Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22796
Total
1628
Critical
7094
High
7273
Medium
CVE ID Severity Score Description Published
CVE-2026-3326 HIGH 8.6 The Xstore WordPress theme before 9.7.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action … Jun 10, 2026
CVE-2026-29116 UNKNOWN A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that … Jun 10, 2026
CVE-2026-29115 UNKNOWN A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that … Jun 10, 2026
CVE-2026-29114 UNKNOWN A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted … Jun 10, 2026
CVE-2026-11815 UNKNOWN An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could … Jun 10, 2026
CVE-2026-10846 UNKNOWN NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver over UDP, lacks matching the query destination address … Jun 10, 2026
CVE-2026-26241 UNKNOWN A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash … Jun 10, 2026
CVE-2026-26240 UNKNOWN A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash … Jun 10, 2026
CVE-2026-11837 HIGH 7.3 A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The module's keyfile() function uses os.chown() instead of os.lchown() and opens files without … Jun 10, 2026
CVE-2025-8444 MEDIUM 6.4 The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the … Jun 10, 2026
CVE-2026-26239 UNKNOWN A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the … Jun 10, 2026
CVE-2026-26237 UNKNOWN A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized … Jun 10, 2026
CVE-2026-24724 UNKNOWN An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the … Jun 10, 2026
CVE-2026-24720 UNKNOWN An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, … Jun 10, 2026
CVE-2026-24719 UNKNOWN A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then … Jun 10, 2026
CVE-2026-24717 UNKNOWN A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then … Jun 10, 2026
CVE-2026-24716 UNKNOWN A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can … Jun 10, 2026
CVE-2026-22899 UNKNOWN A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit … Jun 10, 2026
CVE-2026-22893 UNKNOWN A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then … Jun 10, 2026
CVE-2025-66281 UNKNOWN A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch … Jun 10, 2026
CVE-2025-66280 UNKNOWN An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they … Jun 10, 2026
CVE-2025-66279 UNKNOWN A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then … Jun 10, 2026
CVE-2025-66273 UNKNOWN A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then … Jun 10, 2026
CVE-2025-62851 UNKNOWN A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability … Jun 10, 2026
CVE-2025-62850 UNKNOWN A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can … Jun 10, 2026