Export limit exceeded: 361374 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361374 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56061 | 2026-06-26 | 7.5 High | ||
| Unauthenticated Broken Access Control in Subscriptions for WooCommerce <= 1.9.5 versions. | ||||
| CVE-2026-56055 | 2026-06-26 | 8.8 High | ||
| Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions. | ||||
| CVE-2026-56048 | 2026-06-26 | 6.5 Medium | ||
| Unauthenticated Insecure Direct Object References (IDOR) in Payment Gateway Based Fees and Discounts for WooCommerce <= 3.0.0 versions. | ||||
| CVE-2026-56043 | 2026-06-26 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Customer Reviews for WooCommerce <= 5.110.1 versions. | ||||
| CVE-2026-56041 | 2026-06-26 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Responsive Lightbox <= 2.7.6 versions. | ||||
| CVE-2026-56035 | 2026-06-26 | 8.6 High | ||
| Unauthenticated Multiple Vulnerabilities in BitFire Security <= 5.0.3 versions. | ||||
| CVE-2026-56034 | 2026-06-26 | 9.3 Critical | ||
| Unauthenticated SQL Injection in Library Management System <= 3.5.7 versions. | ||||
| CVE-2026-56029 | 2026-06-26 | 7.5 High | ||
| Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway <= 2.7.4 versions. | ||||
| CVE-2026-56028 | 2026-06-26 | 9.8 Critical | ||
| Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website Templates <= 1.4.9 versions. | ||||
| CVE-2026-56010 | 2026-06-26 | 8.8 High | ||
| Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions. | ||||
| CVE-2026-56008 | 2026-06-26 | 8.8 High | ||
| Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions. | ||||
| CVE-2026-54837 | 2026-06-26 | 7.5 High | ||
| Unauthenticated Broken Access Control in Intranet & Private Site – All-In-One Intranet <= 1.8.1 versions. | ||||
| CVE-2026-54835 | 2026-06-26 | 7.5 High | ||
| Unauthenticated Broken Access Control in Five Star Restaurant Menu <= 2.5.2 versions. | ||||
| CVE-2026-54827 | 2026-06-26 | 9.3 Critical | ||
| Unauthenticated SQL Injection in Real Estate 7 <= 3.5.9 versions. | ||||
| CVE-2026-54826 | 2026-06-26 | 7.6 High | ||
| Subscriber Insecure Direct Object References (IDOR) in SupportCandy <= 3.4.6 versions. | ||||
| CVE-2026-24547 | 2026-06-26 | 5.3 Medium | ||
| Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions. | ||||
| CVE-2025-68075 | 2026-06-26 | 6.5 Medium | ||
| Contributor Cross Site Scripting (XSS) in BNE Testimonials <= 2.0.8 versions. | ||||
| CVE-2025-66123 | 2026-06-26 | 5.3 Medium | ||
| Unauthenticated Insecure Direct Object References (IDOR) in BookPro <= 1.1.0 versions. | ||||
| CVE-2025-64637 | 2026-06-26 | 5.3 Medium | ||
| Unauthenticated Content Injection in Auros Core <= 5.3.1 versions. | ||||
| CVE-2026-53169 | 1 Linux | 1 Linux Kernel | 2026-06-26 | N/A |
| In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPU_OP_RESIZE commands from userspace NPU_OP_RESIZE is a U85-only command that the driver does not yet implement. The existing WARN_ON(1) placeholder fires unconditionally whenever userspace submits this command via DRM_IOCTL_ETHOSU_GEM_CREATE, causing unbounded kernel log spam. If panic_on_warn is set the kernel panics, giving any unprivileged user with access to the DRM device a trivial denial-of-service primitive. Replace the WARN_ON(1) with an explicit -EINVAL return so the ioctl rejects the command before it reaches hardware. | ||||