Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22213
Total
1585
Critical
6782
High
7114
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-11561 | CRITICAL | 9.8 | Improper neutralization of special elements used in an expression language statement ('expression language injection') vulnerability in Soagen Informatics Technologies Software and Consulting Inc. Apinizer allows … | Jun 11, 2026 |
| CVE-2026-9694 | LOW | 2.6 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2026-9204 | MEDIUM | 5.3 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2026-8589 | HIGH | 7.3 | GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2026-8464 | UNKNOWN | — | Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files … | Jun 11, 2026 |
| CVE-2026-7250 | HIGH | 7.5 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2026-6976 | LOW | 3.7 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2026-6552 | HIGH | 8.7 | GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2026-6277 | MEDIUM | 4.3 | GitLab has remediated an issue in GitLab EE affecting all versions from 13.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2026-6269 | MEDIUM | 5.4 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2026-53912 | UNKNOWN | — | Cerebrate before version 1.37 exposed credential material from self-registration requests. The self-registration workflow stored the registrant’s hashed password in the inbox message data payload. This … | Jun 11, 2026 |
| CVE-2026-53423 | UNKNOWN | — | Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membrane_mp4_plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser converts … | Jun 11, 2026 |
| CVE-2026-4764 | UNKNOWN | — | A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate … | Jun 11, 2026 |
| CVE-2026-3553 | LOW | 3.1 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2026-1500 | MEDIUM | 6.5 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2026-10733 | MEDIUM | 4.3 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that could have … | Jun 11, 2026 |
| CVE-2026-10087 | HIGH | 8.7 | GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain … | Jun 11, 2026 |
| CVE-2023-32959 | MEDIUM | 4.3 | Missing Authorization vulnerability in Sparkle WP MetroStore metrostore allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MetroStore: from n/a through 1.3.2. | Jun 11, 2026 |
| CVE-2023-25969 | MEDIUM | 5.4 | Missing Authorization vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Contact Form … | Jun 11, 2026 |
| CVE-2022-47150 | MEDIUM | 4.3 | Cross-Site request forgery (CSRF) vulnerability in weDevs WooCommerce Conversion Tracking allows Cross Site Request Forgery. This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.10. | Jun 11, 2026 |
| CVE-2022-45813 | MEDIUM | 5.4 | Missing Authorization vulnerability in BeRocket Advanced AJAX Product Filters allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced AJAX Product Filters: from … | Jun 11, 2026 |
| CVE-2026-5497 | HIGH | 7.5 | vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attack due to unbounded frame count processing in the `VideoMediaIO.load_base64()` … | Jun 11, 2026 |
| CVE-2026-53911 | UNKNOWN | — | Cerebrate before version 1.37 allowed the id primary key field to be supplied through request input during CRUD edit operations and certain custom entity patching … | Jun 11, 2026 |
| CVE-2026-11850 | MEDIUM | 5.0 | An integer underflow vulnerability was found in MIT krb5 in the berval2tl_data() function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c. The function performs an unsigned subtraction (bv_len - 2) without … | Jun 11, 2026 |
| CVE-2025-7064 | MEDIUM | 6.6 | Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 … | Jun 11, 2026 |