Search
1,557 CVEs
CVEs (1,557, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 126–150 of 1,557 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-10544 | MEDIUM | 6.5 | 2026-06-08 | Improper neutralization of special elements in the built-in PAM provider password rotation templates in Devolutions Server allows an authenticated user with write access to… | |
| CVE-2026-10548 | MEDIUM | 5.3 | 2026-06-02 | A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function _sync_anthropic_entry_from_credentials_file of the file agent/cr… | |
| CVE-2026-10549 | NONE | — | 2026-06-02 | LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting i… | |
| CVE-2026-10550 | MEDIUM | 6.3 | 2026-06-02 | A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. Thi… | |
| CVE-2026-10558 | MEDIUM | 6.3 | 2026-06-02 | A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the … | |
| CVE-2026-10559 | MEDIUM | 6.3 | 2026-06-02 | A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the ar… | |
| CVE-2026-10565 | LOW | 3.1 | 2026-06-02 | A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmm_state_security_mode of the file src/amf/gmm-sm.c of the component NGAP … | |
| CVE-2026-10566 | MEDIUM | 5.3 | 2026-06-02 | A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.check_instruct_content of the file metagpt/schema.py. Executing a … | |
| CVE-2026-10567 | LOW | 3.5 | 2026-06-02 | A security vulnerability has been detected in 1Panel-dev CordysCRM up to 1.4.1. This impacts the function Save of the file src/main/java/cn/cordys/crm/system/service/Module… | |
| CVE-2026-10568 | MEDIUM | 6.3 | 2026-06-02 | A vulnerability was detected in itsourcecode Fees Management System 1.0. Affected is an unknown function of the file /manage_payment.php. The manipulation of the argument I… | |
| CVE-2026-10580 | CRITICAL | 9.8 | 2026-06-05 | The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover in all versions up to and includ… | |
| CVE-2026-10581 | MEDIUM | 6.3 | 2026-06-02 | A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64_decode of the file /plus/download.php?open=1. This manipulation of the argume… | |
| CVE-2026-10583 | MEDIUM | 4.7 | 2026-06-02 | A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. Affected by this issue is the function Import of the file internal/http/tts_config.go of… | |
| CVE-2026-10584 | MEDIUM | Patched | 5.9 | 2026-06-02 | Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information vi… |
| CVE-2026-10586 | HIGH | 7.2 | 2026-06-05 | The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and i… | |
| CVE-2026-10591 | HIGH | Patched | 8.8 | 2026-06-02 | Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary comman… |
| CVE-2026-10597 | MEDIUM | 5.3 | 2026-06-04 | OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain us… | |
| CVE-2026-10606 | HIGH | 7.3 | 2026-06-02 | A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a… | |
| CVE-2026-10607 | HIGH | 7.3 | 2026-06-02 | A vulnerability was identified in DedeCMS 5.7.88. The impacted element is the function dede_htmlspecialchars of the file /plus/flink.php. The manipulation of the argument m… | |
| CVE-2026-10608 | HIGH | 7.3 | 2026-06-02 | A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des… | |
| CVE-2026-10611 | NONE | — | 2026-06-02 | An authentication bypass vulnerability exists in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deployments configured with LdapAuth.mixedAuth=true… | |
| CVE-2026-10616 | MEDIUM | 4.3 | 2026-06-02 | A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/team_t… | |
| CVE-2026-10617 | HIGH | 7.3 | 2026-06-02 | A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. This affects the function resolveAuth of the file internal/http/auth.go of the component… | |
| CVE-2026-10619 | HIGH | 7.3 | 2026-06-02 | A vulnerability was detected in sayan365 student-management-system up to 7f3c9ce7d410332335c2affac93a385485051800. This impacts an unknown function. The manipulation result… | |
| CVE-2026-10620 | HIGH | 7.3 | 2026-06-02 | A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did cause… |