Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

20806
Total
1504
Critical
6313
High
6591
Medium
CVE ID Severity Score Description Published
CVE-2026-8330 MEDIUM 4.4 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-5952 MEDIUM 4.3 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-5796 MEDIUM 4.3 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-5309 MEDIUM 5.4 GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-3176 LOW 3.1 GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-2238 MEDIUM 5.3 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-1606 MEDIUM 4.3 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.8 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-13311 HIGH 7.5 shell-quote prior to 1.8.5 finalizes parsed tokens in parse() using Array.prototype.concat as a reduce accumulator, which reallocates and copies the entire growing array on every … Jun 25, 2026
CVE-2026-12635 NONE GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-12053 HIGH 8.6 GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to … Jun 25, 2026
CVE-2026-11379 MEDIUM 5.3 GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 … Jun 25, 2026
CVE-2026-10712 HIGH 8.0 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-10086 HIGH 8.7 GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-0934 LOW 3.8 GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain … Jun 25, 2026
CVE-2026-2508 MEDIUM 6.5 The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ‘staff_id’ parameter in all versions up to, and including, 2.7.1 … Jun 25, 2026
CVE-2026-12079 MEDIUM 6.5 The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’ parameter in all versions up to, and including, 5.0.4 due … Jun 25, 2026
CVE-2026-12077 HIGH 7.5 The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the via 'latitude' and 'longitude' parameters in all versions up to, and … Jun 25, 2026
CVE-2026-10833 MEDIUM 6.4 The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'configurablePrefix' Block … Jun 25, 2026
CVE-2026-8662 LOW 3.3 Path Traversal vulnerability in the create_archive function of Rapid7 InsightConnect Compression Plugin on Linux allows authenticated attackers to write to unintended file paths via crafted … Jun 25, 2026
CVE-2026-8658 MEDIUM 6.0 OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the options or filter parameters … Jun 25, 2026
CVE-2026-8666 HIGH 7.7 OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute Plugin on Linux allows remote attackers to execute arbitrary OS commands via the … Jun 25, 2026
CVE-2026-8665 HIGH 7.7 OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux allows remote attackers to execute arbitrary OS commands via the … Jun 25, 2026
CVE-2026-8664 MEDIUM 6.0 OS Command Injection vulnerability in Rapid7 InsightConnect Finger Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the user or host parameters … Jun 25, 2026
CVE-2026-8660 HIGH 7.7 OS Command Injection vulnerability in the ping action of Rapid7 InsightConnect Ping Plugin on Linux allows remote attackers to execute arbitrary OS commands via the … Jun 25, 2026
CVE-2026-8592 HIGH 7.7 OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the … Jun 25, 2026