Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22971
Total
1632
Critical
7220
High
7324
Medium
CVE ID Severity Score Description Published
CVE-2026-0420 UNKNOWN An improper implementation of TLS certificate validation vulnerability found in ReadyCloud client app which can allow an attacker to perform attacker-in-the-middle (MiTM) style attacks impacting … Jun 09, 2026
CVE-2026-0419 UNKNOWN Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to … Jun 09, 2026
CVE-2026-0418 UNKNOWN Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system. Jun 09, 2026
CVE-2026-0417 UNKNOWN Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity. Jun 09, 2026
CVE-2026-0416 UNKNOWN Authenticated administrators connected to the local network can modify router functionality beyond what is intended through the standard management interface. Jun 09, 2026
CVE-2026-0415 UNKNOWN Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and … Jun 09, 2026
CVE-2026-0414 UNKNOWN Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and … Jun 09, 2026
CVE-2026-0413 UNKNOWN Insufficient input validation of buffers vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router … Jun 09, 2026
CVE-2026-0412 UNKNOWN Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows administrators connected to the local network to … Jun 09, 2026
CVE-2026-0411 UNKNOWN An information disclosure vulnerability in the NETGEAR Orbi satellites could allow a user connected to your network to gain administrator access to the Orbi router. … Jun 09, 2026
CVE-2026-0410 UNKNOWN Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality. Jun 09, 2026
CVE-2026-0409 UNKNOWN A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run … Jun 09, 2026
CVE-2026-8045 UNKNOWN CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data … Jun 09, 2026
CVE-2026-8025 CRITICAL 9.8 Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in MOSK Information Technologies Ltd. CBS Platform allows SQL Injection. This issue … Jun 09, 2026
CVE-2026-49948 HIGH 8.1 Mem0 versions through 0.2.8, fixed in commit ae7f406, contain a missing authorization vulnerability in the self-hosted server component where the POST /configure endpoint modifies global … Jun 09, 2026
CVE-2026-49938 MEDIUM 6.5 A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access … Jun 09, 2026
CVE-2026-25089 CRITICAL 9.8 A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, … Jun 09, 2026
CVE-2026-24065 HIGH 8.1 Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients … Jun 09, 2026
CVE-2026-24064 UNKNOWN Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed … Jun 09, 2026
CVE-2026-10727 HIGH 7.2 An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to execute arbitrary commands as root Jun 09, 2026
CVE-2026-10523 CRITICAL 9.9 An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts … Jun 09, 2026
CVE-2026-10520 CRITICAL 10.0 An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code … Jun 09, 2026
CVE-2025-67862 MEDIUM 6.7 An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS … Jun 09, 2026
CVE-2026-9279 UNKNOWN Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name (e.g. `git`, `pandoc`, `grep`), … Jun 09, 2026
CVE-2026-7486 CRITICAL 9.8 Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Netcad Software Inc. E-İmar allows SQL Injection. This issue affects E-İmar: … Jun 09, 2026