Search
127,912 CVEs · High severity
CVEs (127,912, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 476–500 of 127,912 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-7818 | HIGH | Patched | 7.0 | 2026-05-11 | Deserialization of untrusted data (CWE-502) in pgAdmin 4 FileBackedSessionManager. The session manager performed unsafe deserialization of session-file contents (using Pyt… |
| CVE-2026-7816 | HIGH | Patched | 8.8 | 2026-05-11 | OS command injection (CWE-78) vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template w… |
| CVE-2026-7815 | HIGH | Patched | 8.8 | 2026-05-11 | SQL injection vulnerability in pgAdmin 4 Maintenance Tool. Four user-supplied JSON fields (buffer_usage_limit, vacuum_parallel, vacuum_index_cleanup, reindex_tablespace) w… |
| CVE-2026-7812 | HIGH | 7.3 | 2026-05-05 | A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function git_operation of the file src/code_mcp/ser… | |
| CVE-2026-7811 | HIGH | 7.3 | 2026-05-05 | A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function is_safe_path of the file src/code_mcp… | |
| CVE-2026-7810 | HIGH | 7.3 | 2026-05-05 | A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b5fa7be26e0d4369894c2. Impacted is the function create_notebook/read_notebook/edit_cell/add_c… | |
| CVE-2026-7807 | HIGH | Patched | 8.1 | 2026-05-08 | SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/{type} API endpoint that allows authenticated users… |
| CVE-2026-7802 | HIGH | 8.8 | 2026-05-28 | The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not prop… | |
| CVE-2026-7797 | HIGH | 7.5 | 2026-05-28 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'append_where_sq… | |
| CVE-2026-7791 | HIGH | Patched | 7.8 | 2026-05-04 | Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-a… |
| CVE-2026-7788 | HIGH | 7.3 | 2026-05-05 | A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update_document/conti… | |
| CVE-2026-7785 | HIGH | 7.3 | 2026-05-05 | A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the functio… | |
| CVE-2026-7784 | HIGH | 7.3 | 2026-05-05 | A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Ski… | |
| CVE-2026-7776 | HIGH | Patched | 7.5 | 2026-05-04 | Boundary Community Edition and Boundary Enterprise (“Boundary”) workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker w… |
| CVE-2026-7770 | HIGH | 8.8 | 2026-06-01 | IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator. | |
| CVE-2026-7768 | HIGH | Patched | 7.5 | 2026-05-04 | @fastify/accepts-serializer cached serializer-selection results keyed by the request Accept header without a size limit or eviction policy. A remote unauthenticated client … |
| CVE-2026-7750 | HIGH | 8.8 | 2026-05-04 | A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component… | |
| CVE-2026-7749 | HIGH | 8.8 | 2026-05-04 | A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST… | |
| CVE-2026-7748 | HIGH | 8.8 | 2026-05-04 | A weakness has been identified in Totolink N300RH 3.2.4-B20220812. Affected by this issue is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POS… | |
| CVE-2026-7736 | HIGH | Patched | 7.3 | 2026-05-04 | A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipu… |
| CVE-2026-7735 | HIGH | Patched | 7.3 | 2026-05-04 | A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attr… |
| CVE-2026-7733 | HIGH | 7.3 | 2026-05-04 | A flaw has been found in funadmin up to 7.1.0-rc6. This affects the function UploadService::chunkUpload of the file app/common/service/UploadService.php of the component Fr… | |
| CVE-2026-7727 | HIGH | 7.3 | 2026-05-04 | A vulnerability was determined in Shandong Hoteam Software PDM Product Data Management System up to 8.3.9. This affects the function GetQueryMachineGridOnePageData of the f… | |
| CVE-2026-7723 | HIGH | 7.3 | 2026-05-04 | A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. Executing a manipul… | |
| CVE-2026-7717 | HIGH | 8.8 | 2026-05-04 | A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component … |