Export limit exceeded: 361538 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 84926 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (84926 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-42653 | 2 Iova.mihai, Wordpress | 2 Slicewp, Wordpress | 2026-06-12 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iova.Mihai SliceWP allows Stored XSS. This issue affects SliceWP: from n/a through 1.2.6. | ||||
| CVE-2026-47368 | 1 Ubiquiti | 31 Efg, Envr, Envr-core and 28 more | 2026-06-12 | 8.6 High |
| A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances. | ||||
| CVE-2026-11845 | 1 Iei Integration Corp | 1 Ivec Tank-xm811 | 2026-06-12 | 7.2 High |
| The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injection vulnerability, allowing privileged remote attackers to inject arbitrary OS commands and execute them on the device. | ||||
| CVE-2026-11846 | 1 Iei Integration Corp | 1 Ivec Tank-xm811 | 2026-06-12 | 8.1 High |
| The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to delete arbitrary system files or directories, resulting in data destruction or service disruption. | ||||
| CVE-2026-7368 | 1 Yarbo | 2 Yarbo Android/ios Mobile Application, Yarbo Cloud Mqtt Infrastructure | 2026-06-12 | 8.1 High |
| The Yarbo cloud does not enforce per-device or per-user authorization. Any client possessing valid credentials, whether the shared hard-coded credentials or legitimate per-user credentials, can subscribe to wildcard topics covering all robots globally, and can publish to any robot's command topic using only the robot's serial number (disclosed in the telemetry stream). Even after removal of hard-coded credentials from the app, a single compromised credential could still provide fleet-wide access without per-device access controls. | ||||
| CVE-2026-6211 | 1 Global It | 1 Weoll | 2026-06-12 | 8.7 High |
| Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc. WEOLL allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WEOLL: from 2.0.9 before 3.2.45.33. | ||||
| CVE-2026-9638 | 1 Arodland | 1 Crypt::pbkdf2 | 2026-06-12 | 7.5 High |
| Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography. | ||||
| CVE-2026-50085 | 1 Aqara | 1 Board Service | 2026-06-12 | 8.6 High |
| The Aqara Board service (op-test.aqara.com) accepts arbitrary MQTT command payloads, and forwards them to the platfom's HiveMQ broker without authentication. This is an instance of "CWE-306: Missing Authentication for Critical Function" and has an estimated CVSS ofCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L (8.6 High). When combined with CVE-2026-50082, CVE-50083, and CVE-50084, this can lead to a fully unauthenticated, remote takeover of affected devices. | ||||
| CVE-2026-50087 | 1 Aqara | 1 Aqara Iam/sso Gateway | 2026-06-12 | 8.2 High |
| The Aqara IAM/SSO gateway (gw-builder.aqara.com) exhibits a cross-origin request sharing vulnerability, which is an instance of "CWE-942: Permissive Cross-domain Policy with Untrusted Domains," and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N (8.2 High). | ||||
| CVE-2026-50088 | 1 Aqara | 2 Aqara Developer Portal, Aqara Developer Test Portal | 2026-06-12 | 8.2 High |
| The Aqara Developer Portal (developer.aqara.com) and shared test environments (developer-test.aqara.com, aiot-test.aqara.com) exhibit cross-origin request sharing, which is an instance of "CWE-942: Permissive Cross-domain Policy with Untrusted Domains," and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N (8.2 High). | ||||
| CVE-2026-53981 | 1 Cap-go | 1 Cap-go | 2026-06-12 | 7.6 High |
| Cap-go prior to 12.128.2 contains an account takeover vulnerability in its email change mechanism that allows an attacker with temporary authenticated session access to change the registered email address without re-authentication such as password or MFA verification. Attackers can redirect verification to an attacker-controlled email address and subsequently perform a password reset to permanently take over the victim's account. | ||||
| CVE-2026-53406 | 1 Zoom Communications | 1 Remote Control For Zoom Contact Center | 2026-06-12 | 7.8 High |
| Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access. | ||||
| CVE-2026-50101 | 1 Naxclow | 4 Ix Cam, Smart Doorbell X3, V720 and 1 more | 2026-06-12 | 8.1 High |
| Naxclow devices use a server-side, per-device relay credential that never rotates and is re-issued to the device on each boot. Because this credential remains valid indefinitely and cannot be reset or revoked by the legitimate owner, any party that obtains it through any exposure path can maintain persistent access to the device’s relay channel. This enables long-term impersonation or interception, even after factory resets or re-onboarding. | ||||
| CVE-2026-50108 | 1 Naxclow | 4 Ix Cam, Smart Doorbell X3, V720 and 1 more | 2026-06-12 | 7.5 High |
| The Naxclow platform API that returns device relay registration details exposes a persistent credential without verifying that the requester is the legitimate device or owner. An actor able to present a platform-valid request signature can retrieve credentials for arbitrary devices and register on the relay as that device, enabling interception and disruption of its communications. | ||||
| CVE-2026-42947 | 1 Naxclow | 4 Ix Cam, Smart Doorbell X3, V720 and 1 more | 2026-06-12 | 8.8 High |
| A flaw in Naxclow's platform’s onboarding workflow allows an attacker to replay a confirm-then-bind sequence to silently reassign a device to an arbitrary account. Because the affected endpoints validate request signatures but do not confirm legitimate ownership, an attacker with any account can take over a device without user interaction while the device remains online and unaware. | ||||
| CVE-2026-11816 | 1 Keras-team | 1 Keras | 2026-06-12 | 8.1 High |
| Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction utilities located in `keras/src/utils/file_utils.py`. The functions `filter_safe_tarinfos()` and `filter_safe_zipinfos()` validate archive member paths against the process current working directory (CWD) instead of the actual extraction destination. When the process runs with CWD set to `/`, which is common in Docker containers, CI/CD runners, and Jupyter environments, the validation boundary becomes the filesystem root, allowing traversal paths to bypass the security check. Additionally, the zip filter contains a bug that causes an `AttributeError` when a blocked entry is encountered, leading to incomplete extraction. Furthermore, Python 3.11 installations lack the `filter="data"` safety net, leaving them entirely reliant on the flawed CWD-based filter. Exploitation of this vulnerability can result in arbitrary file writes outside the intended extraction directory, enabling attackers to overwrite configuration files, inject malicious code, or corrupt machine learning datasets and pipelines. | ||||
| CVE-2026-53777 | 1 Perryts | 1 Perry | 2026-06-12 | 8.1 High |
| Perry before 0.5.1159 contains a path traversal vulnerability that allows a malicious build server to write arbitrary content to any location writable by the running process by supplying unsanitized path components in the artifact_name field of ArtifactReady WebSocket messages. Attackers controlling the server URL can deliver traversal payloads through the artifact_name or download_path fields, causing the client to overwrite sensitive files or expose arbitrary local files to an attacker-accessible location. | ||||
| CVE-2026-46697 | 2 Stefanbohacek, Wordpress | 2 Fediverse-embeds-wordpress-plugin, Wordpress | 2026-06-12 | 7.5 High |
| Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.8, Fediverse Embeds registered an unauthenticated REST route ftf/media-proxy (includes/Media_Proxy.php) with permission_callback => __return_true that accepted a base64-encoded URL and forwarded it to wp_remote_get($url) without enforcing any allowlist. The plugin's source contained a comment block explicitly acknowledging that the request should be validated against allowed fediverse domains, but in 1.5.7 the validation only set a local $can_download_media flag that was never read. The full response body was echoed back to the caller, so this was a full-read SSRF / open proxy reachable by any anonymous visitor. This issue has been patched in version 1.5.8. | ||||
| CVE-2026-48546 | 1 Lingdojo | 1 Kana-dojo | 2026-06-12 | 7.3 High |
| KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext() sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull request modifying messages.cjs to import arbitrary Node.js modules, bypassing sandbox restrictions and achieving remote code execution with full GitHub Actions runner privileges including access to AUTOMATION_PR_TOKEN. | ||||
| CVE-2026-48610 | 1 Ubiquiti | 15 Efg, Express 7, Ucg-fiber and 12 more | 2026-06-12 | 8.1 High |
| Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices. | ||||