Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-42996 | UNKNOWN | — | JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. … | May 01, 2026 |
| CVE-2026-7555 | HIGH | 7.3 | A vulnerability was identified in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/login.php. Such manipulation of the argument Username … | May 01, 2026 |
| CVE-2026-7554 | MEDIUM | 5.6 | A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes … | May 01, 2026 |
| CVE-2026-6127 | MEDIUM | 6.4 | The Elementor Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the _elementor_data meta field in versions up to, and including, 4.0.4. … | May 01, 2026 |
| CVE-2024-13362 | MEDIUM | 6.1 | Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and … | May 01, 2026 |
| CVE-2026-7553 | MEDIUM | 4.7 | A vulnerability was found in code-projects Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit_exercises.php. The manipulation of … | May 01, 2026 |
| CVE-2026-7550 | HIGH | 7.3 | A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=save_customer. The manipulation of … | May 01, 2026 |
| CVE-2026-7549 | HIGH | 7.3 | A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_customer. Executing a manipulation … | May 01, 2026 |
| CVE-2026-42994 | UNKNOWN | — | Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident. | May 01, 2026 |
| CVE-2026-7548 | HIGH | 8.8 | A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. This affects the function sub_41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results … | May 01, 2026 |
| CVE-2026-7546 | CRITICAL | 9.8 | A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. The impacted element is the function find_host_ip of the component lighttpd. Such manipulation of the … | May 01, 2026 |
| CVE-2026-7545 | HIGH | 7.3 | A weakness has been identified in SourceCodester Advanced School Management System 1.0. The affected element is an unknown function of the file commonController.php of the … | May 01, 2026 |
| CVE-2026-7538 | CRITICAL | 9.8 | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation … | May 01, 2026 |
| CVE-2026-7536 | MEDIUM | 5.3 | A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsf_sess_add_by_ip_address of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a … | May 01, 2026 |
| CVE-2026-7535 | MEDIUM | 4.3 | A vulnerability was found in Open5GS up to 2.7.7. This affects the function amf_namf_comm_handle_registration_status_update_request in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-contexts/{ueContextId}/transfer-update. Performing a manipulation … | May 01, 2026 |
| CVE-2026-7519 | HIGH | 7.3 | A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. … | May 01, 2026 |
| CVE-2026-7518 | MEDIUM | 4.3 | A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amf_namf_callback_handle_sdm_data_change_notify of the file /namf-callback/v1/{id}/sdmsubscription-notify of the component AMF SBI … | May 01, 2026 |
| CVE-2026-7513 | HIGH | 8.8 | A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation … | May 01, 2026 |
| CVE-2026-7512 | HIGH | 8.8 | A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser. Executing a … | May 01, 2026 |
| CVE-2026-5656 | HIGH | 7.0 | Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | May 01, 2026 |
| CVE-2026-5405 | HIGH | 7.8 | RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | May 01, 2026 |
| CVE-2026-5404 | MEDIUM | 4.7 | K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | May 01, 2026 |
| CVE-2026-5403 | HIGH | 7.8 | SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | May 01, 2026 |
| CVE-2026-22726 | MEDIUM | 5.0 | Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer … | May 01, 2026 |
| CVE-2026-7510 | MEDIUM | 6.3 | A vulnerability was determined in OWAP DefectDojo up to 2.55.4. Affected by this vulnerability is an unknown functionality of the component Benchmark/Engagement/Product/Survey. Executing a manipulation … | Apr 30, 2026 |