Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
20560
Total
1471
Critical
6231
High
6522
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-13601 | HIGH | 7.1 | A flaw was found in Yelp due to an overly permissive Content Security Policy (CSP) implementation provided by yelp-xsl. A malicious Flatpak application can open … | Jun 29, 2026 |
| CVE-2026-13557 | MEDIUM | 4.3 | A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. This vulnerability affects unknown code of the file /admin/mod_room/controller.php?action=add of the component POST Request … | Jun 29, 2026 |
| CVE-2026-13556 | MEDIUM | 4.3 | A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects an unknown part of the file /admin/mod_users/controller.php?action=edit of the component POST Request … | Jun 29, 2026 |
| CVE-2026-13555 | HIGH | 7.3 | A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/mod_users/controller.php?action=add. The manipulation … | Jun 29, 2026 |
| CVE-2026-13554 | MEDIUM | 4.3 | A vulnerability has been found in itsourcecode Online Hotel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/mod_amenities/controller.php?action=add of … | Jun 29, 2026 |
| CVE-2026-13553 | HIGH | 7.3 | A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/mod_amenities/controller.php?action=add. Executing a manipulation of … | Jun 29, 2026 |
| CVE-2026-13552 | HIGH | 7.3 | A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/mod_amenities/controller.php?action=edit. Performing a manipulation of the … | Jun 29, 2026 |
| CVE-2026-9267 | UNKNOWN | — | Eclipse tinydtls before commit b3efd41ad111a4920f599f51ffa4f5e9f1e72221 contains an out-of-bounds read vulnerability in the check_server_certificate() function that allows unauthenticated attackers to trigger reads beyond valid buffer boundaries … | Jun 29, 2026 |
| CVE-2026-57966 | MEDIUM | 4.4 | A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on … | Jun 29, 2026 |
| CVE-2026-57965 | MEDIUM | 5.1 | A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This vulnerability … | Jun 29, 2026 |
| CVE-2026-57676 | MEDIUM | 4.3 | Authorization Bypass Through User-Controlled Key vulnerability in Matteo Manna Simple User Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple User … | Jun 29, 2026 |
| CVE-2026-22078 | HIGH | 7.3 | Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel. | Jun 29, 2026 |
| CVE-2026-13595 | MEDIUM | 6.8 | A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a … | Jun 29, 2026 |
| CVE-2026-13551 | HIGH | 7.3 | A security vulnerability has been detected in itsourcecode Baptism Information Management System 1.0. This affects an unknown function of the file /editBaptism.php. Such manipulation of … | Jun 29, 2026 |
| CVE-2026-13550 | HIGH | 7.3 | A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /delbaptism.php. This manipulation … | Jun 29, 2026 |
| CVE-2026-13549 | MEDIUM | 5.4 | A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the … | Jun 29, 2026 |
| CVE-2026-13548 | MEDIUM | 6.3 | A vulnerability was identified in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /doctortimings.php. The manipulation of the argument editid … | Jun 29, 2026 |
| CVE-2026-13547 | HIGH | 7.3 | A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of … | Jun 29, 2026 |
| CVE-2026-13546 | HIGH | 7.3 | A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. … | Jun 29, 2026 |
| CVE-2026-13545 | HIGH | 8.8 | A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub_400E40 of the file setconf.cgi of the component POST Parameter Handler. Such … | Jun 29, 2026 |
| CVE-2026-9676 | MEDIUM | 4.3 | The F4 Post Tree WordPress plugin before 2.0.5 does not perform capability checks or CSRF/nonce verification on one of its AJAX actions, allowing authenticated users … | Jun 29, 2026 |
| CVE-2026-13544 | MEDIUM | 6.3 | A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown functionality of the file /api/users of the … | Jun 29, 2026 |
| CVE-2026-13543 | MEDIUM | 5.6 | A vulnerability was detected in Documenso up to 2.11.0. Affected by this vulnerability is an unknown functionality of the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts of the component Google … | Jun 29, 2026 |
| CVE-2026-13542 | MEDIUM | 6.3 | A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /doctorprofile.php. The manipulation of the … | Jun 29, 2026 |
| CVE-2026-13541 | MEDIUM | 6.3 | A weakness has been identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /doctorchangepassword.php. Executing a manipulation of the … | Jun 29, 2026 |