Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

23813
Total
1705
Critical
7468
High
7599
Medium
CVE ID Severity Score Description Published
CVE-2026-10529 LOW 2.4 A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown function of the file src/main/java/com/zhiliao/module/web/system/ScheduleJobController.java of the component Task Scheduling … Jun 02, 2026
CVE-2026-9050 MEDIUM 4.3 The Slider Revolution plugin for WordPress in versions 6.0.0-6.7.55 and 7.0.0-7.0.14 is vulnerable to unauthorized modification of data. This is due to the plugin not … Jun 02, 2026
CVE-2026-9048 MEDIUM 4.3 The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions 7.0.0 - 7.0.14, via the 'slider.get.full' AJAX Action. This makes it … Jun 02, 2026
CVE-2026-10528 LOW 3.3 A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the … Jun 02, 2026
CVE-2026-10514 LOW 2.4 A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestParamTrimConfig.java. The manipulation leads to cross … Jun 02, 2026
CVE-2026-10302 MEDIUM 6.3 A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /manage_fee.php. Executing a manipulation … Jun 02, 2026
CVE-2026-10301 MEDIUM 4.3 A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of … Jun 02, 2026
CVE-2026-28511 MEDIUM 4.3 eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing a numeric reference/search can return results … Jun 01, 2026
CVE-2026-25879 CRITICAL 9.8 Langroid is a framework for building large-language-model-powered applications. Prior to version 0.63.0, SQLChatAgent executes SQL produced by an LLM, which is influenceable by prompt injection. … Jun 01, 2026
CVE-2026-25277 HIGH 8.8 Memory corruption while using Strongbox due to buffer overflow. Jun 01, 2026
CVE-2026-25276 HIGH 8.8 Memory corruption while using Strongbox due to missing bounds check. Jun 01, 2026
CVE-2026-25260 HIGH 7.8 Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications. Jun 01, 2026
CVE-2026-25259 HIGH 7.8 Memory corruption while processing multiple IOCTL command for escape operations. Jun 01, 2026
CVE-2026-25258 HIGH 7.8 Memory corruption while processing IOCTL calls for escape operations. Jun 01, 2026
CVE-2026-24782 HIGH 7.6 Kiteworks is a private data network (PDN). Prior to version 9.3.0,ultiple SQL Injection vulnerabilities in Kiteworks Secure Data Forms could be exploited by an authenticated … Jun 01, 2026
CVE-2026-24761 LOW 3.7 Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … Jun 01, 2026
CVE-2026-24756 MEDIUM 4.3 Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … Jun 01, 2026
CVE-2026-24755 MEDIUM 5.4 Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … Jun 01, 2026
CVE-2026-24754 MEDIUM 5.4 Kiteworks is a private data network (PDN). Prior to version 9.3.0, a stored XSS vulnerability in Kiteworks Secure Data Forms could allow an authenticated attacker … Jun 01, 2026
CVE-2026-24753 MEDIUM 6.5 Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … Jun 01, 2026
CVE-2026-24752 HIGH 8.2 Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker … Jun 01, 2026
CVE-2026-24092 HIGH 7.2 Memory Corruption when processing fastboot commands to set display mode. Jun 01, 2026
CVE-2026-24091 HIGH 7.2 Memory corruption while processing fastboot commands with improperly formatted input. Jun 01, 2026
CVE-2026-24090 HIGH 7.1 Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow. Jun 01, 2026
CVE-2026-24089 HIGH 7.2 Memory corruption while processing fastboot commands with invalid input. Jun 01, 2026