Search

Expected end of text, found '–' (at char 20), (line:1, col:21)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (361356 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-56008 2026-06-26 8.8 High
Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions.
CVE-2026-54840 2026-06-26 7.3 High
Unauthenticated Broken Access Control in Newsletters <= 4.13 versions.
CVE-2026-54839 2026-06-26 7.5 High
Unauthenticated Sensitive Data Exposure in Trinity Backup &#8211; Backup, Migrate, Restore, Clone &amp; Schedule Backups <= 2.0.9 versions.
CVE-2026-54837 2026-06-26 7.5 High
Unauthenticated Broken Access Control in Intranet &amp; Private Site &#8211; All-In-One Intranet <= 1.8.1 versions.
CVE-2026-54835 2026-06-26 7.5 High
Unauthenticated Broken Access Control in Five Star Restaurant Menu <= 2.5.2 versions.
CVE-2026-54832 2026-06-26 7.5 High
Unauthenticated Broken Access Control in Gutenverse Companion <= 2.5.0 versions.
CVE-2026-54831 2026-06-26 9.3 Critical
Unauthenticated SQL Injection in GeoDirectory <= 2.8.162 versions.
CVE-2026-54827 2026-06-26 9.3 Critical
Unauthenticated SQL Injection in Real Estate 7 <= 3.5.9 versions.
CVE-2026-54826 2026-06-26 7.6 High
Subscriber Insecure Direct Object References (IDOR) in SupportCandy <= 3.4.6 versions.
CVE-2026-54820 2026-06-26 9.3 Critical
Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions.
CVE-2026-52701 2026-06-26 6.5 Medium
Unauthenticated Broken Access Control in User Registration <= 5.2.2 versions.
CVE-2026-24547 2026-06-26 5.3 Medium
Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions.
CVE-2025-68075 2026-06-26 6.5 Medium
Contributor Cross Site Scripting (XSS) in BNE Testimonials <= 2.0.8 versions.
CVE-2025-68063 2026-06-26 7.5 High
Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey <= 4.4.3 versions.
CVE-2025-68052 2026-06-26 8.8 High
Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions.
CVE-2025-66123 2026-06-26 5.3 Medium
Unauthenticated Insecure Direct Object References (IDOR) in BookPro <= 1.1.0 versions.
CVE-2025-64637 2026-06-26 5.3 Medium
Unauthenticated Content Injection in Auros Core <= 5.3.1 versions.
CVE-2025-63078 2026-06-26 4.3 Medium
Subscriber Broken Access Control in Restaurant Menu by MotoPress <= 2.4.11 versions.
CVE-2025-63041 2026-06-26 5.4 Medium
Contributor Broken Access Control in Forget About Shortcode Buttons <= 2.1.3 versions.
CVE-2026-53169 1 Linux 1 Linux Kernel 2026-06-26 N/A
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPU_OP_RESIZE commands from userspace NPU_OP_RESIZE is a U85-only command that the driver does not yet implement. The existing WARN_ON(1) placeholder fires unconditionally whenever userspace submits this command via DRM_IOCTL_ETHOSU_GEM_CREATE, causing unbounded kernel log spam. If panic_on_warn is set the kernel panics, giving any unprivileged user with access to the DRM device a trivial denial-of-service primitive. Replace the WARN_ON(1) with an explicit -EINVAL return so the ioctl rejects the command before it reaches hardware.