Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

20560
Total
1471
Critical
6231
High
6522
Medium
CVE ID Severity Score Description Published
CVE-2026-9105 UNKNOWN An authenticated stack-based buffer overflow vulnerability exists in the web management interface of TP-Link TL-WR841N v14. A remote authenticated attacker can send crafted HTTP requests … Jun 29, 2026
CVE-2026-41052 UNKNOWN Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and … Jun 29, 2026
CVE-2026-13750 MEDIUM 5.5 Insertion of sensitive information into log files in Snowflake CLI versions prior to 3.19 allowed plaintext credentials to be written to persistent local debug logs. … Jun 29, 2026
CVE-2026-13749 HIGH 8.8 Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary code execution during application bundling or deployment. … Jun 29, 2026
CVE-2026-13748 MEDIUM 6.3 Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitted to Snowflake … Jun 29, 2026
CVE-2026-13746 LOW 3.6 Improper neutralization of local CLI parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. A user could trigger this issue by supplying … Jun 29, 2026
CVE-2026-13744 HIGH 8.3 Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying crafted repository content, project configuration, manifest data, … Jun 29, 2026
CVE-2026-13742 UNKNOWN Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, … Jun 29, 2026
CVE-2026-13587 LOW 3.7 A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parse_by_block_type of the file light_pcapng.c of the component LightPcapNg Parser. Performing … Jun 29, 2026
CVE-2026-13583 HIGH 8.8 A vulnerability has been found in Edimax EW-7478APC 1.04. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. Such … Jun 29, 2026
CVE-2026-13582 HIGH 8.8 A flaw has been found in Edimax EW-7478APC 1.04. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. … Jun 29, 2026
CVE-2026-13581 MEDIUM 6.3 A vulnerability was detected in Edimax EW-7478APC 1.04. This vulnerability affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. The … Jun 29, 2026
CVE-2026-13580 HIGH 8.8 A security vulnerability has been detected in Edimax EW-7478APC 1.04. This affects the function formQoS of the file /goform/formQoS of the component POST Request Handler. … Jun 29, 2026
CVE-2026-13437 MEDIUM 6.5 Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent … Jun 29, 2026
CVE-2026-57525 UNKNOWN Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Jun 29, 2026
CVE-2026-57523 UNKNOWN Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Jun 29, 2026
CVE-2026-57341 MEDIUM 6.5 Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions. Jun 29, 2026
CVE-2026-57340 MEDIUM 6.5 Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions. Jun 29, 2026
CVE-2026-57339 MEDIUM 6.5 Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions. Jun 29, 2026
CVE-2026-57338 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions. Jun 29, 2026
CVE-2026-57337 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions. Jun 29, 2026
CVE-2026-57336 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions. Jun 29, 2026
CVE-2026-57335 MEDIUM 6.5 Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions. Jun 29, 2026
CVE-2026-57334 MEDIUM 6.5 Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions. Jun 29, 2026
CVE-2026-57333 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions. Jun 29, 2026