Search
31,034 CVEs · Critical severity
CVEs (31,034, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 226–250 of 31,034 (capped at 500)
| CVE ID | Severity ↓ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-9094 | CRITICAL | 9.8 | 2026-05-28 | Casdoor versions 2.362.0 and earlier contain a vulnerability enabling cross-organization token exchange. The GetTokenExchangeToken function in object/token_oauth.go validat… | |
| CVE-2026-9097 | CRITICAL | 9.8 | 2026-05-28 | Casdoor versions 2.362.0 and earlier do not verify that a JWT used for token exchange is still active. The GetTokenExchangeToken() function in object/token_oauth.go validat… | |
| CVE-2026-9098 | CRITICAL | 9.1 | 2026-05-28 | In Casdoor versions 2.362.0 and earlier, the SAML callback handler in controllers/auth.go accepts any well-formed SAMLResponse sent to /api/acs without verifying that it co… | |
| CVE-2026-9090 | CRITICAL | 9.1 | 2026-05-28 | Casdoor versions 2.362.0 and earlier contain a vulnerability that allows an attacker to bypass authentication by supplying an arbitrary signing certificate. The buildSpCert… | |
| CVE-2026-44477 | CRITICAL | Patched | 9.9 | 2026-05-28 | CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its… |
| CVE-2026-38702 | CRITICAL | Patched | 9.8 | 2026-05-28 | A command injection vulnerability exists in the Admin Access feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 fir… |
| CVE-2026-38703 | CRITICAL | Patched | 9.8 | 2026-05-28 | A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 fir… |
| CVE-2026-38704 | CRITICAL | Patched | 9.8 | 2026-05-28 | A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 fi… |
| CVE-2026-38707 | CRITICAL | Patched | 9.8 | 2026-05-28 | A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmwa… |
| CVE-2026-24444 | CRITICAL | Patched | 9.8 | 2026-05-28 | SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints (… |
| CVE-2026-9813 | CRITICAL | Patched | 9.9 | 2026-05-28 | FlowIntel up to version 3.3.0 contains a server-side request forgery (SSRF) vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker… |
| CVE-2026-46195 | CRITICAL | 9.8 | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: smb: client: validate dacloffset before building DACL pointers parse_sec_desc(), build_sec_desc(), and… | |
| CVE-2026-46185 | CRITICAL | 9.1 | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlink_data() Since smb2_check_message() returns success withou… | |
| CVE-2026-46155 | CRITICAL | 9.1 | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2_compound_op() If a server sends a truncated response but a … | |
| CVE-2026-46135 | CRITICAL | 9.8 | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmet_tcp_handle_icreq() updates queue->… | |
| CVE-2026-46137 | CRITICAL | 9.8 | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADD_ADDR rtx: fix potential data-race This mptcp_pm_add_timer() helper is executed as a tim… | |
| CVE-2026-46119 | CRITICAL | 9.1 | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a (potentially corrupted) message… | |
| CVE-2026-46115 | CRITICAL | 9.8 | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovec_phys_mergeable biovec_phys_mergeable() is used by the request merge, … | |
| CVE-2026-4408 | CRITICAL | Patched | 9.0 | 2026-05-28 | A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" featur… |
| CVE-2026-32999 | CRITICAL | 9.0 | 2026-05-28 | Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to execute an arbitrary code on behalf of a… | |
| CVE-2026-45083 | CRITICAL | Patched | 9.8 | 2026-05-27 | The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. From 4.8.0 to before 26.04.1, the Goobi viewer REST endpoint POST /ap… |
| CVE-2026-8363 | CRITICAL | 9.8 | 2026-05-27 | A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources: | |
| CVE-2026-8364 | CRITICAL | 9.8 | 2026-05-27 | Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /re… | |
| CVE-2026-8362 | CRITICAL | 9.8 | 2026-05-27 | A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome | |
| CVE-2026-44888 | CRITICAL | Patched | 9.8 | 2026-05-27 | Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile() endpoint writes user-supplied numeric config values… |