CVE Field Guide

Critical CVEs

CVE	Title	Updated	Score
CVE-2026-9862	Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability	15.06.2026	9.8
CVE-2018-25436	WordPress Plugin Baggage Freight Shipping Australia 0.1.0 Arbitrary File Upload	15.06.2026	9.3
CVE-2026-52704	WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability	15.06.2026	10
CVE-2026-49757	OAuth2/OIDC account takeover in AshAuthentication via email-based user matching	15.06.2026	9.2
CVE-2026-5482	Remote Code Execution via Unrestricted File Upload in Responsive FileManager	15.06.2026	9.3
CVE-2026-12183		13.06.2026	9.3
CVE-2026-11624		13.06.2026	9.4
CVE-2026-46716	Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron	12.06.2026	9.9
CVE-2026-53519	Nezha Monitoring: Pre-auth path traversal via /dashboard.. prefix confusion leaks jwt_secret_key	12.06.2026	9.1
CVE-2026-53609	Apostrophe has Server-Side Prototype Pollution in apos.util.set via patch operators that leads to process-wide authorization bypass	12.06.2026	9.1
CVE-2026-44990	Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`	15.06.2026	9.3
CVE-2026-28742	Naxclow IoT Platform Use of hard-coded cryptographic key	12.06.2026	9.2
CVE-2026-50101	Naxclow IoT Platform Not using password aging	12.06.2026	9.2
CVE-2026-48558	SimpleHelp Authentication Bypass via Missing OIDC JWT Signature Verification	13.06.2026	9.5
CVE-2026-45833		12.06.2026	9.4
CVE-2026-50083	Aqara hardcoded OAuth client credentials	12.06.2026	9.1
CVE-2026-50084	Aqara API cross-account access	12.06.2026	9.6
CVE-2026-50086	Aqara unauthenticated AES oracle	12.06.2026	10
CVE-2026-50090	Aqara OAuth redirect_uri validation bypass	12.06.2026	9.3
CVE-2026-50091	Aqara Home Android SDK hardcoded keys	12.06.2026	9.1
CVE-2026-10557	Yarbo Android/iOS Mobile Application and Cloud Infrastructure Use of Hard-coded Credentials	12.06.2026	9.3
CVE-2026-47131	vm2: Sandbox Escape	13.06.2026	10
CVE-2026-47137	vm2: GHSA-8hg8-63c5-gwmx patch bypass: nesting:true without explicit require still allows full RCE	13.06.2026	10
CVE-2026-47140	vm2: NodeVM builtin denylist bypass via process and inspector/promises allows host code execution	13.06.2026	10
CVE-2026-47208	vm2: Sandbox Breakout Using Promise Species	13.06.2026	10
CVE-2026-47210	vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass	13.06.2026	9.8
CVE-2026-53787	Amasty Order Attributes for Magento 2 < 4.0.0 Unauthenticated Arbitrary File Upload	13.06.2026	9.3
CVE-2026-54133	jmespath.php has CompilerRuntime code injection via unescaped function names	12.06.2026	9.8
CVE-2026-6853	OTP Bypass in Başbelen Group's Pause+ Mobile App	12.06.2026	9.8
CVE-2026-11849	IEI Integration Corp｜iRM-IEI Remote Management - Hard-coded Credentials	12.06.2026	9.3
CVE-2026-11535		12.06.2026	9.4
CVE-2026-47365		12.06.2026	9.9
CVE-2026-47367		12.06.2026	9.9
CVE-2026-47369		13.06.2026	9.9
CVE-2026-47370		13.06.2026	9.9
CVE-2026-48611		12.06.2026	9.8
CVE-2026-42846	ClipBucket: Remote Play URL Command Injection	12.06.2026	9.8
CVE-2026-45060	ClipBucket: Blind SQL Injection in progress_video.php	12.06.2026	9.8
CVE-2026-39494	WordPress Product Filter by WBW plugin <= 3.1.2 - SQL Injection vulnerability	12.06.2026	9.3
CVE-2026-42647	WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability	12.06.2026	9.3
CVE-2026-49060	WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Privilege Escalation vulnerability	12.06.2026	9.8
CVE-2026-41005	UAA accepts SAML Encrypted Assertions authentication bypass	13.06.2026	9
CVE-2026-49973	Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings	13.06.2026	9.2
CVE-2026-45177	Idira Secrets Manager SaaS Edge: Authentication Bypass of an internal validation mechanism	11.06.2026	9.1
CVE-2026-47172	Quest Bot: Untrusted pull request code can be built and deployed by privileged `workflow_run` deployment.	11.06.2026	9.5
CVE-2026-47174	Duck Site: Untrusted pull request code can trigger privileged production deployment	11.06.2026	9.5
CVE-2026-49261	MariaDB server has unsafe parameter handling in `wsrep_notify_cmd`	12.06.2026	10
CVE-2026-11839	Arbitrary File Upload in Basarsoft's Rotaban	11.06.2026	9.9
CVE-2026-11561	SSTI in Soagen Informatics' Apinizer	12.06.2026	9.8
CVE-2026-7852	Unrestricted File Upload in Limatek's LimRAD NAC	11.06.2026	9.8
CVE-2026-4764	Privilege Escalation in Dialogflow CX via Playbook Import	11.06.2026	9.4
CVE-2026-35273		13.06.2026	9.8
CVE-2026-46695	BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files	11.06.2026	10
CVE-2026-46703	BoxLite: Path Traversal Vulnerability in boxlite Leads to Arbitrary File Write on the Host	11.06.2026	9.6
CVE-2026-20253	Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise	11.06.2026	9.8
CVE-2026-46614	Fission router exposes /fission-function/<ns>/<name> on its public listener, allowing invocation of any function without an HTTPTrigger	11.06.2026	9.8
CVE-2026-50545	Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover	12.06.2026	9.9
CVE-2026-50563	Fission Container Executor Function PodSpec Injection Leading to Node Escape	12.06.2026	9.9
CVE-2026-50564	Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape	12.06.2026	9.9
CVE-2026-50566	Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation	12.06.2026	9.9
CVE-2026-45550	Roxy-WI: IDOR on PUT /smon/check — any user can rewrite any tenant's monitoring URL/IP/body	10.06.2026	9.1
CVE-2026-45552	Roxy-WI: Cross-tenant authorization bypass on /install/* — guest can run Ansible / SSH on every registered server	10.06.2026	9.9
CVE-2026-45556	Roxy-WI: Authenticated arbitrary file write on every managed load balancer (and downstream RCE) via WAF rule save `config_file_name`	10.06.2026	9.9
CVE-2026-45558	Roxy-WI: Authenticated RCE on every managed HAProxy load balancer via `option` field config injection in section save	10.06.2026	9.9
CVE-2026-53469	Migration-planner: unprotected delete endpoint wipes all tenant data	10.06.2026	9.1
CVE-2026-53470	Migration-planner: getsourcedownloadurl missing organization check	10.06.2026	9.6
CVE-2026-53471	Migration-planner: agent api ignores jwt source_id claim	10.06.2026	9.6
CVE-2026-53474	Migration-planner: second-order sql injection via rvtools upload	10.06.2026	9.6
CVE-2026-53475	Assisted-migration-agent: tls verification disabled on all vcenter connections	10.06.2026	9.3
CVE-2026-53476	Assisted-migration-agent: vddk tarball chained-symlink arbitrary file write	10.06.2026	9.6
CVE-2025-6254	Doctreat Core <= 1.6.8 - Unauthenticated Privilege Escalation	10.06.2026	9.8
CVE-2025-66276	QTS	10.06.2026	9.2
CVE-2026-45328	ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers	10.06.2026	9.3
CVE-2026-44963		10.06.2026	9.4
CVE-2026-47928	ColdFusion \| Improper Input Validation (CWE-20)	11.06.2026	9.6
CVE-2026-47938	Adobe Campaign Classic (ACC) \| Server-Side Request Forgery (SSRF) (CWE-918)	10.06.2026	10
CVE-2026-48303	Adobe Campaign Classic (ACC) \| Incorrect Authorization (CWE-863)	10.06.2026	10
CVE-2026-34691	Adobe Experience Manager Forms JEE \| Cross-site Scripting (Stored XSS) (CWE-79)	09.06.2026	9.3
CVE-2026-26142	Nuance PowerScribe Remote Code Execution Vulnerability	10.06.2026	9.8
CVE-2026-42904	Windows TCP/IP Elevation of Privilege Vulnerability	10.06.2026	9.6
CVE-2026-44815	DHCP Client Service Remote Code Execution Vulnerability	10.06.2026	9.8
CVE-2026-45602	Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability	10.06.2026	9.1
CVE-2026-45657	Windows Kernel Remote Code Execution Vulnerability	10.06.2026	9.8
CVE-2026-47281	Visual Studio Code Elevation of Privilege Vulnerability	10.06.2026	9.6
CVE-2026-47291	HTTP.sys Remote Code Execution Vulnerability	10.06.2026	9.8
CVE-2026-47643	Azure Stack Edge Remote Code Execution Vulnerability	10.06.2026	9.8
CVE-2026-49840	FreeSWITCH: Pre-authentication heap buffer overflow in libesl `Content-Length` parsing	09.06.2026	9.1
CVE-2026-49841	FreeSWITCH: Pre-authentication heap buffer overflow in `mod_verto` HTTP POST body read	11.06.2026	9.8
CVE-2026-10520		12.06.2026	10
CVE-2026-10523		10.06.2026	9.9
CVE-2026-25089		10.06.2026	9.1
CVE-2026-8025	SQLi in MOSK Informatics' CBS Platform	09.06.2026	9.8
CVE-2026-46325	RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE	14.06.2026	9.8
CVE-2026-7486	SQLi in Netcad's E-İmar	09.06.2026	9.8
CVE-2017-20251	WordPress Insert PHP Plugin 4.7.0 PHP Code Injection via REST API	09.06.2026	9.3
CVE-2026-46316	KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry	14.06.2026	9.3
CVE-2026-10731	SQL injection in Nemon products	09.06.2026	9.3
CVE-2026-41031	A Stored Cross-Site Scripting (XSS) vulnerability occurs in Vinna Process Monitor	09.06.2026	9.3
CVE-2026-5067	Out-of-bounds read/write in HTTP WebSocket upgrade via non-null-terminated Sec-WebSocket-Key	09.06.2026	9.8
CVE-2026-27671	Memory Corruption vulnerability in Application Server ABAP of SAP NetWeaver and ABAP Platform	09.06.2026	9.8
CVE-2026-40128	Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container)	10.06.2026	9
CVE-2026-44748	XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform	09.06.2026	9.9
CVE-2026-52778	YesWiki has Unsafe eval() in Formula Calculator - Remote Code Execution (RCE) & Denial of Service (DoS)	09.06.2026	9.8

Latest Updates

CVE	Title	Updated	Score
CVE-2025-15658	WordPress WP Emmet plugin <= 0.3.4 - Cross Site Scripting (XSS) vulnerability	15.06.2026	5.9
CVE-2025-15659	WordPress Elizaibots plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability	15.06.2026	6.5
CVE-2026-10634	Use-after-free in Zephyr native TCP net_tcp_foreach() due to dropping tcp_lock during the callback	15.06.2026	4.8
CVE-2026-5038	multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads	15.06.2026	5.3
CVE-2026-8683	Overly long URLs crash the Mattermost Desktop App	15.06.2026	6.5
CVE-2026-9595	webpack-dev-server vulnerable to HMR WebSocket interception via permissive user proxies	15.06.2026	5.3
CVE-2026-9862	Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability	15.06.2026	9.8
CVE-2026-9863	Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability	15.06.2026	7.5
CVE-2016-20066	WordPress CP Polls 1.0.8 Persistent Cross-Site Scripting	15.06.2026
CVE-2016-20067	WordPress CP Polls 1.0.8 Cross-Site Request Forgery	15.06.2026
CVE-2016-20068	WordPress Booking Calendar Contact Form 1.0.23 SQL Injection	15.06.2026
CVE-2016-20069	WordPress Booking Calendar Contact Form 1.0.23 SQL Injection	15.06.2026
CVE-2016-20070	WordPress Booking Calendar Contact Form 1.0.23 Privilege Escalation Stored XSS	15.06.2026
CVE-2016-20071	WordPress 404 Redirection Manager Plugin 1.0 SQL Injection	15.06.2026
CVE-2016-20072	BBS e-Franchise 1.1.1 WordPress Plugin SQL Injection via uid	15.06.2026
CVE-2016-20073	Answer My Question 1.3 Plugin WordPress SQL Injection via modal.php	15.06.2026
CVE-2016-20074	WordPress Lazy Content Slider Plugin 3.4 CSRF	15.06.2026
CVE-2016-20075	WordPress Ultimate Product Catalog 3.8.6 Arbitrary File Upload RCE	15.06.2026
CVE-2016-20076	WordPress Simple-Backup 2.7.11 Arbitrary File Deletion and Download	15.06.2026
CVE-2016-20077	WordPress Plugin Photocart Link 1.6 Local File Inclusion via decode.php	15.06.2026
CVE-2016-20078	WordPress IMDb Profile Widget 1.0.8 Local File Inclusion via pic.php	15.06.2026
CVE-2016-20079	WordPress Dharma Booking 2.28.3 Local File Inclusion via proccess.php	15.06.2026
CVE-2016-20080	WordPress Brandfolder Plugin 3.0 Local File Inclusion via callback.php	15.06.2026
CVE-2016-20081	WordPress Plugin HB Audio Gallery Lite 1.0.0 Path Traversal File Download	15.06.2026
CVE-2016-20082	WordPress Plugin Abtest Local File Inclusion via abtest_admin.php	15.06.2026
CVE-2016-20083	WordPress More Fields Plugin 2.1 Cross-Site Request Forgery	15.06.2026
CVE-2016-20084	WordPress appointment-booking-calendar 1.1.24 Privilege Escalation XSS	15.06.2026
CVE-2018-25436	WordPress Plugin Baggage Freight Shipping Australia 0.1.0 Arbitrary File Upload	15.06.2026
CVE-2018-25437	WordPress CherryFramework Themes 3.1.4 Backup File Download	15.06.2026
CVE-2019-25746	WordPress Sliced Invoices 3.8.2 SQL Injection via post Parameter	15.06.2026
CVE-2025-64215	WordPress MasterStudy LMS Pro plugin < 4.7.16 - Broken Access Control vulnerability	15.06.2026	6.5
CVE-2026-48969	WordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerability	15.06.2026	6.5
CVE-2026-49062	WordPress Faust.js plugin <= 1.8.7 - Broken Authentication vulnerability	15.06.2026	8.8
CVE-2026-49064	WordPress GetPaid plugin <= 2.8.49 - Sensitive Data Exposure vulnerability	15.06.2026	7.5
CVE-2026-49111	WordPress Masteriyo - LMS plugin <= 2.2.0 - Privilege Escalation vulnerability	15.06.2026	8.8
CVE-2026-52704	WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability	15.06.2026	10
CVE-2026-5079	multer vulnerable to Denial of Service via deeply nested field names	15.06.2026	7.5
CVE-2026-5230	Improper Access Control in Mia Technologies' Pizzy Library	15.06.2026	7.1
CVE-2026-5233	Missing Rate Limiting in Mia Technologies' Pizzy Library	15.06.2026	7.1
CVE-2026-5242	Code Injection in Mia Technologies' Pizzy Library	15.06.2026	8.8
CVE-2026-6517	Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed	15.06.2026	6.3
CVE-2026-12057	DoS + Remote Code Execution via PDF JavaScript in Foxit AI	15.06.2026	8.6
CVE-2026-34021	Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay	15.06.2026
CVE-2026-34022	Weak custom cryptography and hard-coded keys in Wertheim SafeController 65000 allow traffic decryption	15.06.2026
CVE-2026-34023	Broken WebSocket authorization in Wertheim SafeController Software allows cross-branch access to restricted functions	15.06.2026
CVE-2026-34024	Missing authorization checks in Wertheim SafeController Software allow low-privileged users to access restricted functions	15.06.2026
CVE-2026-34025	IP restriction bypass in Wertheim SafeController Software allows logins from unauthorized network locations	15.06.2026
CVE-2026-34026	Path traversal in Wertheim SafeController Software allows authenticated users to download arbitrary files	15.06.2026
CVE-2026-34027	Upload restriction bypass in Wertheim SafeController Software allows authenticated users to upload arbitrary files	15.06.2026
CVE-2026-34028	Unauthenticated direct access to web data in Wertheim SafeController Software exposes files	15.06.2026
CVE-2026-34029	Hard-coded cryptographic key in Wertheim SafeController Software allows decryption of sensitive configuration data	15.06.2026
CVE-2026-34030	Improper branch-code validation in Wertheim SafeController Software allows file path manipulation	15.06.2026
CVE-2026-49757	OAuth2/OIDC account takeover in AshAuthentication via email-based user matching	15.06.2026
CVE-2026-5482	Remote Code Execution via Unrestricted File Upload in Responsive FileManager	15.06.2026
CVE-2026-11860	Insecure Deserialisation via Plaintext HTTP leading to Remote Code Execution in Quick.CMS	15.06.2026
CVE-2026-44188	Ansible-lightspeed: ansible lightspeed: session hijacking and unauthorized data access due to insufficient session expiration	15.06.2026
CVE-2026-50100		15.06.2026
CVE-2026-8385	WP Go Maps < 10.0.10 - Unauthenticated Sensitive Information Disclosure via Datatables AJAX Fallback	15.06.2026
CVE-2026-8386	WP Go Maps < 10.0.10 - Unauthenticated Sensitive Information Disclosure via Marker ID	15.06.2026
CVE-2026-8935	Advanced Google Maps < 6.1.1 - Unauthenticated Administrator Account Creation	15.06.2026
CVE-2026-9278	Form Builder CP < 1.2.47 - Editor+ Stored XSS via form_structure	15.06.2026
CVE-2026-12218	Yealink SIP-T46U Web FastCGI Service beforewifitest StartReportInformation stack-based overflow	15.06.2026
CVE-2026-12219	Yealink SIP-T46U Web FastCGI Service start mod_diagnose.CommandShellByType command injection	15.06.2026
CVE-2026-12220	Yealink SIP-T46U Firmware Chunk Upload handler accupgradebychunk mod_upgrade.SparePartsUpload stack-based overflow	15.06.2026
CVE-2026-12221	Yealink SIP-T46U Firmware Chunk Upload upgrade sprintf stack-based overflow	15.06.2026
CVE-2026-12222	Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToothTest stack-based overflow	15.06.2026
CVE-2026-12223	Yealink SIP-T46U Web FastCGI Service tftpuploadiperf mod_webd.TFTPUploadIperf command injection	15.06.2026
CVE-2026-12212	hcengineering Huly Platform RPC operations.ts getMailboxSecret access control	15.06.2026
CVE-2026-12213	hcengineering Huly Platform User Information operations.ts getAccountInfo improper authorization	15.06.2026
CVE-2026-12214	Qihoo 360 Total Security Nucleus Engine Monitoring Logic RpcStringBindingComposeW protection mechanism	15.06.2026
CVE-2026-12216	svaarala duktape duk_api_bytecode.c memory corruption	15.06.2026
CVE-2026-12217	DVDFab Virtual Drive Signed Kernel Driver dvdfabio.sys privileges management	15.06.2026
CVE-2026-12208	jsonata-js jsonata Function Binding Frame System jsonata.js createFrame prototype pollution	15.06.2026
CVE-2026-12209	RubyLouvre avalon Template Filter index.js prototype pollution	15.06.2026
CVE-2026-12210	universal-tool-calling-protocol python-utcp utcp-gql/utcp-websocket server-side request forgery	15.06.2026
CVE-2026-12211	Intelbras iNVU 7016 FT Web syslog path traversal	15.06.2026
CVE-2026-12202	Intelliants Subrion CMS Blocks Endpoint cross site scripting	15.06.2026
CVE-2026-12203	HKUDS AI-Trader Research Export agents.csv information disclosure	15.06.2026
CVE-2026-12204	ShopXO Scheduled Task Endpoint Crontab.php GoodsGiveIntegral authorization	15.06.2026
CVE-2026-12206	Grit42 Grit data_table_entity.rb DataTableEntity sql injection	15.06.2026
CVE-2026-12207	medkey-org medkey HTTP REST API PatientController.php actionGetPatientById resource injection	15.06.2026
CVE-2026-12200	Ritlabs TinyWeb Server Header libeay32.dll.html stack-based overflow	15.06.2026
CVE-2026-12201	IObit Malware Fighter DLL permission	15.06.2026
CVE-2026-12197	Ruijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injection	15.06.2026
CVE-2026-12198	Microweber API Endpoint thumbnail_img userfiles_path path traversal	15.06.2026
CVE-2026-12192	GALAYOU Y4 Web Server buffer overflow	14.06.2026
CVE-2026-12193	VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow	15.06.2026
CVE-2026-12190	Genspark AI Workspace App ai.mainfunc.genspark improper authorization in handler for custom url scheme	15.06.2026
CVE-2026-12191	Comma AI Openpilot Pickle modeld.py pickle.loads deserialization	14.06.2026
CVE-2026-12188	Grit42 Grit GritEntityController grit_entity_controller.rb sql injection	15.06.2026
CVE-2026-12189	Moovit Bus & Public Transit App com.tranzmate improper authorization in handler for custom url scheme	15.06.2026
CVE-2026-12187	GL.iNet GL-MT3000 Online Firmware Upgrade one_click_upgrade command injection	15.06.2026
CVE-2026-12186	GL.iNet GL-MT3000 Tor Proxy Service Configuration tor replace_country command injection	14.06.2026