Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
11037
Total
752
Critical
3191
High
3530
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-34860 | MEDIUM | 4.1 | Access control vulnerability in the memo module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | Apr 13, 2026 |
| CVE-2026-34856 | HIGH | 7.3 | UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability. | Apr 13, 2026 |
| CVE-2026-34853 | HIGH | 7.7 | Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability. | Apr 13, 2026 |
| CVE-2026-34852 | MEDIUM | 6.1 | Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability. | Apr 13, 2026 |
| CVE-2026-34851 | LOW | 2.2 | Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability. | Apr 13, 2026 |
| CVE-2026-34850 | LOW | 1.9 | Race condition vulnerability in the notification service. Impact: Successful exploitation of this vulnerability may affect availability. | Apr 13, 2026 |
| CVE-2026-28553 | MEDIUM | 6.9 | Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | Apr 13, 2026 |
| CVE-2026-6179 | UNKNOWN | — | Stored Cross Site Scripting in NightWolf Penetration Testing Platform allows attack trigger and run malicious script in user's browser | Apr 13, 2026 |
| CVE-2026-6152 | HIGH | 7.3 | A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/StaffAddingFunction.php. This manipulation of the … | Apr 13, 2026 |
| CVE-2026-6151 | HIGH | 7.3 | A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument … | Apr 13, 2026 |
| CVE-2026-6150 | MEDIUM | 4.3 | A vulnerability has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /checkupdatestatus.php. The manipulation of the argument … | Apr 13, 2026 |
| CVE-2026-6149 | HIGH | 7.3 | A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file /util/BookVehicleFunction.php. Executing … | Apr 13, 2026 |
| CVE-2026-6148 | HIGH | 7.3 | A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. Performing a … | Apr 13, 2026 |
| CVE-2026-6143 | MEDIUM | 6.3 | A security flaw has been discovered in farion1231 cc-switch up to 3.12.3. Affected by this issue is some unknown functionality of the file src-tauri/src/proxy/server.rs of … | Apr 13, 2026 |
| CVE-2026-6142 | HIGH | 7.3 | A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. Affected by this vulnerability is an unknown functionality of the file /admin/roomdelete.php. The … | Apr 13, 2026 |
| CVE-2026-6141 | MEDIUM | 6.3 | A vulnerability was determined in danielmiessler Personal_AI_Infrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parse_url.ts. Executing a manipulation can lead to … | Apr 13, 2026 |
| CVE-2026-6140 | CRITICAL | 9.8 | A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation … | Apr 13, 2026 |
| CVE-2026-6139 | CRITICAL | 9.8 | A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation … | Apr 13, 2026 |
| CVE-2026-25204 | MEDIUM | 6.2 | Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows denial of service condition via process abort. This issue affects escarogt prior … | Apr 13, 2026 |
| CVE-2026-6138 | CRITICAL | 9.8 | A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. … | Apr 13, 2026 |
| CVE-2026-6137 | HIGH | 8.8 | A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument wanmode/PPPOEPassword … | Apr 13, 2026 |
| CVE-2026-6136 | HIGH | 8.8 | A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page … | Apr 13, 2026 |
| CVE-2026-6135 | HIGH | 8.8 | A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. Executing a manipulation of the argument … | Apr 13, 2026 |
| CVE-2026-6134 | HIGH | 8.8 | A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Performing a manipulation of the … | Apr 12, 2026 |
| CVE-2026-6133 | HIGH | 8.8 | A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulation of the argument page leads to … | Apr 12, 2026 |