Search
592 CVEs · Critical severity
CVEs (592, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 351–375 of 592 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-33843 | CRITICAL | 9.1 | 2026-05-22 | Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C allows an unauthorized attacker to elevate privileges over a network. | |
| CVE-2026-23652 | CRITICAL | 10.0 | 2026-05-22 | Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to execute code over a network. | |
| CVE-2026-32253 | CRITICAL | Patched | 9.8 | 2026-05-22 | Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL… |
| CVE-2026-39821 | CRITICAL | Patched | 9.6 | 2026-05-22 | The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly re… |
| CVE-2026-8670 | CRITICAL | Patched | 9.6 | 2026-05-22 | Insufficient session expiration vulnerability in syslink software AG Avantra on Linux, Windows allows Reusing Session IDs (aka Session Replay). This issue affects Avantra:… |
| CVE-2026-46595 | CRITICAL | Patched | 10.0 | 2026-05-22 | Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the sour… |
| CVE-2026-42508 | CRITICAL | Patched | 9.1 | 2026-05-22 | Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked. |
| CVE-2026-39834 | CRITICAL | Patched | 9.1 | 2026-05-22 | When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indef… |
| CVE-2026-39833 | CRITICAL | Patched | 9.1 | 2026-05-22 | The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmatio… |
| CVE-2026-39832 | CRITICAL | Patched | 9.1 | 2026-05-22 | When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were sil… |
| CVE-2026-39831 | CRITICAL | Patched | 9.1 | 2026-05-22 | The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures genera… |
| CVE-2026-39830 | CRITICAL | Patched | 9.1 | 2026-05-22 | A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be rel… |
| CVE-2026-34910 | CRITICAL | 10.0 | 2026-05-22 | A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection. | |
| CVE-2026-34909 | CRITICAL | 10.0 | 2026-05-22 | A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be m… | |
| CVE-2026-34908 | CRITICAL | 10.0 | 2026-05-22 | A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system. | |
| CVE-2026-33000 | CRITICAL | 9.1 | 2026-05-22 | A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection. | |
| CVE-2026-6960 | CRITICAL | 9.8 | 2026-05-21 | The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'bookingpress_validate_submitted_booking_form_f… | |
| CVE-2026-48207 | CRITICAL | Patched | 9.8 | 2026-05-21 | Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restor… |
| CVE-2026-39531 | CRITICAL | 9.3 | 2026-05-21 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This is… | |
| CVE-2025-71211 | CRITICAL | 9.8 | 2026-05-21 | A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This v… | |
| CVE-2025-71210 | CRITICAL | 9.8 | 2026-05-21 | A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Ple… | |
| CVE-2026-5118 | CRITICAL | 9.8 | 2026-05-21 | The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.2. This is due to the plugin accepting a user-control… | |
| CVE-2026-43501 | CRITICAL | 9.8 | 2026-05-21 | In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows ipv6_rpl_srh_rcv() decompresses an RFC… | |
| CVE-2026-44050 | CRITICAL | 9.9 | 2026-05-21 | A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with es… | |
| CVE-2026-6279 | CRITICAL | 9.8 | 2026-05-21 | The Avada Builder (fusion-builder) plugin for WordPress is vulnerable to Unauthenticated Remote Code Execution via PHP Function Injection in versions up to and including 3.… |