Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22796
Total
1628
Critical
7094
High
7273
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-3326 | HIGH | 8.6 | The Xstore WordPress theme before 9.7.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action … | Jun 10, 2026 |
| CVE-2026-29116 | UNKNOWN | — | A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that … | Jun 10, 2026 |
| CVE-2026-29115 | UNKNOWN | — | A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that … | Jun 10, 2026 |
| CVE-2026-29114 | UNKNOWN | — | A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted … | Jun 10, 2026 |
| CVE-2026-11815 | UNKNOWN | — | An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could … | Jun 10, 2026 |
| CVE-2026-10846 | UNKNOWN | — | NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver over UDP, lacks matching the query destination address … | Jun 10, 2026 |
| CVE-2026-26241 | UNKNOWN | — | A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash … | Jun 10, 2026 |
| CVE-2026-26240 | UNKNOWN | — | A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash … | Jun 10, 2026 |
| CVE-2026-11837 | HIGH | 7.3 | A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The module's keyfile() function uses os.chown() instead of os.lchown() and opens files without … | Jun 10, 2026 |
| CVE-2025-8444 | MEDIUM | 6.4 | The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the … | Jun 10, 2026 |
| CVE-2026-26239 | UNKNOWN | — | A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the … | Jun 10, 2026 |
| CVE-2026-26237 | UNKNOWN | — | A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized … | Jun 10, 2026 |
| CVE-2026-24724 | UNKNOWN | — | An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the … | Jun 10, 2026 |
| CVE-2026-24720 | UNKNOWN | — | An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, … | Jun 10, 2026 |
| CVE-2026-24719 | UNKNOWN | — | A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then … | Jun 10, 2026 |
| CVE-2026-24717 | UNKNOWN | — | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then … | Jun 10, 2026 |
| CVE-2026-24716 | UNKNOWN | — | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can … | Jun 10, 2026 |
| CVE-2026-22899 | UNKNOWN | — | A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit … | Jun 10, 2026 |
| CVE-2026-22893 | UNKNOWN | — | A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then … | Jun 10, 2026 |
| CVE-2025-66281 | UNKNOWN | — | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch … | Jun 10, 2026 |
| CVE-2025-66280 | UNKNOWN | — | An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they … | Jun 10, 2026 |
| CVE-2025-66279 | UNKNOWN | — | A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then … | Jun 10, 2026 |
| CVE-2025-66273 | UNKNOWN | — | A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then … | Jun 10, 2026 |
| CVE-2025-62851 | UNKNOWN | — | A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability … | Jun 10, 2026 |
| CVE-2025-62850 | UNKNOWN | — | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can … | Jun 10, 2026 |