Search
153,531 CVEs · Medium severity
CVEs (153,531, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 51–75 of 153,531 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-9644 | MEDIUM | 6.4 | 2026-05-28 | The LiveSmart Video Chat Live Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'livesmart_widget' shortcode in all versions up … | |
| CVE-2026-9618 | MEDIUM | 4.3 | 2026-05-28 | The PeachPay — Payments & Express Checkout for WooCommerce (supports Stripe, PayPal, Square, Authorize.net, NMI) plugin for WordPress is vulnerable to Cross-Site Request Fo… | |
| CVE-2026-9617 | MEDIUM | Patched | 6.8 | 2026-05-27 | PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If… |
| CVE-2026-9609 | MEDIUM | 4.7 | 2026-05-27 | A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The at… | |
| CVE-2026-9607 | MEDIUM | 6.3 | 2026-05-27 | A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcel_list.php. Performing a manipulation… | |
| CVE-2026-9604 | MEDIUM | 4.3 | 2026-05-26 | A vulnerability was detected in JeecgBoot up to 3.9.1. This vulnerability affects unknown code of the component AiragModelController. The manipulation of the argument list/… | |
| CVE-2026-9603 | MEDIUM | 6.5 | 2026-05-26 | A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The man… | |
| CVE-2026-9599 | MEDIUM | 4.3 | 2026-06-02 | The Tectite Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing or incorrect nonce vali… | |
| CVE-2026-9594 | MEDIUM | 4.4 | 2026-06-06 | The WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'location… | |
| CVE-2026-9590 | MEDIUM | Patched | 5.3 | 2026-06-02 | Improper access control in the permission validation component in Devolutions Server 2026.1.19 and earlier allows an authenticated user with entry edit privileges to modify… |
| CVE-2026-9583 | MEDIUM | 4.3 | 2026-05-26 | A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of t… | |
| CVE-2026-9582 | MEDIUM | 4.3 | 2026-05-26 | A security flaw has been discovered in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This affects an unknown function. Performing a manipula… | |
| CVE-2026-9581 | MEDIUM | 6.3 | 2026-05-26 | A vulnerability was identified in JeecgBoot up to 3.9.1. The impacted element is an unknown function of the file /sys/comment/add. Such manipulation leads to improper acces… | |
| CVE-2026-9579 | MEDIUM | 6.3 | 2026-05-26 | A vulnerability was found in JeecgBoot up to 3.9.1. Impacted is the function user.getUsername of the file /sys/user/login/setting/userEdit of the component SysUser. The man… | |
| CVE-2026-9568 | MEDIUM | 5.0 | 2026-05-26 | A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the… | |
| CVE-2026-9566 | MEDIUM | 4.3 | 2026-05-26 | A vulnerability was identified in teableio teable up to 1.9.x. This impacts an unknown function of the file apps/nextjs-app/src/features/auth/pages/LoginPage.tsx of the com… | |
| CVE-2026-9565 | MEDIUM | 6.3 | 2026-05-26 | A vulnerability was determined in haojing8312 WorkClaw up to 0.6.4. This affects the function is_dangerous of the file apps/runtime/src-tauri/src/agent/tools/bash.rs of the… | |
| CVE-2026-9557 | MEDIUM | 6.4 | 2026-05-29 | A Server-Side Request Forgery (SSRF) vulnerability exists in Mautic's Focus component. Due to insufficient validation of user-supplied URLs, an authenticated user can trigg… | |
| CVE-2026-9549 | MEDIUM | 4.8 | 2026-06-08 | Stored cross-site scripting in the service discovery active check output in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can c… | |
| CVE-2026-9542 | MEDIUM | 6.3 | 2026-05-26 | A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/add_staff.php. Executing a manipulat… | |
| CVE-2026-9541 | MEDIUM | Patched | 5.3 | 2026-05-26 | A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Perform… |
| CVE-2026-9540 | MEDIUM | 5.3 | 2026-05-26 | A vulnerability was identified in vllm-project vllm 0.19.0. This issue affects some unknown processing of the component OpenAI-compatible Serving Path. Such manipulation le… | |
| CVE-2026-9534 | MEDIUM | 6.3 | 2026-05-26 | A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executin… | |
| CVE-2026-9533 | MEDIUM | 6.3 | 2026-05-26 | A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The impacted element is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi of the component Setting… | |
| CVE-2026-9532 | MEDIUM | 6.3 | 2026-05-26 | A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the co… |