Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
23329
Total
1657
Critical
7330
High
7410
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-11487 | MEDIUM | 5.3 | A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component … | Jun 08, 2026 |
| CVE-2026-11486 | HIGH | 7.3 | A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing … | Jun 08, 2026 |
| CVE-2026-11485 | HIGH | 7.3 | A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive2.php. Such manipulation … | Jun 08, 2026 |
| CVE-2026-11484 | HIGH | 7.3 | A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /archive3.php. This manipulation of … | Jun 08, 2026 |
| CVE-2026-11483 | HIGH | 7.3 | A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /archive4.php. The manipulation … | Jun 08, 2026 |
| CVE-2026-11482 | HIGH | 7.3 | A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /archive5.php. The manipulation … | Jun 08, 2026 |
| CVE-2026-11481 | LOW | 2.5 | A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the function PostgresStore.LookupByContentHash of the file indexer/chunker.go of the component Postgres … | Jun 08, 2026 |
| CVE-2026-11480 | MEDIUM | 6.3 | A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. Impacted is an unknown function of the file beike/Admin/Routes/admin.php of the component … | Jun 08, 2026 |
| CVE-2026-11479 | MEDIUM | 4.2 | A vulnerability has been found in yoanbernabeu grepai 0.35.0. This issue affects some unknown processing of the file indexer/chunker.go of the component Qdrant Backend. Such … | Jun 08, 2026 |
| CVE-2026-11478 | LOW | 3.3 | A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern … | Jun 08, 2026 |
| CVE-2026-11477 | MEDIUM | 4.3 | A vulnerability was detected in hs-web hsweb-framework up to 5.0.1. This affects the function OAuth2Client of the file hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Client.java of the component OAuth2 Client. The … | Jun 08, 2026 |
| CVE-2026-11476 | MEDIUM | 6.3 | A security vulnerability has been detected in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this issue is the function edit-admin of the file controllers/AdminController.php of … | Jun 08, 2026 |
| CVE-2026-11475 | MEDIUM | 6.3 | A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the … | Jun 08, 2026 |
| CVE-2024-58349 | CRITICAL | 9.8 | WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's … | Jun 08, 2026 |
| CVE-2024-58348 | CRITICAL | 9.8 | WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. … | Jun 08, 2026 |
| CVE-2023-54352 | CRITICAL | 9.8 | WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. … | Jun 08, 2026 |
| CVE-2023-54351 | HIGH | 7.2 | WordPress Sonaar Music Plugin 4.7 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the comment functionality. Attackers can … | Jun 08, 2026 |
| CVE-2023-54350 | HIGH | 7.5 | WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers … | Jun 08, 2026 |
| CVE-2022-50953 | MEDIUM | 6.2 | WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the … | Jun 08, 2026 |
| CVE-2021-47984 | MEDIUM | 6.4 | WordPress Plugin WP24 Domain Check 1.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to … | Jun 08, 2026 |
| CVE-2021-47983 | MEDIUM | 6.4 | WordPress Plugin Stripe Payments 2.0.39 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the AcceptStripePayments-settings[currency_code] parameter. Attackers can … | Jun 08, 2026 |
| CVE-2021-47982 | MEDIUM | 6.4 | WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can … | Jun 08, 2026 |
| CVE-2026-11474 | HIGH | 7.3 | A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of the component Registration … | Jun 08, 2026 |
| CVE-2026-11473 | MEDIUM | 6.3 | A vulnerability was identified in jflyfox jfinal_cms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argument orderBy … | Jun 08, 2026 |
| CVE-2026-11472 | HIGH | 7.3 | A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the … | Jun 08, 2026 |