Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
20560
Total
1471
Critical
6231
High
6522
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-9105 | UNKNOWN | — | An authenticated stack-based buffer overflow vulnerability exists in the web management interface of TP-Link TL-WR841N v14. A remote authenticated attacker can send crafted HTTP requests … | Jun 29, 2026 |
| CVE-2026-41052 | UNKNOWN | — | Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and … | Jun 29, 2026 |
| CVE-2026-13750 | MEDIUM | 5.5 | Insertion of sensitive information into log files in Snowflake CLI versions prior to 3.19 allowed plaintext credentials to be written to persistent local debug logs. … | Jun 29, 2026 |
| CVE-2026-13749 | HIGH | 8.8 | Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary code execution during application bundling or deployment. … | Jun 29, 2026 |
| CVE-2026-13748 | MEDIUM | 6.3 | Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitted to Snowflake … | Jun 29, 2026 |
| CVE-2026-13746 | LOW | 3.6 | Improper neutralization of local CLI parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. A user could trigger this issue by supplying … | Jun 29, 2026 |
| CVE-2026-13744 | HIGH | 8.3 | Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying crafted repository content, project configuration, manifest data, … | Jun 29, 2026 |
| CVE-2026-13742 | UNKNOWN | — | Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, … | Jun 29, 2026 |
| CVE-2026-13587 | LOW | 3.7 | A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parse_by_block_type of the file light_pcapng.c of the component LightPcapNg Parser. Performing … | Jun 29, 2026 |
| CVE-2026-13583 | HIGH | 8.8 | A vulnerability has been found in Edimax EW-7478APC 1.04. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. Such … | Jun 29, 2026 |
| CVE-2026-13582 | HIGH | 8.8 | A flaw has been found in Edimax EW-7478APC 1.04. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. … | Jun 29, 2026 |
| CVE-2026-13581 | MEDIUM | 6.3 | A vulnerability was detected in Edimax EW-7478APC 1.04. This vulnerability affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. The … | Jun 29, 2026 |
| CVE-2026-13580 | HIGH | 8.8 | A security vulnerability has been detected in Edimax EW-7478APC 1.04. This affects the function formQoS of the file /goform/formQoS of the component POST Request Handler. … | Jun 29, 2026 |
| CVE-2026-13437 | MEDIUM | 6.5 | Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent … | Jun 29, 2026 |
| CVE-2026-57525 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Jun 29, 2026 |
| CVE-2026-57523 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Jun 29, 2026 |
| CVE-2026-57341 | MEDIUM | 6.5 | Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions. | Jun 29, 2026 |
| CVE-2026-57340 | MEDIUM | 6.5 | Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions. | Jun 29, 2026 |
| CVE-2026-57339 | MEDIUM | 6.5 | Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions. | Jun 29, 2026 |
| CVE-2026-57338 | HIGH | 7.1 | Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions. | Jun 29, 2026 |
| CVE-2026-57337 | HIGH | 7.1 | Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions. | Jun 29, 2026 |
| CVE-2026-57336 | HIGH | 7.1 | Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions. | Jun 29, 2026 |
| CVE-2026-57335 | MEDIUM | 6.5 | Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions. | Jun 29, 2026 |
| CVE-2026-57334 | MEDIUM | 6.5 | Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions. | Jun 29, 2026 |
| CVE-2026-57333 | HIGH | 7.1 | Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions. | Jun 29, 2026 |