Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
23813
Total
1705
Critical
7468
High
7599
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-10529 | LOW | 2.4 | A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown function of the file src/main/java/com/zhiliao/module/web/system/ScheduleJobController.java of the component Task Scheduling … | Jun 02, 2026 |
| CVE-2026-9050 | MEDIUM | 4.3 | The Slider Revolution plugin for WordPress in versions 6.0.0-6.7.55 and 7.0.0-7.0.14 is vulnerable to unauthorized modification of data. This is due to the plugin not … | Jun 02, 2026 |
| CVE-2026-9048 | MEDIUM | 4.3 | The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions 7.0.0 - 7.0.14, via the 'slider.get.full' AJAX Action. This makes it … | Jun 02, 2026 |
| CVE-2026-10528 | LOW | 3.3 | A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the … | Jun 02, 2026 |
| CVE-2026-10514 | LOW | 2.4 | A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestParamTrimConfig.java. The manipulation leads to cross … | Jun 02, 2026 |
| CVE-2026-10302 | MEDIUM | 6.3 | A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /manage_fee.php. Executing a manipulation … | Jun 02, 2026 |
| CVE-2026-10301 | MEDIUM | 4.3 | A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of … | Jun 02, 2026 |
| CVE-2026-28511 | MEDIUM | 4.3 | eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing a numeric reference/search can return results … | Jun 01, 2026 |
| CVE-2026-25879 | CRITICAL | 9.8 | Langroid is a framework for building large-language-model-powered applications. Prior to version 0.63.0, SQLChatAgent executes SQL produced by an LLM, which is influenceable by prompt injection. … | Jun 01, 2026 |
| CVE-2026-25277 | HIGH | 8.8 | Memory corruption while using Strongbox due to buffer overflow. | Jun 01, 2026 |
| CVE-2026-25276 | HIGH | 8.8 | Memory corruption while using Strongbox due to missing bounds check. | Jun 01, 2026 |
| CVE-2026-25260 | HIGH | 7.8 | Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications. | Jun 01, 2026 |
| CVE-2026-25259 | HIGH | 7.8 | Memory corruption while processing multiple IOCTL command for escape operations. | Jun 01, 2026 |
| CVE-2026-25258 | HIGH | 7.8 | Memory corruption while processing IOCTL calls for escape operations. | Jun 01, 2026 |
| CVE-2026-24782 | HIGH | 7.6 | Kiteworks is a private data network (PDN). Prior to version 9.3.0,ultiple SQL Injection vulnerabilities in Kiteworks Secure Data Forms could be exploited by an authenticated … | Jun 01, 2026 |
| CVE-2026-24761 | LOW | 3.7 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … | Jun 01, 2026 |
| CVE-2026-24756 | MEDIUM | 4.3 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … | Jun 01, 2026 |
| CVE-2026-24755 | MEDIUM | 5.4 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … | Jun 01, 2026 |
| CVE-2026-24754 | MEDIUM | 5.4 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, a stored XSS vulnerability in Kiteworks Secure Data Forms could allow an authenticated attacker … | Jun 01, 2026 |
| CVE-2026-24753 | MEDIUM | 6.5 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … | Jun 01, 2026 |
| CVE-2026-24752 | HIGH | 8.2 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker … | Jun 01, 2026 |
| CVE-2026-24092 | HIGH | 7.2 | Memory Corruption when processing fastboot commands to set display mode. | Jun 01, 2026 |
| CVE-2026-24091 | HIGH | 7.2 | Memory corruption while processing fastboot commands with improperly formatted input. | Jun 01, 2026 |
| CVE-2026-24090 | HIGH | 7.1 | Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow. | Jun 01, 2026 |
| CVE-2026-24089 | HIGH | 7.2 | Memory corruption while processing fastboot commands with invalid input. | Jun 01, 2026 |