Search
127,949 CVEs · High severity
CVEs (127,949, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 251–275 of 127,949 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-8851 | HIGH | 8.1 | 2026-05-18 | SOGo versions 5.12.7 and prior contains a SQL injection vulnerability in the Access Control List management functionality that allows authenticated users to extract arbitra… | |
| CVE-2026-8850 | HIGH | Patched | 7.5 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_ibm_upload. |
| CVE-2026-8835 | HIGH | Patched | 7.3 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability t… |
| CVE-2026-8834 | HIGH | Patched | 8.0 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to ex… |
| CVE-2026-8832 | HIGH | 8.8 | 2026-05-27 | The WPCode - Insert Headers and Footers + Custom Code Snippets - WordPress Code Manager plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and i… | |
| CVE-2026-8829 | HIGH | Patched | 7.5 | 2026-06-04 | HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. The XS routine backing HTML::Entities::_decode_entities cached a pointer (repl) in… |
| CVE-2026-8813 | HIGH | Patched | 7.5 | 2026-05-19 | This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero r… |
| CVE-2026-8796 | HIGH | Patched | 8.1 | 2026-05-31 | Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srl_decoder.c, srl_read_object() and srl_read_hash() proces… |
| CVE-2026-8795 | HIGH | 7.8 | 2026-06-09 | A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in client_info.json insi… | |
| CVE-2026-8788 | HIGH | 7.3 | 2026-05-18 | Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the set_add method were not checked for newlines, colons or pipes. Metrics ge… | |
| CVE-2026-8787 | HIGH | 8.8 | 2026-05-27 | The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.1.1. This is due to the `firebase_… | |
| CVE-2026-8785 | HIGH | 7.3 | 2026-05-18 | A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file update_info.php… | |
| CVE-2026-8776 | HIGH | 8.8 | 2026-05-18 | A vulnerability has been found in Edimax BR-6428NS 1.10. This vulnerability affects the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Reque… | |
| CVE-2026-8775 | HIGH | 8.8 | 2026-05-18 | A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipu… | |
| CVE-2026-8771 | HIGH | 7.3 | 2026-05-18 | A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/… | |
| CVE-2026-8768 | HIGH | Patched | 7.3 | 2026-05-17 | A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of th… |
| CVE-2026-8764 | HIGH | 7.2 | 2026-05-17 | A security vulnerability has been detected in H3C Magic B3 up to 100R002. This affects the function UpdateWanParams of the file /goform/aspForm. Such manipulation of the ar… | |
| CVE-2026-8759 | HIGH | 7.3 | 2026-05-17 | A vulnerability was identified in xiandafu beetl up to 3.20.2. Affected is an unknown function of the file beetl-classic-integration/beetl-spring-classic/src/main/java/org/… | |
| CVE-2026-8758 | HIGH | 7.3 | 2026-05-17 | A vulnerability was determined in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This impacts an unknown function of the file /common/jsp/upload3.jsp. Executing a manipulati… | |
| CVE-2026-8757 | HIGH | Patched | 7.3 | 2026-05-17 | A vulnerability was found in adenhq hive up to 0.11.0. This affects the function _read_events_tail of the file core/framework/server/routes_sessions.py of the component Del… |
| CVE-2026-8756 | HIGH | 7.3 | 2026-05-17 | A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generate_config of the file webu… | |
| CVE-2026-8755 | HIGH | 7.3 | 2026-05-17 | A flaw has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The affected element is the function _get_all_models of the file hiyoriUI.py o… | |
| CVE-2026-8751 | HIGH | Patched | 7.3 | 2026-05-17 | A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the componen… |
| CVE-2026-8734 | HIGH | 7.3 | 2026-05-17 | A vulnerability was determined in Oinone Pamirs up to 7.2.0. Affected by this issue is the function RSQLToSQLNodeConnector.makeVariable of the component queryListByWrapper … | |
| CVE-2026-8725 | HIGH | 7.3 | 2026-05-17 | A weakness has been identified in CoreWorxLab CAAL up to 1.6.0. The affected element is an unknown function of the file src/caal/webhooks.py of the component test-hass Endp… |