bounds read in SetMacAddrAction 25.06.2026 4.8
CVE-2026-40211 Denial of service via crafted DoH3 queries 25.06.2026 5.3
CVE-2026-42004 EDNS options smuggling 25.06.2026 3.7
CVE-2026-42005 Insufficient input validation of internal web server 25.06.2026 4.3
CVE-2026-41566 Apache Kvrocks: Improper permission for the APPLYBATCH command 25.06.2026
CVE-2026-45188 Apache Kvrocks: Replication Fullsync Path Traversal via Unvalidated Filename Handling 25.06.2026
CVE-2026-46751 Apache Kvrocks: Does not remove the unsafe loadstring function from its Lua sandbox, allowing a user who can run EVAL scripts to load crafted, unvalidated bytecode that crashes the server process, resulting in a remote denial of service. 25.06.2026
CVE-2026-46752 Apache Kvrocks: Stack buffer overflow in Lua bit.tohex() 25.06.2026
CVE-2026-53131 netfilter: require Ethernet MAC header before using eth_hdr() 25.06.2026
CVE-2026-53132 vsock/virtio: fix potential unbounded skb queue 25.06.2026
CVE-2026-53133 RDMA/umem: Fix truncation for block sizes >= 4G 25.06.2026
CVE-2026-53134 netfilter: nft_fib: fix stale stack leak via the OIFNAME register 25.06.2026
CVE-2026-53135 drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs 25.06.2026
CVE-2026-53136 drm/amd/display: Clamp VBIOS HDMI retimer register count to array size 25.06.2026
CVE-2026-53137 drm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer size 25.06.2026
CVE-2026-53138 drm/amd/display: Bound VBIOS record-chain walk loops 25.06.2026
CVE-2026-53139 drm/v3d: Skip CSD when it has zeroed workgroups 25.06.2026
CVE-2026-53140 drm/v3d: Fix vaddr leak when indirect CSD has zeroed workgroups 25.06.2026
CVE-2026-53141 drm/v3d: Fix global performance monitor reference counting 25.06.2026
CVE-2026-53142 drm/xe/display: fix oops in suspend/shutdown without display 25.06.2026
CVE-2026-53143 drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 25.06.2026
CVE-2026-53144 drm/amdkfd: fix NULL dereference in get_queue_ids() 25.06.2026
CVE-2026-53145 drm/gem: Try to fix change_handle ioctl, attempt 4 25.06.2026
CVE-2026-53146 thunderbolt: Limit XDomain response copy to actual frame size 25.06.2026
CVE-2026-53147 thunderbolt: Validate XDomain request packet size before type cast 25.06.2026
CVE-2026-53148 thunderbolt: Clamp XDomain response data copy to allocation size 25.06.2026
CVE-2026-53149 thunderbolt: Bound root directory content to block size 25.06.2026
CVE-2026-53150 thunderbolt: Reject zero-length property entries in validator 25.06.2026
CVE-2026-53151 rxrpc: Fix the ACK parser to extract the SACK table for parsing 25.06.2026
CVE-2026-53152 mmc: dw_mmc-rockchip: Add missing private data for very old controllers 25.06.2026
CVE-2026-53153 mm/list_lru: drain before clearing xarray entry on reparent 25.06.2026
CVE-2026-53154 mm/hugetlb: restore reservation on error in hugetlb folio copy paths 25.06.2026
CVE-2026-53155 mm/huge_memory: use correct flags for device private PMD entry 25.06.2026
CVE-2026-53156 nvmem: core: fix use-after-free bugs in error paths 25.06.2026
CVE-2026-53157 net: phonet: free phonet_device after RCU grace period 25.06.2026
CVE-2026-53158 misc: fastrpc: Fix NULL pointer dereference in rpmsg callback 25.06.2026
CVE-2026-53159 misc: fastrpc: fix DMA address corruption due to find_vma misuse 25.06.2026
CVE-2026-53160 misc: fastrpc: fix use-after-free race in fastrpc_map_create 25.06.2026
CVE-2026-53161 misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context 25.06.2026
CVE-2026-53162 memcg: use round-robin victim selection in refill_stock 25.06.2026
CVE-2026-53163 locking/rtmutex: Skip remove_waiter() when waiter is not enqueued 25.06.2026
CVE-2026-53164 iommu/dma: Do not try to iommu_map a 0 length region in swiotlb 25.06.2026
CVE-2026-53165 iomap: avoid potential null folio->mapping deref during error reporting 25.06.2026
CVE-2026-53166 futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlock 25.06.2026
CVE-2026-53167 fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios 25.06.2026
CVE-2026-53168 fuse: reject fuse_notify() pagecache ops on directories 25.06.2026
CVE-2026-53169 accel/ethosu: reject NPU_OP_RESIZE commands from userspace 25.06.2026
CVE-2026-53170 accel/ethosu: reject DMA commands with uninitialized length 25.06.2026
CVE-2026-53171 accel/ethosu: fix arithmetic issues in dma_length() 25.06.2026
CVE-2026-53172 accel/ethosu: fix IFM region index out-of-bounds in command stream parser 25.06.2026
CVE-2026-53173 accel/ethosu: fix OOB write in ethosu_gem_cmdstream_copy_and_validate() 25.06.2026
CVE-2026-53174 ovl: keep err zero after successful ovl_cache_get() 25.06.2026
CVE-2026-53175 inet: frags: fix use-after-free caused by the fqdir_pre_exit() flush 25.06.2026
CVE-2026-53176 IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN 25.06.2026
CVE-2026-53177 bnxt_en: Fix NULL pointer dereference 25.06.2026
CVE-2026-53178 staging: rtl8723bs: rtw_mlme: add bounds checks before ie_length subtraction 25.06.2026
CVE-2026-53179 staging: rtl8723bs: fix buffer over-read in rtw_update_protection 25.06.2026
CVE-2026-53180 timers/migration: Fix livelock in tmigr_handle_remote_up() 25.06.2026
CVE-2026-53181 vsock/vmci: fix sk_ack_backlog leak on failed handshake 25.06.2026
CVE-2026-53182 wifi: nl80211: reject oversized EMA RNR lists 25.06.2026
CVE-2026-53183 mptcp: allow subflow rcv wnd to shrink 25.06.2026
CVE-2026-53184 udp: clear skb->dev before running a sockmap verdict 25.06.2026
CVE-2026-53185 zram: fix use-after-free in zram_bvec_write_partial() 25.06.2026
CVE-2026-53186 RDMA/srp: bound SRP_RSP sense copy by the received length 25.06.2026
CVE-2026-53187 RDMA/core: Validate cpu_id against nr_cpu_ids in DMAH alloc 25.06.2026
CVE-2026-53188 RDMA/core: Validate the passed in fops for ib_get_ucaps() 25.06.2026
CVE-2026-53189 mm/huge_memory: update file PMD counter before folio_put() 25.06.2026
CVE-2026-53190 drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait() 25.06.2026
CVE-2026-53191 io_uring/net: inherit IORING_CQE_F_BUF_MORE across bundle recv retries 25.06.2026
CVE-2026-53192 ALSA: timer: Fix UAF at snd_timer_user_params() 25.06.2026
CVE-2026-53193 ALSA: timer: Forcibly close timer instances at closing 25.06.2026
CVE-2026-53194 USB: serial: kl5kusb105: fix bulk-out buffer overflow 25.06.2026
CVE-2026-53195 USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() 25.06.2026
CVE-2026-53196 USB: serial: io_ti: fix heap overflow in get_manuf_info() 25.06.2026
CVE-2026-53197 xfrm: iptfs: fix ABBA deadlock in iptfs_destroy_state() 25.06.2026
CVE-2026-53198 ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL 25.06.2026
CVE-2026-53199 hv_netvsc: use kmap_local_page in netvsc_copy_to_send_buf 25.06.2026
CVE-2026-53200 KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX 25.06.2026
CVE-2026-53201 Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" 25.06.2026
CVE-2026-53202 accel/ivpu: Fix signed integer truncation in IPC receive 25.06.2026
CVE-2026-53203 accel/ivpu: Add buffer overflow check in MS get_info_ioctl 25.06.2026
CVE-2026-53204 firmware: stratix10-rsu: Fix NULL deref on rsu_send_msg() timeout in probe 25.06.2026
CVE-2026-53205 accel/ivpu: Add bounds checks for firmware log indices 25.06.2026
CVE-2026-53206 accel/ivpu: Add bounds check for firmware runtime memory 25.06.2026
CVE-2026-53207 mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison 25.06.2026
CVE-2026-53208 Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig 25.06.2026
CVE-2026-53209 Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend 25.06.2026
CVE-2026-53210 tee: shm: fix shm leak in register_shm_helper() 25.06.2026
CVE-2026-53211 netfilter: nft_meta_bridge: fix stale stack leak via IIFHWADDR register 25.06.2026
CVE-2026-53212 netfilter: nft_tunnel: fix use-after-free on object destroy 25.06.2026
CVE-2026-53213 drm/vc4: fix krealloc() memory leak 25.06.2026
CVE-2026-53214 ipv6: Fix a potential NPD in cleanup_prefix_route() 25.06.2026
CVE-2026-53215 net: mvpp2: refill RX buffers before XDP or skb use 25.06.2026
CVE-2026-53216 net: mvpp2: limit XDP frame size to the RX buffer 25.06.2026
CVE-2026-53217 net: mvpp2: sync RX data at the hardware packet offset 25.06.2026
CVE-2026-53218 netfilter: nft_exthdr: fix register tracking for F_PRESENT flag 25.06.2026
CVE-2026-53219 netfilter: x_tables: avoid leaking percpu counter pointers 25.06.2026
CVE-2026-53220 netfilter: revalidate bridge ports 25.06.2026
CVE-2026-53221 ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup() 25.06.2026
CVE-2026-53222 ptp: ocp: fix resource freeing order 25.06.2026
CVE-2026-53223 net: guard timestamp cmsgs to real error queue skbs 25.06.2026
CVE-2026-53224 sctp: validate embedded INIT chunk and address list lengths in cookie 25.06.2026
CVE-2026-53225 sctp: fix uninit-value in __sctp_rcv_asconf_lookup() 25.06.2026
CVE-2026-53226 gpio: rockchip: fix generic IRQ chip leak on remove 25.06.2026
CVE-2026-53227 net: openvswitch: fix possible kfree_skb of ERR_PTR 25.06.2026
CVE-2026-53228 ipv6: sit: reload inner IPv6 header after GSO offloads 25.06.2026
CVE-2026-53229 net/mlx5e: xsk: Fix DMA and xdp_frame leak on XDP_TX xmit failure 25.06.2026
CVE-2026-53230 net/mlx5: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list 25.06.2026
CVE-2026-53231 net: phy: don't try to setup PHY-driven SFP cages when using genphy 25.06.2026
CVE-2026-53232 net: phy: clean the sfp upstream if phy probing fails 25.06.2026
CVE-2026-53233 netdev: fix double-free in netdev_nl_bind_rx_doit() 25.06.2026
CVE-2026-53234 net: ibm: emac: Fix use-after-free during device removal 25.06.2026
CVE-2026-53235 net: add pskb_may_pull() to skb_gro_receive_list() 25.06.2026
CVE-2026-53236 tcp: restrict SO_ATTACH_FILTER to priv users 25.06.2026
CVE-2026-53237 gpio: mvebu: fix NULL pointer dereference in suspend/resume 25.06.2026
CVE-2026-53238 netlabel: validate unlabeled address and mask attribute lengths 25.06.2026
CVE-2026-53239 xfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx() 25.06.2026
CVE-2026-53240 xfrm: iptfs: fix use-after-free on first_skb in __input_process_payload 25.06.2026
CVE-2026-53241 ALSA: seq: dummy: fix UMP event stack overread 25.06.2026
CVE-2026-53242 ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams 25.06.2026
CVE-2026-53243 rseq: Fix using an uninitialized stack variable in rseq_exit_user_update() 25.06.2026
CVE-2026-53244 VFS: fix possible failure to unlock in nfsd4_create_file() 25.06.2026
CVE-2026-53245 net/802/mrp: fix vector attribute parsing in mrp_pdu_parse_vecattr 25.06.2026
CVE-2026-53246 sctp: validate cached peer INIT chunk length in COOKIE_ECHO processing 25.06.2026
CVE-2026-53247 net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst teardown 25.06.2026
CVE-2026-53248 net: airoha: Fix use-after-free in metadata dst teardown 25.06.2026
CVE-2026-53249 ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options 25.06.2026
CVE-2026-53250 xsk: cache csum_start/csum_offset to fix TOCTOU in xsk_skb_metadata() 25.06.2026
CVE-2026-53251 Bluetooth: ISO: Fix not releasing hdev reference on iso_conn_big_sync 25.06.2026
CVE-2026-53252 Bluetooth: fix memory leak in error path of hci_alloc_dev() 25.06.2026
CVE-2026-53253 Bluetooth: bnep: reject short frames before parsing 25.06.2026
CVE-2026-53254 Bluetooth: RFCOMM: validate skb length in MCC handlers 25.06.2026
CVE-2026-53255 Bluetooth: MGMT: validate advertising TLV before type checks 25.06.2026
CVE-2026-53256 Bluetooth: RFCOMM: hold listener socket in rfcomm_connect_ind() 25.06.2026
CVE-2026-53257 wifi: cfg80211: enforce HE/EHT cap/oper consistency 25.06.2026
CVE-2026-53258 wifi: fix leak if split 6 GHz scanning fails 25.06.2026
CVE-2026-53259 ipv6: anycast: insert aca into global hash under idev->lock 25.06.2026
CVE-2026-53260 tcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req(). 25.06.2026
CVE-2026-53261 devlink: Release nested relation on devlink free 25.06.2026
CVE-2026-53262 l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl() 25.06.2026
CVE-2026-53263 6lowpan: fix off-by-one in multicast context address compression 25.06.2026
CVE-2026-53264 net/sched: act_api: use RCU with deferred freeing for action lifecycle 25.06.2026
CVE-2026-53265 dm cache policy smq: check allocation under invalidate lock 25.06.2026
CVE-2026-53266 netfilter: bridge: make ebt_snat ARP rewrite writable 25.06.2026
CVE-2026-53267 netfilter: nft_ct: bail out on template ct in get eval 25.06.2026
CVE-2026-53268 netfilter: conntrack_irc: fix possible out-of-bounds read 25.06.2026
CVE-2026-53269 netfilter: synproxy: add mutex to guard hook reference counting 25.06.2026
CVE-2026-53270 ipvs: clear the svc scheduler ptr early on edit 25.06.2026
CVE-2026-53271 ksmbd: fix NULL-deref of opinfo->conn in oplock/lease break notifiers 25.06.2026
CVE-2026-53272 erofs: fix use-after-free on sbi->sync_decompress 25.06.2026
CVE-2026-53273 tee: optee: prevent use-after-free when the client exits before the supplicant 25.06.2026
CVE-2026-53274 net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS 25.06.2026
CVE-2026-53275 ipv6: mcast: Fix use-after-free when processing MLD queries 25.06.2026
CVE-2026-53276 Bluetooth: ISO: Fix a use-after-free of the hci_conn pointer 25.06.2026
CVE-2026-53277 KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation 25.06.2026
CVE-2026-54226 Apache Kvrocks: RESTORE IntSet Integer Overflow Leads to Remote DoS 25.06.2026
CVE-2026-56091 Apache Shiro: Authentication bypass in Guice-Web integration 25.06.2026
CVE-2026-56130 Apache Shiro: Remember-me cookie isn't checked for expiry on the server 25.06.2026
CVE-2026-12937 Tourfic <= 2.22.7 - Unauthenticated SQL Injection via 'post_id' Parameter 25.06.2026 7.5
CVE-2026-56129 25.06.2026 5.5
CVE-2026-10824 Masteriyo LMS < 2.2.1 - Unauthenticated Course Progress Disclosure and Deletion 25.06.2026
CVE-2026-12244 Heap overflow and crash with crafted SVCB RR 25.06.2026
CVE-2026-12245 Denial of DNS over TLS service by any DoT client 25.06.2026
CVE-2026-12246 Out of bounds stack write with crafted APL RR 25.06.2026
CVE-2026-12490 Bypass of client certificate verification with transfer over TLS 25.06.2026
CVE-2026-5305 Email Address Encoder (Free < 1.0.25, Premium < 0.3.12) - Unauthenticated Stored XSS 25.06.2026
CVE-2026-9702 InPost PL < 1.9.1 - Unauthenticated WooCommerce Order Parcel-Locker Hijacking 25.06.2026
CVE-2026-0934 Incorrect Authorization in GitLab 25.06.2026 3.8
CVE-2026-10086 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab 25.06.2026 8.7
CVE-2026-10712 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab 25.06.2026 8
CVE-2026-11379 Incorrect Authorization in GitLab 25.06.2026 5.3
CVE-2026-12053 Insertion of Sensitive Information into Log File in GitLab 25.06.2026 8.6
CVE-2026-12635 Reliance on Reverse DNS Resolution for a Security-Critical Action in GitLab 25.06.2026 0
CVE-2026-13311 shell-quote parse() is quadratic in token count, enabling denial of service 25.06.2026
CVE-2026-1606 Improper Control of Generation of Code ('Code Injection') in GitLab 25.06.2026 4.3
CVE-2026-2238 Missing Authorization in GitLab 25.06.2026 5.3
CVE-2026-3176 Missing Authorization in GitLab 25.06.2026 3.1
CVE-2026-5309 Authorization Bypass Through User-Controlled Key in GitLab 25.06.2026 5.4
CVE-2026-5796 Incorrect Authorization in GitLab 25.06.2026 4.3
CVE-2026-5952 Incorrect Authorization in GitLab 25.06.2026 4.3
CVE-2026-8330 Insertion of Sensitive Information into Log File in GitLab 25.06.2026 4.4
CVE-2026-10833 Gutenberg Essential Blocks - Page Builder for Gutenberg Blocks & Patterns <= 6.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'configurablePrefix' Block Attribute 25.06.2026 6.4
CVE-2026-12077 Dokan Pro <= 5.0.4 - Unauthenticated SQL Injection via 'latitude' and 'longitude' Parameters 25.06.2026 7.5
CVE-2026-12079 Dokan Pro <= 5.0.4 - Authenticated (Subscriber+) SQL Injection via 'orderby' Parameter 25.06.2026 6.5
CVE-2026-2508 Gravity Forms Booking <= 2.7.1 - Authenticated (Subscriber+) Time-Based SQL Injection via 'staff_id' 25.06.2026 6.5
CVE-2026-8658 OS Command Injection in Rapid7 InsightConnect Tcpdump Plugin 25.06.2026 6
CVE-2026-8662 Path Traversal in Rapid7 InsightConnect Compression Plugin 25.06.2026 3.3
CVE-2026-8592 OS Command Injection in Rapid7 InsightConnect AWK Plugin 25.06.2026 7.7
CVE-2026-8660 OS Command Injection in Rapid7 InsightConnect Ping Plugin 25.06.2026 7.7
CVE-2026-8664 OS Command Injection in Rapid7 InsightConnect Finger Plugin 25.06.2026 6
CVE-2026-8665 OS Command Injection in Rapid7 InsightConnect Translate Plugin 25.06.2026 7.7
CVE-2026-8666 OS Command Injection in Rapid7 InsightConnect Traceroute Plugin 25.06.2026 7.7
CVE-2026-57589 25.06.2026 7.4
CVE-2026-9153 Arbitrary File Read in Rapid7 InsightConnect Sed Plugin 25.06.2026 6.5
CVE-2026-9154 Arbitrary File Write in Rapid7 InsightConnect Sed Plugin 25.06.2026 7.1
CVE-2026-9155 OS Command Injection in Rapid7 InsightConnect Sed Plugin via expression parameter. 25.06.2026 8.8
CVE-2026-8659 OS Command Injection in Rapid7 InsightConnect SQLmap Plugin 25.06.2026 6
CVE-2026-8663 OS Command Injection in Rapid7 InsightConnect RPM Plugin 25.06.2026 6
CVE-2025-60466 25.06.2026
CVE-2025-60473 25.06.2026
CVE-2026-39951 Cacti: Stored SQL Injection via graph_name_regexp in Reports feature 24.06.2026 7.6
CVE-2026-40079 Cacti: Command Injection via escape_command() no-op in RRDtool execution 24.06.2026
CVE-2026-7569 Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability 25.06.2026
CVE-2026-7570 Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9780 Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability 25.06.2026
CVE-2026-9781 Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9782 Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9783 Quest NetVault Backup NVBURemovableMedia SQL Injection Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9784 Quest NetVault Backup NVBULibraryPort SQL Injection Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9785 Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9786 Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9787 Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability 25.06.2026
CVE-2025-60467 25.06.2026
CVE-2025-60474 25.06.2026
CVE-2026-39948 Cacti has SQL Injection via rfilter parameter in RLIKE clauses 25.06.2026
CVE-2026-39955 Cacti has Pre-Authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php 25.06.2026 9.8
CVE-2025-8106 24.06.2026
CVE-2026-39899 Cacti: Path Traversal via filename parameter in package_import.php 24.06.2026
CVE-2026-39900 Cacti: Reflected XSS via tab parameter in auth_profile.php JavaScript context 25.06.2026
CVE-2026-39938 Cacti: Unauthenticated RCE on Graph Image 25.06.2026 9.8
CVE-2025-60468 25.06.2026
CVE-2026-2050 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability 25.06.2026
CVE-2026-39893 Cacti: Pre-authentication SQL injection via rfilter RLIKE clause in graph_view.php 25.06.2026 9.8
CVE-2026-39894 Cacti: RRDtool metric shift via LC_NUMERIC locale comma decimal formatting 25.06.2026 2.9
CVE-2026-39897 Cacti has a Reflected XSS Vulnerability via html_auth_footer 25.06.2026
CVE-2026-49979 Appsmith: SSRF via `POST /api/v1/admin/send-test-email` — JavaMail Bypasses WebClient IP Filter 24.06.2026
CVE-2026-10043 MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability 25.06.2026
CVE-2026-10642 Unbounded TX busy-loop DoS in Zephyr PL011 UART driver under CTS hardware flow control 25.06.2026 6.5
CVE-2026-47093 24.06.2026
CVE-2026-47110 Tiptap for PHP < 2.1.1 DoS via Malformed href Attribute 24.06.2026
CVE-2026-50189 Appsmith: RCE via Supervisord XML-RPC Admin Interface Exposed via /supervisor Caddy Route 25.06.2026
CVE-2026-50551 SiYuan: Stored XSS to RCE via Unsanitized Attribute View Asset Cell Content 25.06.2026 9.9
CVE-2026-52794 Sentry: Inefficient Regular Expression Complexity in sentry 25.06.2026 7.5
CVE-2026-53765 chrome-devtools-mcp: daemon.pid write follows symlinks in /tmp fallback runtime directory 24.06.2026 6.1
CVE-2026-53766 chrome-devtools-mcp: validatePath() does not canonicalize symlinks before enforcing roots 24.06.2026 6.1
CVE-2026-54066 SiYuan: Path Traversal via Double URL Encoding in /assets/*path (publish mode arbitrary file─read) 25.06.2026 7.5
CVE-2026-54067 SiYuan: Stored XSS to RCE via CSS-snippet <style> breakout in renderSnippet() 25.06.2026 9.9
CVE-2026-54068 SiYuan: Unauthenticated SQLite Data Exfiltration via Template Injection in /api/icon/getDynamicIcon 25.06.2026 5.9
CVE-2026-54069 SiYuan: Unauthenticated Admin API Access via Blanket chrome-extension:// Origin Allowlist 25.06.2026
CVE-2026-54070 SiYuan: Stored XSS in Bazaar marketplace via package README event handlers 24.06.2026 7.1
CVE-2026-54158 SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML() 24.06.2026 9.9
CVE-2026-54759 SiYuan: Lute HTML sanitizer allows `<iframe>` tags in Bazaar package README, leading to arbitrary command execution via SiYuan Electron client 25.06.2026
CVE-2026-55454 Appsmith: Caddy admin API exposed without authentication 25.06.2026 9.9
CVE-2026-55455 Appsmith: SSRF in REST API / GraphQL datasource plugins via insufficient host denylist 25.06.2026
CVE-2026-55570 SiYuan: Stored XSS results to Electron RCE in SiYuan marketplace via unescaped `data-obj` attribute (Bypass for CVE-2026-45375's patch) 25.06.2026 9
CVE-2026-55666 Rocket.Chat: Email Parameter Fallback Leads To Account Takeover Within Apple OAuth 24.06.2026
CVE-2026-55759 Rocket.Chat: Apple Sign-In skips JWT claims validation, allowing expired and cross-audience token replay 24.06.2026 7.4
CVE-2026-55762 Rocket.Chat: Any Authenticated User Can Permanently Deregister Workspace from Rocket.Chat Cloud via Unprotected `/api/v1/fingerprint` Endpoint 25.06.2026 8.1
CVE-2026-9772 Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9773 Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9774 ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability 25.06.2026
CVE-2026-9775 ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability 25.06.2026
CVE-2026-9776 ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability 25.06.2026
CVE-2026-9777 ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9778 ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability 25.06.2026
CVE-2026-9779 ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability 25.06.2026
CVE-2026-11998 AngularJS XSS via SCE resource URL sanitization bypass 25.06.2026 7.6
CVE-2026-13201 Kubevirt: virt-handler-rhel9: kubevirt: safepath openatnofollow symlink following via /proc/self/fd allows host file metadata modification 24.06.2026
CVE-2026-13208 Kubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts vmi identity from unauthenticated grpc request body 25.06.2026
CVE-2026-31978 motionEye: Arbitrary File Read via Path Traversal in Picture/Movie Preview Endpoint 24.06.2026 6.5
CVE-2026-32315 motionEye: World-Readable Configuration File Exposes Admin Password Hash 25.06.2026 5.5
CVE-2026-33235 AutoGPT: Denial of Service (DoS) via Resource Exhaustion in text templating features 24.06.2026 7.7
CVE-2026-33543 FOSSBilling: Authentication bypass allows unauthenticated administrator creation 25.06.2026
CVE-2026-45677 Rocket.Chat: Lack of SAML Signature Check During Logout Could Lead To DoS 25.06.2026
CVE-2026-45687 Rocket.Chat: Authenticated Arbitrary Data Export Theft via Mass Assignment in sendFileMessage 24.06.2026 8.5
CVE-2026-45688 Rocket.Chat: Pre-Auth NoSQL Injection in CAS Login Handler leading to Arbitrary CAS/SAML User Session Hijack 24.06.2026 9.1
CVE-2026-45689 Rocket.Chat: Pre-Auth NoSQL Injection in OAuth2 Token Endpoint leading to Arbitrary User ATO 25.06.2026 9.1
CVE-2026-45757 Rocket.Chat: users.deactivateIdle` deactivates accounts without revoking existing login tokens 25.06.2026
CVE-2026-46423 Rocket.Chat: SAML signature validation skipped when IdP certificate field is empty 25.06.2026
CVE-2026-47733 Rocket.Chat: Missing URL protocol sanitization in ImageElement allows javascript: URLs in markdown images 25.06.2026 4.4
CVE-2026-49277 Rocket.Chat: OAuth access and refresh tokens remain valid after account deactivation 24.06.2026
CVE-2026-49278 Rocket.Chat: Livechat Visitor Profile Disclosure Leaks Bearer Token and Enables Visitor Impersonation 24.06.2026 6.7
CVE-2026-52797 Gogs: Overwriting critical files results in a denial of service 25.06.2026 8.5
CVE-2026-52808 Gogs: Write-level collaborators can mutate admin-only repository settings via API 25.06.2026 7.1
CVE-2026-52809 Gogs: Password-reset tokens use account-activation lifetime, ignoring RESET_PASSWORD_CODE_LIVES 25.06.2026 6.8
CVE-2026-52810 Gogs: Write to readonly repositories using receive-pack + service=git-upload-pack confusion 25.06.2026
CVE-2026-52811 Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym 24.06.2026
CVE-2026-52812 Gogs: LFS dedupe path leaks private repo content across tenants 24.06.2026
CVE-2026-52813 Gogs: Path Traversal in organization name results in RCE through Git hooks 25.06.2026 10
CVE-2025-64719 Gogs: Denial of Service in repository/wiki file listing web pages 24.06.2026 4.9
CVE-2026-1840 Missing authentication for critical function in Hubbell Aclara Metrum Cellular Web Interface 25.06.2026
CVE-2026-25119 Gogs: Authentication Bypass via Unvalidated Reverse Proxy Headers 24.06.2026
CVE-2026-47267 Gogs: SSRF in webhook deliveries 25.06.2026 8.3
CVE-2026-50128 Mastodon: Spoofing of attribution domains 25.06.2026 5.3
CVE-2026-50129 Mastodon: Persistent anonymous DoS via unhandled NoMethodError in MATH_TRANSFORMER 25.06.2026 7.5
CVE-2026-52795 Gogs: Authorization Bypass in Watch API allows any user to monitor private repository activity 25.06.2026 4.3
CVE-2026-52796 Gogs: DoS in rendering issue index pattern 24.06.2026 3.5
CVE-2026-52798 Gogs: Stored XSS in `.ipynb` Preview 24.06.2026 8.9
CVE-2026-52799 Gogs: Missing Authorization in Attachment Download 25.06.2026 7.5
CVE-2026-52800 Gogs: CSRF Leading to Organization Owner Takeover 25.06.2026 8.8
CVE-2026-52801 Gogs: Ability to import local repositories via Mirror Settings 25.06.2026 8.1
CVE-2026-52802 Gogs: Open Redirect via redirect_to in Gogs 24.06.2026 5.4
CVE-2026-52804 Gogs: Privilege Escalation via Collaboration Access Mode Validation 24.06.2026
CVE-2026-52805 Gogs: Migration Redirect Bypass Leads to Internal Repository Theft 24.06.2026 8.7
CVE-2026-52806 Gogs: RCE via git rebase --exec argument injection in pull request merge 25.06.2026 9.9
CVE-2026-52807 Gogs: DOM-based XSS via Milestone Name on New Issue Page 25.06.2026
CVE-2026-52814 Gogs: Unauthenticated Asymmetric Denial of Service (DoS) via SSH Handshake Stall (File Descriptor Exhaustion) 25.06.2026
CVE-2026-52815 Gogs: Unauthenticated Organization Teams Information Disclosure via API 25.06.2026
CVE-2026-52816 Gogs: Unauthenticated Jupyter Notebook (ipynb) Sanitizer allows arbitrary data: URIs leading to XSS 24.06.2026
CVE-2026-7539 HP Dock Accessory WMI Provider Installer Security Update 25.06.2026
CVE-2026-23879 py7zr: Arbitrary File Write Vulnerability 24.06.2026 8
CVE-2026-27708 FOSSBilling: IDOR in Servicecustom Client API allows cross-client data access 24.06.2026
CVE-2026-46348 Mastodon: SSRF Bypass via IPv6 Unspecified Address (::) 24.06.2026
CVE-2026-46349 Mastodon: LD-Signature Bypass via JSON-LD Named-Graph Restructuring 25.06.2026 5.3
CVE-2026-47389 Mastodon: SSRF protection bypass on older Ruby versions 24.06.2026 8.6
CVE-2026-48028 Mastodon: Removal of integrity-protected JSON entries from signed activities 25.06.2026 6.5
CVE-2026-55583 Twenty: Cross-workspace IDOR in AgentTurnResolver 24.06.2026 7.6
CVE-2025-60471 24.06.2026
CVE-2026-13021 24.06.2026
CVE-2026-13022 24.06.2026
CVE-2026-13023 24.06.2026
CVE-2026-13024 24.06.2026
CVE-2026-13025 25.06.2026
CVE-2026-13026 25.06.2026
CVE-2026-13027 25.06.2026
CVE-2026-13028 25.06.2026
CVE-2026-13029 25.06.2026
CVE-2026-13030 24.06.2026
CVE-2026-13031 25.06.2026
CVE-2026-13032 25.06.2026
CVE-2026-13033 25.06.2026
CVE-2026-13034 24.06.2026
CVE-2026-13035 24.06.2026
CVE-2026-13036 25.06.2026
CVE-2026-13037 25.06.2026
CVE-2026-13038 25.06.2026
CVE-2026-12760 Denial-of-Service Vulnerability via Malformed IPv4 Fragmentation Handling in TP-Link Tapo C200 24.06.2026
CVE-2026-48793 Jellyfin: Potential FFmpeg argument injection via unescaped subtitle file path 24.06.2026 8.8
CVE-2026-49220 Jellyfin: Potential XSS in user management 24.06.2026 5.7
CVE-2026-49246 Jellyfin: Potential MKV attachment filename path traversal to RCE 24.06.2026
CVE-2026-49247 Jellyfin: Potential Authenticated path traversal in /ClientLog/Document 24.06.2026 8.8
CVE-2026-49980 Rclone: Unauthenticated command execution in `rclone rcd --rc-serve` via inline remote instantiation, bypassing CVE-2026-41179 fix 25.06.2026 9.8
CVE-2026-53943 Ghost: Cache-poisoning XSS in Ghost frontend via x-ghost-preview header 24.06.2026 9.6
CVE-2026-53944 Ghost: Private IP filtering bypass to make server-side requests to internal services 24.06.2026 5.8
CVE-2026-53945 Ghost: Server-side request forgery via DNS rebinding in external request handling 25.06.2026 4
CVE-2026-53946 Ghost: Mobiledoc image-size fetch SSRF 24.06.2026 5.4
CVE-2026-53947 Ghost: Member existence leak via magic link sign-in response 24.06.2026 5.3
CVE-2026-53948 Ghost: File Upload Content-Type Spoofing 25.06.2026 5.4
CVE-2026-53949 Ghost Content API filter bypass reveals private fields 24.06.2026 5.3
CVE-2026-53950 @tryghost/activitypub: XSS in Ghost's ActivityPub client 24.06.2026 7.5
CVE-2026-44016 Docling: Unsafe Playwright-based HTML Rendering 24.06.2026 8.2
CVE-2026-44017 Docling: Unsafe Zip Extraction in EasyOCR Model Download 24.06.2026 7.5
CVE-2026-44020 Docling: Unsafe XML Entity Expansion in USPTO Patent Backend 24.06.2026 7.5
CVE-2026-44022 Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands 25.06.2026 5.5
CVE-2026-48703 Warp: Command Injection via Warp code search tool arguments 24.06.2026 7.8
CVE-2026-48704 Warp Markdown notebook links may open executable local files 24.06.2026 8.8
CVE-2026-48719 Warp branch selector command injection via Git branch names 24.06.2026 8
CVE-2026-48720 Warp: SSH remote output can lead to local file overwrite and persistence 24.06.2026 8.8
CVE-2026-48721 Warp: Env-var prefixes can lead to denylisted command autoexecution 24.06.2026 8.6
CVE-2026-48731 Warp: Linux external editor command injection 24.06.2026 7.8
CVE-2026-48732 Warp: Remote SSH cwd can lead to unauthorized remote command execution 24.06.2026 8.8
CVE-2026-54686 Warp: DCS lifecycle hook spoofing can alter terminal session metadata 24.06.2026 4.3
CVE-2026-54699 Warp: OS command injection when opening terminal links from WSL 25.06.2026 7.7