Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
20528
Total
1468
Critical
6215
High
6518
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-13742 | UNKNOWN | — | Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, … | Jun 29, 2026 |
| CVE-2026-13587 | LOW | 3.7 | A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parse_by_block_type of the file light_pcapng.c of the component LightPcapNg Parser. Performing … | Jun 29, 2026 |
| CVE-2026-13583 | HIGH | 8.8 | A vulnerability has been found in Edimax EW-7478APC 1.04. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. Such … | Jun 29, 2026 |
| CVE-2026-13582 | HIGH | 8.8 | A flaw has been found in Edimax EW-7478APC 1.04. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. … | Jun 29, 2026 |
| CVE-2026-13581 | MEDIUM | 6.3 | A vulnerability was detected in Edimax EW-7478APC 1.04. This vulnerability affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. The … | Jun 29, 2026 |
| CVE-2026-13580 | HIGH | 8.8 | A security vulnerability has been detected in Edimax EW-7478APC 1.04. This affects the function formQoS of the file /goform/formQoS of the component POST Request Handler. … | Jun 29, 2026 |
| CVE-2026-13437 | MEDIUM | 6.5 | Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent … | Jun 29, 2026 |
| CVE-2026-57525 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Jun 29, 2026 |
| CVE-2026-57523 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Jun 29, 2026 |
| CVE-2026-57341 | MEDIUM | 6.5 | Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions. | Jun 29, 2026 |
| CVE-2026-57340 | MEDIUM | 6.5 | Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions. | Jun 29, 2026 |
| CVE-2026-57339 | MEDIUM | 6.5 | Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions. | Jun 29, 2026 |
| CVE-2026-57338 | HIGH | 7.1 | Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions. | Jun 29, 2026 |
| CVE-2026-57337 | HIGH | 7.1 | Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions. | Jun 29, 2026 |
| CVE-2026-57336 | HIGH | 7.1 | Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions. | Jun 29, 2026 |
| CVE-2026-57335 | MEDIUM | 6.5 | Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions. | Jun 29, 2026 |
| CVE-2026-57334 | MEDIUM | 6.5 | Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions. | Jun 29, 2026 |
| CVE-2026-57333 | HIGH | 7.1 | Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions. | Jun 29, 2026 |
| CVE-2026-57332 | HIGH | 7.1 | Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions. | Jun 29, 2026 |
| CVE-2026-57331 | CRITICAL | 9.9 | Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions. | Jun 29, 2026 |
| CVE-2026-57330 | MEDIUM | 6.5 | Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions. | Jun 29, 2026 |
| CVE-2026-57329 | MEDIUM | 6.5 | Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions. | Jun 29, 2026 |
| CVE-2026-57328 | MEDIUM | 6.5 | Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions. | Jun 29, 2026 |
| CVE-2026-57327 | MEDIUM | 6.3 | Subscriber Broken Access Control in MainWP <= 6.1.1 versions. | Jun 29, 2026 |
| CVE-2026-57326 | MEDIUM | 6.1 | Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions. | Jun 29, 2026 |