Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
11346
Total
769
Critical
3260
High
3665
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-34177 | CRITICAL | 9.1 | Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under … | Apr 09, 2026 |
| CVE-2025-62188 | HIGH | 7.5 | An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, including … | Apr 09, 2026 |
| CVE-2026-5854 | CRITICAL | 9.8 | A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. … | Apr 09, 2026 |
| CVE-2026-5853 | CRITICAL | 9.8 | A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component … | Apr 09, 2026 |
| CVE-2026-5852 | CRITICAL | 9.8 | A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation … | Apr 09, 2026 |
| CVE-2026-5851 | CRITICAL | 9.8 | A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The … | Apr 09, 2026 |
| CVE-2026-5850 | CRITICAL | 9.8 | A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of … | Apr 09, 2026 |
| CVE-2026-5849 | HIGH | 7.3 | A vulnerability was determined in Tenda i12 1.0.0.11(3862). The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead … | Apr 09, 2026 |
| CVE-2026-5848 | MEDIUM | 4.7 | A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data … | Apr 09, 2026 |
| CVE-2026-5847 | MEDIUM | 4.3 | A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impacted is an unknown function of the file /db/moviedb.sql of the component SQL Database … | Apr 09, 2026 |
| CVE-2026-5844 | HIGH | 7.2 | A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation … | Apr 09, 2026 |
| CVE-2026-5842 | HIGH | 7.3 | A security vulnerability has been detected in decolua 9router up to 0.3.47. The impacted element is an unknown function of the file /api of the … | Apr 09, 2026 |
| CVE-2026-5841 | HIGH | 7.3 | A weakness has been identified in Tenda i3 1.0.0.6(2204). The affected element is the function R7WebsSecurityHandler of the component HTTP Handler. Executing a manipulation can … | Apr 09, 2026 |
| CVE-2026-5840 | MEDIUM | 4.7 | A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/check_availability.php. Performing a manipulation of … | Apr 09, 2026 |
| CVE-2026-5839 | MEDIUM | 4.7 | A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknown processing of the file /admin/add-subcategory.php. Such manipulation of the argument … | Apr 09, 2026 |
| CVE-2026-5838 | MEDIUM | 4.7 | A vulnerability was determined in PHPGurukul News Portal Project 4.1. This vulnerability affects unknown code of the file /admin/add-subadmins.php. This manipulation of the argument sadminusername … | Apr 09, 2026 |
| CVE-2026-5742 | MEDIUM | 6.4 | The UsersWP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.2.60. This is due to insufficient input sanitization … | Apr 09, 2026 |
| CVE-2026-4336 | MEDIUM | 6.4 | The Ultimate FAQ Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via FAQ content in all versions up to, and including, 2.4.7. This … | Apr 09, 2026 |
| CVE-2026-1830 | CRITICAL | 9.8 | The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient … | Apr 09, 2026 |
| CVE-2026-5837 | HIGH | 7.3 | A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment … | Apr 09, 2026 |
| CVE-2026-5836 | LOW | 2.4 | A vulnerability has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_product.php. The manipulation … | Apr 09, 2026 |
| CVE-2026-5835 | LOW | 2.4 | A flaw has been found in code-projects Online Shoe Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_football.php. Executing a … | Apr 09, 2026 |
| CVE-2026-5834 | LOW | 2.4 | A vulnerability was detected in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/admin_running.php. Performing a manipulation of the argument … | Apr 09, 2026 |
| CVE-2026-5833 | MEDIUM | 5.3 | A security vulnerability has been detected in awwaiid mcp-server-taskwarrior up to 1.0.1. This impacts the function server.setRequestHandler of the file index.ts. Such manipulation of the … | Apr 09, 2026 |
| CVE-2026-5357 | MEDIUM | 6.4 | The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sid' parameter of the 'wpdm_members' shortcode in versions up to and … | Apr 09, 2026 |