Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10066
Total
679
Critical
2903
High
3164
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-2325 | MEDIUM | 4.3 | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to limit the size of the request body on the start meeting API … | May 18, 2026 |
| CVE-2026-28759 | MEDIUM | 4.3 | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to validate that a remote cluster has access to a channel before processing … | May 18, 2026 |
| CVE-2026-6495 | HIGH | 7.1 | The Ajax Load More WordPress plugin before 7.8.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a … | May 18, 2026 |
| CVE-2026-6381 | HIGH | 7.5 | The WP Maps WordPress plugin before 4.9.3 does not properly sanitize a parameter before using it in a file path, allowing authenticated users to perform … | May 18, 2026 |
| CVE-2026-6379 | HIGH | 8.6 | The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing … | May 18, 2026 |
| CVE-2026-3220 | HIGH | 8.8 | The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting … | May 18, 2026 |
| CVE-2026-1631 | MEDIUM | 5.4 | The Feeds for YouTube (YouTube video, channel, and gallery plugin) WordPress plugin before 2.6.4 is vulnerable to unauthorized modification of the Feeds for YouTube (YouTube … | May 18, 2026 |
| CVE-2026-8786 | MEDIUM | 6.3 | A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go of the … | May 18, 2026 |
| CVE-2026-8785 | HIGH | 7.3 | A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file update_info.php of the component GET … | May 18, 2026 |
| CVE-2026-8784 | MEDIUM | 4.2 | A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function change_file_status of the file cramfsck.c. Performing a manipulation results in symlink … | May 18, 2026 |
| CVE-2026-8783 | MEDIUM | 4.3 | A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to … | May 18, 2026 |
| CVE-2026-8782 | MEDIUM | 4.3 | A weakness has been identified in omec-project amf up to 2.1.3-dev. This affects an unknown function of the file ngap/handler.go of the component NGAP Message … | May 18, 2026 |
| CVE-2026-8781 | MEDIUM | 4.3 | A security flaw has been discovered in omec-project amf up to 2.1.3-dev. The impacted element is the function RANConfiguration of the file ngap/handler.go. The manipulation … | May 18, 2026 |
| CVE-2026-8780 | MEDIUM | 4.3 | A vulnerability was identified in omec-project amf up to 2.1.3-dev. The affected element is an unknown function of the file ngap/dispatcher.go of the component NGAP … | May 18, 2026 |
| CVE-2026-8779 | MEDIUM | 4.3 | A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument … | May 18, 2026 |
| CVE-2026-8777 | MEDIUM | 6.3 | A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing … | May 18, 2026 |
| CVE-2026-8776 | HIGH | 8.8 | A vulnerability has been found in Edimax BR-6428NS 1.10. This vulnerability affects the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. … | May 18, 2026 |
| CVE-2026-8775 | HIGH | 8.8 | A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This … | May 18, 2026 |
| CVE-2026-8774 | MEDIUM | 6.3 | A vulnerability was detected in Edimax BR-6228NC 1.22. Affected by this issue is the function mp of the file /goform/mp of the component POST Request … | May 18, 2026 |
| CVE-2026-8773 | MEDIUM | 4.7 | A security vulnerability has been detected in linlinjava litemall up to 1.8.0. Affected by this vulnerability is the function backup/load of the file litemall-db/src/main/java/org/linlinjava/litemall/db/util/DbUtil.java of … | May 18, 2026 |
| CVE-2026-8772 | MEDIUM | 4.7 | A weakness has been identified in linlinjava litemall up to 1.8.0. Affected is an unknown function of the component Admin Endpoint. Executing a manipulation can … | May 18, 2026 |
| CVE-2026-8771 | HIGH | 7.3 | A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end … | May 18, 2026 |
| CVE-2026-8770 | LOW | 3.3 | A vulnerability was identified in continuedev continue up to 1.2.22. This affects the function lsTool of the file core/tools/implementations/lsTool.ts of the component JSON-RPC Server. Such … | May 18, 2026 |
| CVE-2026-8769 | MEDIUM | 4.3 | A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. … | May 17, 2026 |
| CVE-2026-8768 | HIGH | 7.3 | A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils. … | May 17, 2026 |