Search
31,034 CVEs · Critical severity
CVEs (31,034, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 276–300 of 31,034 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-49448 | CRITICAL | Patched | 9.8 | 2026-06-02 | authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, the Source stage can be bypassed by sending an empty POST. This issue ha… |
| CVE-2026-49201 | CRITICAL | Patched | 9.8 | 2026-05-29 | The upload.cgi binary, responsible for processing device backups, contains a hardcoded AES encryption key. This allows an attacker to decrypt, modify, and re-encrypt system… |
| CVE-2026-49200 | CRITICAL | Patched | 9.8 | 2026-05-29 | The acer_cgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials (for web and Telnet)… |
| CVE-2026-49199 | CRITICAL | Patched | 9.8 | 2026-05-29 | Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device. |
| CVE-2026-49197 | CRITICAL | Patched | 9.8 | 2026-05-29 | Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails. |
| CVE-2026-49191 | CRITICAL | Patched | 9.8 | 2026-06-04 | The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages. |
| CVE-2026-49188 | CRITICAL | Patched | 9.8 | 2026-06-04 | The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated users to execute arbitrary root commands. |
| CVE-2026-49186 | CRITICAL | Patched | 9.8 | 2026-06-04 | The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or +) to enumerate hidden n… |
| CVE-2026-49185 | CRITICAL | Patched | 9.8 | 2026-06-04 | The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection. |
| CVE-2026-49002 | CRITICAL | 9.1 | 2026-05-27 | Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissi… | |
| CVE-2026-48904 | CRITICAL | Patched | 9.8 | 2026-05-26 | An improper access check allows privelege escalation through the com_users group editing webservice endpoint. |
| CVE-2026-48902 | CRITICAL | Patched | 9.8 | 2026-05-26 | The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set. |
| CVE-2026-48899 | CRITICAL | Patched | 9.8 | 2026-05-26 | An improper access check allows privilege escalation through the com_users batch task. |
| CVE-2026-48898 | CRITICAL | Patched | 9.8 | 2026-05-26 | An improper access check allows privilege escalation through the com_users batch task. |
| CVE-2026-48879 | CRITICAL | 9.8 | 2026-06-01 | Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation. This issue affects AIWU: from n/a through 1.4.17. | |
| CVE-2026-48866 | CRITICAL | 9.6 | 2026-06-01 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects G… | |
| CVE-2026-4885 | CRITICAL | 9.8 | 2026-05-19 | The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'pafe_ajax_form_builder' functio… | |
| CVE-2026-4883 | CRITICAL | 9.8 | 2026-05-19 | The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'piotnetforms_ajax_form_builder' function in all ve… | |
| CVE-2026-4882 | CRITICAL | 9.8 | 2026-05-02 | The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'URAF_AJAX::method_upload' fun… | |
| CVE-2026-4880 | CRITICAL | 9.8 | 2026-04-16 | The Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale) plugin for WordPress is vulnerable to privilege escalation via insecure… | |
| CVE-2026-48691 | CRITICAL | Patched | 9.8 | 2026-05-26 | FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS_PATH attribute encoder. In src/bgp_protocol.hpp, the IPv4UnicastAnnounce::get_attribut… |
| CVE-2026-48689 | CRITICAL | Patched | 9.8 | 2026-05-26 | FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamic_binary_buffer_t class (src/dynamic_binary_buffer.hpp). Five meth… |
| CVE-2026-48687 | CRITICAL | Patched | 9.8 | 2026-05-26 | FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The _log() function in src/juniper_plugi… |
| CVE-2026-48686 | CRITICAL | Patched | 9.8 | 2026-05-26 | FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (Network Layer Reachability Information) decoder. The function decode_bgp_… |
| CVE-2026-48579 | CRITICAL | 9.1 | 2026-06-04 | Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network. |