Search
1,557 CVEs
CVEs (1,557, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 401–425 of 1,557 (capped at 500)
| CVE ID | Severity ↑ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-11439 | MEDIUM | 6.3 | 2026-06-06 | A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Hand… | |
| CVE-2026-11440 | MEDIUM | 6.3 | 2026-06-06 | A vulnerability was determined in theonedev onedev up to 15.0.5. This affects an unknown part of the file /repositories/{projectId}/default-branch of the component REST API… | |
| CVE-2026-11441 | MEDIUM | 6.3 | 2026-06-06 | A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request H… | |
| CVE-2026-11438 | MEDIUM | 6.3 | 2026-06-06 | A vulnerability has been found in theonedev onedev up to 15.0.5. Affected by this vulnerability is an unknown functionality of the file /projects. The manipulation of the a… | |
| CVE-2026-11436 | MEDIUM | 4.3 | 2026-06-06 | A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mage_ai/frontend/components/Sessions/SignForm/index.tsx of the compo… | |
| CVE-2026-11411 | MEDIUM | 4.4 | 2026-06-06 | A security flaw has been discovered in iAI Lab PDF AI App 4.21.0 on Android. Impacted is the function getExternalCacheDir of the component chatpdf.pro. Performing a manipul… | |
| CVE-2026-11412 | MEDIUM | 6.3 | 2026-06-06 | A weakness has been identified in Jinher OA C6. The affected element is an unknown function of the file /C6/JHSoft.Web.ModuleCount/GetFormSn.aspx. Executing a manipulation … | |
| CVE-2026-11408 | MEDIUM | 6.3 | 2026-06-06 | A vulnerability was identified in vertex-app vertex up to 2026.02.12. This issue affects some unknown processing of the file app/model/LogMod.js of the component Log Viewer… | |
| CVE-2026-11406 | MEDIUM | 6.3 | 2026-06-06 | A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.sh of the component OpenVPN Client Import Workf… | |
| CVE-2026-7624 | MEDIUM | 4.3 | 2026-06-06 | The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 12.4.16. This is due to the plugin not prope… | |
| CVE-2026-8611 | MEDIUM | 4.3 | 2026-06-06 | The Klamra Paycal for Aspaclaria plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.4 via the 'invoice_id' par… | |
| CVE-2026-8839 | MEDIUM | 5.3 | 2026-06-06 | The MapPress Maps for WordPress plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.96.6. This is… | |
| CVE-2026-9016 | MEDIUM | 5.3 | 2026-06-06 | The Debug Log Manager – Conveniently Monitor and Inspect Errors plugin for WordPress is vulnerable to Improper Output Neutralization for Logs in all versions up to, and inc… | |
| CVE-2026-9594 | MEDIUM | 4.4 | 2026-06-06 | The WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'location… | |
| CVE-2026-9829 | MEDIUM | 6.5 | 2026-06-06 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to time-based SQL Injection via 'compact_album_order_by' Shortcode Parameter i… | |
| CVE-2026-7796 | MEDIUM | 6.4 | 2026-06-06 | The EmbedPress – PDF Embedder, Embed PDF viewer, YouTube Videos, 3D FlipBook, Social feeds & more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the … | |
| CVE-2026-8502 | MEDIUM | 5.3 | 2026-06-06 | The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and inc… | |
| CVE-2026-8978 | MEDIUM | 4.9 | 2026-06-06 | The OptinCraft – Drag & Drop Optins & Popup Builder for WordPress plugin for WordPress is vulnerable to generic SQL Injection via the 'order_by' parameter in all versions u… | |
| CVE-2026-8991 | MEDIUM | 4.4 | 2026-06-06 | The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'drag_n_drop_text' and 'drag_n_drop_browse_t… | |
| CVE-2026-9197 | MEDIUM | 4.9 | 2026-06-06 | The Smart Slider 3 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.5.1.36 via the replaceHTMLImage function. This makes it… | |
| CVE-2026-9280 | MEDIUM | 6.1 | 2026-06-06 | The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL Parameters in iframe Mode in all versions up to, and… | |
| CVE-2026-7665 | MEDIUM | 5.3 | 2026-06-06 | The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, … | |
| CVE-2026-7792 | MEDIUM | 5.3 | 2026-06-06 | The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Insufficient Verification of Data Authen… | |
| CVE-2026-7795 | MEDIUM | 6.4 | 2026-06-06 | The Click to Chat – WA Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the [chat] shortcode 'num' parameter in all versions up to, and includin… | |
| CVE-2026-7566 | MEDIUM | 6.6 | 2026-06-06 | The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.4 via deserialization of untru… |