Search
153,526 CVEs · Medium severity
CVEs (153,526, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 26–50 of 153,526 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-3011 | MEDIUM | 6.4 | 2026-06-08 | The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to,… | |
| CVE-2026-11569 | MEDIUM | 5.4 | 2026-06-08 | A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious … | |
| CVE-2026-11510 | MEDIUM | 6.3 | 2026-06-08 | A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/add_leave.php. Performing a manipulation of th… | |
| CVE-2026-11509 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was identified in CodeAstro Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/search_staff_for_updation.p… | |
| CVE-2026-11508 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was determined in CodeAstro Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search_staff_to_assig… | |
| CVE-2026-11507 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/delete_leave_type.php. The manipulation of the argume… | |
| CVE-2026-11506 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/search_staff_for_deletion.php. The manipulation… | |
| CVE-2026-11505 | MEDIUM | 5.0 | 2026-06-08 | A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executi… | |
| CVE-2026-11500 | MEDIUM | 5.0 | 2026-06-08 | A vulnerability was identified in Weaviate up to 1.37.7. This vulnerability affects the function validateConfig of the file usecases/auth/authentication/apikey/client.go of… | |
| CVE-2026-11497 | MEDIUM | 5.3 | 2026-06-08 | A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component … | |
| CVE-2026-11495 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. This impacts an unknown function of the file /Ingredients-Stock/add_stock.php. The manipu… | |
| CVE-2026-11494 | MEDIUM | 4.3 | 2026-06-08 | A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The ma… | |
| CVE-2026-11493 | MEDIUM | 5.0 | 2026-06-08 | A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/smb.conf of the component Samba. Executing a manip… | |
| CVE-2026-11492 | MEDIUM | 4.3 | 2026-06-08 | A security flaw has been discovered in D-Link DIR-823G 1.0.2B05. The affected element is an unknown function of the file /etc/vsftpd.conf of the component vsftpd. Performin… | |
| CVE-2026-11487 | MEDIUM | 5.3 | 2026-06-08 | A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a… | |
| CVE-2026-11480 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. Impacted is an unknown function of the file beike/Admin/Routes/admin.php of the … | |
| CVE-2026-11479 | MEDIUM | 4.2 | 2026-06-08 | A vulnerability has been found in yoanbernabeu grepai 0.35.0. This issue affects some unknown processing of the file indexer/chunker.go of the component Qdrant Backend. Suc… | |
| CVE-2026-11477 | MEDIUM | 4.3 | 2026-06-08 | A vulnerability was detected in hs-web hsweb-framework up to 5.0.1. This affects the function OAuth2Client of the file hsweb-authorization/hsweb-authorization-oauth2/src/ma… | |
| CVE-2026-11476 | MEDIUM | 6.3 | 2026-06-08 | A security vulnerability has been detected in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this issue is the function edit… | |
| CVE-2026-11475 | MEDIUM | 6.3 | 2026-06-08 | A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatu… | |
| CVE-2022-50953 | MEDIUM | 6.2 | 2026-06-08 | WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte … | |
| CVE-2021-47984 | MEDIUM | 6.4 | 2026-06-08 | WordPress Plugin WP24 Domain Check 1.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting … | |
| CVE-2021-47983 | MEDIUM | 6.4 | 2026-06-08 | WordPress Plugin Stripe Payments 2.0.39 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Acc… | |
| CVE-2021-47982 | MEDIUM | 6.4 | 2026-06-08 | WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the … | |
| CVE-2026-11473 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was identified in jflyfox jfinal_cms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argumen… |