CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-39531 WordPress WP Directory Kit plugin <= 1.5.0 - SQL Injection vulnerability 21.05.2026 9.3
CVE-2025-71210 21.05.2026 9.8
CVE-2025-71211 21.05.2026 9.8
CVE-2026-5118 Divi Form Builder <= 5.1.2 - Unauthenticated Privilege Escalation via 'role' 21.05.2026 9.8
CVE-2026-5433 Improper Sanitization in CNM Web Interface 21.05.2026 9.1
CVE-2026-44050 Heap buffer overflow in CNID daemon comm_rcv() 21.05.2026 9.9
CVE-2026-6279 Avada (Fusion) Builder <= 3.15.2 - Unauthenticated Remote Code Execution via PHP Function Injection via 'render_logics' Shortcode Attribute via Widget AJAX Handler 21.05.2026 9.8
CVE-2026-48172 21.05.2026 10
CVE-2026-9152 Unauthenticated SOAP Endpoint in Altium 365 SearchService Allows Cross-Tenant Data Exfiltration and Index Destruction 21.05.2026 10
CVE-2026-8631 HP Linux Imaging and Printing Software – Potential Escalation of Privilege and Arbitrary Code Execution 21.05.2026 9.3
CVE-2026-39405 Frappe has Path Transversal via SCORM 21.05.2026 9.4
CVE-2026-9139 Taiko AG1000-01A Rev 7.3/8 Hard-coded Credentials via login.zhtml 21.05.2026 9.3
CVE-2026-9141 Taiko AG1000-01A Rev 7.3/8 Authentication Bypass via Web Interface 21.05.2026 9.3
CVE-2026-23734 XWiki Platform: Path traversal via resources parameter in ssx and jsx endpoints when using leading slash 21.05.2026 9.3
CVE-2026-33137 XWiki Platform has an Unauthenticated XAR Import via REST /wikis/{wikiName} 21.05.2026 9.3
CVE-2026-45444 WordPress Gift Cards For WooCommerce Pro plugin <= 4.2.6 - Arbitrary File Upload vulnerability 21.05.2026 10
CVE-2026-9102 Path Traversal in Altium Enterprise Server ComparisonService Allows Arbitrary File Write 20.05.2026 9.4
CVE-2026-9129 Path Traversal in Altium Enterprise Server Viewer StorageController Allows Arbitrary File Read 20.05.2026 9.4
CVE-2026-20223 Cisco Secure Workload Unauthorized API Access Vulnerability 21.05.2026 10
CVE-2026-8598 Unauthenticated Export Service in ZKTeco CCTV Cameras 20.05.2026 9.1
CVE-2026-8467 Unauthenticated remote code execution via HEEx template injection in phoenix_storybook playground 21.05.2026 9.5
CVE-2026-22314 20.05.2026 9
CVE-2026-33278 Possible arbitrary code execution during DNSSEC validation 20.05.2026 9.1
CVE-2026-9059 NextGEN Gallery - SQL Injection 20.05.2026 9.3
CVE-2026-9065 Surecart - SQL Injection 20.05.2026 9.3
CVE-2026-24207 20.05.2026 9.8
CVE-2026-7637 Boost <= 2.0.3 - Unauthenticated PHP Object Injection via STYXKEY-BOOST_USER_LOCATION Cookie 20.05.2026 9.8
CVE-2026-6555 ProSolution WP Client <= 2.0.0 - Unauthenticated Arbitrary File Upload via 'files' 20.05.2026 9.8
CVE-2026-7284 Easy Elements for Elementor <= 1.4.4 - Unauthenticated Privilege Escalation via easyel_handle_register 20.05.2026 9.8
CVE-2026-34234 CtrlPanel: Unauthenticated RCE using installer script 20.05.2026 10
CVE-2026-33642 Kitty has a Heap Buffer Over-Read/Write via Integer Overflow in compose_rectangles Bounds Check 19.05.2026 9.9
CVE-2026-47357 19.05.2026 9.3
CVE-2026-47358 19.05.2026 9.3
CVE-2026-2586 20.05.2026 9.1
CVE-2026-2587 20.05.2026 9.6
CVE-2026-44159 Tyler Identity Local (TID-L) default administrative credentials 19.05.2026 9.3
CVE-2026-8711 NGINX JavaScript vulnerability 20.05.2026 9.2
CVE-2026-42097 Authentication Bypass in Sparx Pro Cloud Server 19.05.2026 9.3
CVE-2026-43633 HestiaCP 1.9.0-1.9.4 Deserialization RCE via Web Terminal 19.05.2026 9.5
CVE-2026-4883 Piotnet Forms <= 2.1.40 - Unauthenticated Arbitrary File Upload via Form File Upload 19.05.2026 9.8
CVE-2026-43493 crypto: pcrypt - Fix handling of MAY_BACKLOG requests 20.05.2026 9.8
CVE-2026-2611 Improper Origin Validation in mlflow/mlflow 19.05.2026 9.6
CVE-2026-46725 Remote Code Execution in extension "Content Element Selector" (ceselector) 19.05.2026 9.2
CVE-2026-4885 Piotnet Addons for Elementor Pro <= 7.1.70 - Unauthenticated Arbitrary File Upload via Form File Upload 19.05.2026 9.8
CVE-2026-27130 Dokploy has Command Injection in its Service Operations 19.05.2026 9.9
CVE-2026-25244 WebdriverIO has Command Injection in the BrowserStack Service 19.05.2026 9.8
CVE-2026-8838 Remote Code Execution via eval() Injection in amazon-redshift-python-driver 19.05.2026 9.3
CVE-2026-8836 lwIP snmpv3 USM snmp_msg.c snmp_parse_inbound_frame stack-based overflow 18.05.2026 9.3
CVE-2026-42822 Azure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability 20.05.2026 10
CVE-2026-45829 19.05.2026 10
CVE-2026-41947 Dify v1.14.1 Authorization Bypass via Trace Configuration Endpoints 18.05.2026 9.1
CVE-2026-41948 Dify v1.14.1 Path Traversal via Plugin Daemon Internal API Access 18.05.2026 9.2
CVE-2026-4320 Authorization Bypass in ICMS Content Management by Creartia Internet Consulting 18.05.2026 9.3
CVE-2018-25320 ACL Analytics 11.x - 13.0.0.579 Arbitrary Code Execution 18.05.2026 9.3
CVE-2018-25332 GitBucket 4.23.1 Unauthenticated Remote Code Execution 18.05.2026 9.3
CVE-2018-25335 WordPress Plugin Peugeot Music 1.0 Arbitrary File Upload 18.05.2026 9.3
CVE-2020-37228 iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass 18.05.2026 9.3
CVE-2020-37239 libbabl 0.1.62 Broken Double Free Detection Memory Safety 18.05.2026 9.3
CVE-2021-47952 python jsonpickle 2.0.0 Remote Code Execution via py/repr 18.05.2026 9.3
CVE-2026-44551 Open WebUI: LDAP Empty Password Authentication Bypass 19.05.2026 9.1
CVE-2021-47965 WordPress Plugin WP Super Edit 2.5.4 Unrestricted File Upload 15.05.2026 9.3
CVE-2026-45010 phpMyFAQ - Unauthenticated Two-Factor Authentication Brute-Force via /admin/check Endpoint 15.05.2026 9.1
CVE-2026-46364 phpMyFAQ - SQL Injection via User-Agent Header in BuiltinCaptcha 15.05.2026 9.8
CVE-2026-42155 Magento LTS: Weak API Session ID — Predictable MD5 of Time-Derived Inputs 15.05.2026 9.3
CVE-2026-44717 MCP Calculate Server: Prompt Injection to RCE 15.05.2026 9.8
CVE-2026-45035 Tabby: RCE via `tabby://run` URL Scheme 21.05.2026 9.4
CVE-2026-41258 OpenMRS: Stored Velocity SSTI to RCE via ConceptReferenceRange 15.05.2026 9.1
CVE-2026-44699 LibJWT: Algorithm confusion allows JWT forgery with RSA JWK as empty-key HMAC 15.05.2026 9.1
CVE-2026-2031 Google Cloud Application Integration: Exposed internal APIs allow Information Disclosure and Remote Code Execution. 15.05.2026 10
CVE-2026-41552 Path Traversal in PDF Export Module 15.05.2026 9.2
CVE-2026-41553 Remote Code Execution in PDF Export Module 15.05.2026 10
CVE-2026-7182 Path Traversal in Diagram 15.05.2026 9.2
CVE-2026-5229 Receive Notifications After Form Submitting – Form Notify for Any Forms <= 1.1.10 - Unauthenticated Authentication Bypass via LINE OAuth Callback 15.05.2026 9.8
CVE-2026-8398 16.05.2026 9.3
CVE-2026-0481 15.05.2026 9.2
CVE-2026-44212 PrestaShop: Stored XSS executable in customer service view 15.05.2026 9.3
CVE-2026-44666 HRConvert2: Missing Sanitization enables Unauthenticated Remote Command Execution 15.05.2026 9.3
CVE-2026-8634 Crabbox < v0.12.0 Environment Variable Information Disclosure 15.05.2026 9.3

Latest Updates

CVE Title Updated Score
CVE-2026-39531 WordPress WP Directory Kit plugin <= 1.5.0 - SQL Injection vulnerability 21.05.2026 9.3
CVE-2026-9089 21.05.2026 8.8
CVE-2026-1815 Session Hijacking in TEİAŞ's Mobile Application 21.05.2026 5.7
CVE-2026-1816 OTP Bypass in TEİAŞ's Mobile Application 21.05.2026 6.3
CVE-2026-36189 21.05.2026
CVE-2025-13477 OTP Bypass in Digital Operation Services' WifiBurada 21.05.2026 7.1
CVE-2025-13479 IDOR in PosCube's QR Menu 21.05.2026 7.5
CVE-2025-71210 21.05.2026 9.8
CVE-2025-71211 21.05.2026 9.8
CVE-2025-71212 21.05.2026 7.8
CVE-2025-71213 21.05.2026 7.8
CVE-2025-71214 21.05.2026
CVE-2025-71215 21.05.2026
CVE-2025-71216 21.05.2026
CVE-2025-71217 21.05.2026
CVE-2026-2740 Remote Code Execution 21.05.2026 8.4
CVE-2026-34926 21.05.2026 6.7
CVE-2026-34927 21.05.2026 7.8
CVE-2026-34928 21.05.2026 7.8
CVE-2026-34929 21.05.2026 7.8
CVE-2026-34930 21.05.2026 7.8
CVE-2026-45206 21.05.2026 7.8
CVE-2026-45207 21.05.2026 7.8
CVE-2026-45208 21.05.2026 7.8
CVE-2026-43495 net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler 21.05.2026
CVE-2026-43496 net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked 21.05.2026
CVE-2026-43497 fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free 21.05.2026
CVE-2026-43498 accel/ivpu: Disallow re-exporting imported GEM objects 21.05.2026
CVE-2026-43499 rtmutex: Use waiter::task instead of current in remove_waiter() 21.05.2026
CVE-2026-43501 ipv6: rpl: reserve mac_len headroom when recompressed SRH grows 21.05.2026
CVE-2026-43502 net/rds: handle zerocopy send cleanup before the message is queued 21.05.2026
CVE-2026-45760 Apache Camel K: Camel K Cross-Namespace Build Deputy Attack 21.05.2026
CVE-2026-5118 Divi Form Builder <= 5.1.2 - Unauthenticated Privilege Escalation via 'role' 21.05.2026 9.8
CVE-2026-6841 Reflected XSS in Request Tracker 21.05.2026
CVE-2026-0393 CODESYS Visualization - Insufficiently Protected Credentials 21.05.2026
CVE-2026-43494 net/rds: reset op_nents when zerocopy page pin fails 21.05.2026
CVE-2026-28764 21.05.2026 7.8
CVE-2026-39461 select(2) file descriptor set overflow causes stack overflow 21.05.2026
CVE-2026-41999 Incorrect Behaviour of Views with TCP PROXY Requests 21.05.2026 4.8
CVE-2026-42000 Insufficient Validation of Names During AXFR 21.05.2026 6.8
CVE-2026-42001 Insufficient Validation of Autoprimary SOA Queries 21.05.2026 7.5
CVE-2026-42002 Concurrency and locking defects in GSS-TSIG 21.05.2026 5.9
CVE-2026-42396 Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail 21.05.2026 4.9
CVE-2026-45251 Kernel use-after-free via file descriptor syscalls 21.05.2026
CVE-2026-45252 Heap overflow in FUSE_LISTXATTR 21.05.2026
CVE-2026-45253 Missing validation in ptrace(PT_SC_REMOTE) 21.05.2026
CVE-2026-45254 Incorrect libcap_net limitation list manipulation 21.05.2026
CVE-2026-45255 Remote code execution via installer Wi-Fi access point scans 21.05.2026
CVE-2026-22880 Mobile SSO authentication flow allows credential theft via malicious server 21.05.2026 6.1
CVE-2026-27349 WordPress Mail Mint plugin <= 1.19.5 - Sensitive Data Exposure vulnerability 21.05.2026 4.3
CVE-2026-27393 WordPress CF7 WOW Styler plugin <= 1.7.6 - Broken Access Control vulnerability 21.05.2026 5.3
CVE-2026-44057 Dead bounds check in Spotlight RPC unmarshaller 21.05.2026 3.1
CVE-2026-44071 FORTIFY_SOURCE disabled 21.05.2026 3.7
CVE-2026-44074 Bitwise OR of errno values 21.05.2026 3.7
CVE-2026-44075 Missing break in DSI OpenSession 21.05.2026 3.7
CVE-2026-45250 Stack buffer overflow via setcred(2) 21.05.2026
CVE-2026-4858 Path traversal in integration action URL leading to arbitrary API execution via system admin’s auth token. 21.05.2026 8
CVE-2026-5433 Improper Sanitization in CNM Web Interface 21.05.2026 9.1
CVE-2026-5434 Improper storage of sensitive information 21.05.2026 5.9
CVE-2026-7837 TOCTOU with root privilege in ad_flush 21.05.2026 3.7
CVE-2026-9157 Remote Code Execution in Gmission Web FAX 21.05.2026
CVE-2026-44047 SQL injection in MySQL CNID backend 21.05.2026 8.8
CVE-2026-44048 Stack buffer overflow via UCS-2 type confusion in convert_charset() 21.05.2026 8.8
CVE-2026-44049 Out-of-bounds write in convert_charset() null termination 21.05.2026 7.5
CVE-2026-44050 Heap buffer overflow in CNID daemon comm_rcv() 21.05.2026 9.9
CVE-2026-44051 Arbitrary file read via attacker-controlled symlink creation 21.05.2026 8.1
CVE-2026-44052 LDAP simple-bind password exposure in log output 21.05.2026 7.5
CVE-2026-44053 Weak cryptography in DHCAST128 UAM 21.05.2026 7.4
CVE-2026-44054 Predictable afpd session token 21.05.2026 6.5
CVE-2026-44055 Bitwise OR logic bug enables shell injection 21.05.2026 7.5
CVE-2026-44056 Stack buffer overflow in desktop.c 21.05.2026 6
CVE-2026-44058 Authentication bypass via admin auth user 21.05.2026 6.4
CVE-2026-44059 Non-reentrant privilege toggle 21.05.2026 3.9
CVE-2026-44060 Integer underflow in dsi_writeinit() leads to denial of service 21.05.2026 7.5
CVE-2026-44061 DES-ECB auth with timing side channel 21.05.2026 5.9
CVE-2026-44062 Missing o_len bounds check in pull_charset_flags() 21.05.2026 7.5
CVE-2026-44063 LDAP filter injection 21.05.2026 4.2
CVE-2026-44064 ASP session ID out-of-bounds access 21.05.2026 7.1
CVE-2026-44065 Off-by-two in papd lp_write() 21.05.2026 3.7
CVE-2026-44066 Heap out-of-bounds reads in Spotlight RPC unmarshalling 21.05.2026 7.1
CVE-2026-44067 EA header parsing heap over-read 21.05.2026 3.7
CVE-2026-44068 EA path traversal via incomplete sanitization 21.05.2026 7.6
CVE-2026-44069 Integer underflow in volxlate 21.05.2026 3.4
CVE-2026-44070 Unbounded realloc in charset conversion 21.05.2026 3.1
CVE-2026-44072 system() after failed chdir() 21.05.2026 2.5
CVE-2026-44073 seteuid failure ignored in auth modules 21.05.2026 4
CVE-2026-44076 Shell injection via volume path 21.05.2026 6.7
CVE-2026-4055 Insufficient permission validation on cross-team playbook run creation 21.05.2026 4.3
CVE-2026-7835 Format string argument mismatch 21.05.2026 3.1
CVE-2026-7836 hextoint macro uppercase bug 21.05.2026 3.1
CVE-2026-1543 Avada (Fusion) Builder <= 3.15.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Multiple Shortcodes 21.05.2026 6.4
CVE-2026-2734 Authorization Bypass in SearchModelVersions in mlflow/mlflow 21.05.2026
CVE-2026-6279 Avada (Fusion) Builder <= 3.15.2 - Unauthenticated Remote Code Execution via PHP Function Injection via 'render_logics' Shortcode Attribute via Widget AJAX Handler 21.05.2026 9.8
CVE-2026-4811 WPB Floating Menu or Categories – Sticky Floating Side Menu & Categories with Icons <= 1.0.8 - Authenticated (Editor+) Stored Cross-Site Scripting via 'Icon CSS Class' Category Field 21.05.2026 4.9
CVE-2026-1881 Broadstreet <= 1.52.2 - Authenticated (Subscriber+) Private Post Meta Disclosure via get_sponsored_meta 21.05.2026 4.3
CVE-2026-48172 21.05.2026
CVE-2026-9152 Unauthenticated SOAP Endpoint in Altium 365 SearchService Allows Cross-Tenant Data Exfiltration and Index Destruction 21.05.2026
CVE-2026-40165 authentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier Truncation 21.05.2026 8.7
CVE-2026-9149 Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file 21.05.2026
CVE-2026-47782 21.05.2026
CVE-2026-9150 Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums 21.05.2026
CVE-2026-8399 20.05.2026
CVE-2026-40102 Plane: ORM Field Reference Injection via `segment` Parameter in Saved Analytics 21.05.2026 6.5
CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts 21.05.2026
CVE-2026-39960 MantisBT is Vulnerable to Stored XSS through Custom Field Textarea Values 21.05.2026 5.4
CVE-2026-40092 nimiq-keys: Unchecked Ed25519 signature length in TaggedPublicKey::verify causes remote node panic via DHT 21.05.2026 7.5
CVE-2026-40094 nimiq-blockchain: network-libp2p untrusted peer can crash address book via empty peer contact addresses 21.05.2026 4.3
CVE-2026-47373 Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks 21.05.2026
CVE-2026-8631 HP Linux Imaging and Printing Software – Potential Escalation of Privilege and Arbitrary Code Execution 21.05.2026
CVE-2026-8632 HP Linux Imaging and Printing Software – Potential Escalation of Privilege and Arbitrary Code Execution 21.05.2026
CVE-2026-35007 Open ISES Tickets < 3.44.2 Reflected XSS via single_unit.php id Parameter 21.05.2026
CVE-2026-35008 Open ISES Tickets < 3.44.2 Reflected XSS via single.php ticket_id Parameter 21.05.2026
CVE-2026-35009 Open ISES Tickets < 3.44.2 Reflected XSS via add_note.php ticket_id Parameter 21.05.2026
CVE-2026-35010 Open ISES Tickets < 3.44.2 Reflected XSS via patient_JF.php ticket_id Parameter 21.05.2026
CVE-2026-35011 Open ISES Tickets < 3.44.2 Reflected XSS via opena.php frm_call Parameter 21.05.2026
CVE-2026-35012 Open ISES Tickets < 3.44.2 Reflected XSS via add_facnote.php ticket_id Parameter 21.05.2026
CVE-2026-35013 Open ISES Tickets < 3.44.2 Reflected XSS via street_view.php thelat and thelng Parameters 21.05.2026
CVE-2026-35014 Open ISES Tickets < 3.44.2 Reflected XSS via routes_nm.php ticket_id Parameter 21.05.2026
CVE-2026-35015 Open ISES Tickets < 3.44.2 Reflected XSS via do_unit_mail.php the_ticket Parameter 21.05.2026
CVE-2026-35016 Open ISES Tickets < 3.44.2 Reflected XSS via search.php frm_query Parameter 21.05.2026
CVE-2026-39352 Frappe has an Arbitrary File Read via Path Traversal in render_include 21.05.2026
CVE-2026-39405 Frappe has Path Transversal via SCORM 21.05.2026
CVE-2026-39850 Yii 2: Local file inclusion via view parameter name collision 21.05.2026 7.4
CVE-2026-9133 Arbitrary file read in rabbitmq-aws plugin 21.05.2026 7.7
CVE-2026-9139 Taiko AG1000-01A Rev 7.3/8 Hard-coded Credentials via login.zhtml 21.05.2026 9.8
CVE-2026-9141 Taiko AG1000-01A Rev 7.3/8 Authentication Bypass via Web Interface 21.05.2026 9.8
CVE-2026-9144 Taiko AG1000-01A Rev 7.3/8 Stored XSS via Web Configuration Interface 21.05.2026 7.6
CVE-2026-39310 Trilium Notes: Authentication Bypass in Clipper API for Electron (Desktop) Builds 21.05.2026 8.6
CVE-2026-39311 Trilium Notes: Stored XSS Leads to Unauthorized Remote Code Execution (RCE) via Unsanitized SVG Attachments 20.05.2026 6.8
CVE-2026-9110 20.05.2026
CVE-2026-9111 21.05.2026
CVE-2026-9112 21.05.2026
CVE-2026-9113 20.05.2026
CVE-2026-9114 21.05.2026
CVE-2026-9115 20.05.2026
CVE-2026-9116 20.05.2026
CVE-2026-9117 21.05.2026
CVE-2026-9118 21.05.2026
CVE-2026-9119 21.05.2026
CVE-2026-9120 21.05.2026
CVE-2026-9121 21.05.2026
CVE-2026-9122 20.05.2026
CVE-2026-9123 21.05.2026
CVE-2026-9124 20.05.2026
CVE-2026-9126 21.05.2026