Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

20560
Total
1471
Critical
6231
High
6522
Medium
CVE ID Severity Score Description Published
CVE-2026-13601 HIGH 7.1 A flaw was found in Yelp due to an overly permissive Content Security Policy (CSP) implementation provided by yelp-xsl. A malicious Flatpak application can open … Jun 29, 2026
CVE-2026-13557 MEDIUM 4.3 A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. This vulnerability affects unknown code of the file /admin/mod_room/controller.php?action=add of the component POST Request … Jun 29, 2026
CVE-2026-13556 MEDIUM 4.3 A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects an unknown part of the file /admin/mod_users/controller.php?action=edit of the component POST Request … Jun 29, 2026
CVE-2026-13555 HIGH 7.3 A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/mod_users/controller.php?action=add. The manipulation … Jun 29, 2026
CVE-2026-13554 MEDIUM 4.3 A vulnerability has been found in itsourcecode Online Hotel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/mod_amenities/controller.php?action=add of … Jun 29, 2026
CVE-2026-13553 HIGH 7.3 A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/mod_amenities/controller.php?action=add. Executing a manipulation of … Jun 29, 2026
CVE-2026-13552 HIGH 7.3 A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/mod_amenities/controller.php?action=edit. Performing a manipulation of the … Jun 29, 2026
CVE-2026-9267 UNKNOWN Eclipse tinydtls before commit b3efd41ad111a4920f599f51ffa4f5e9f1e72221 contains an out-of-bounds read vulnerability in the check_server_certificate() function that allows unauthenticated attackers to trigger reads beyond valid buffer boundaries … Jun 29, 2026
CVE-2026-57966 MEDIUM 4.4 A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on … Jun 29, 2026
CVE-2026-57965 MEDIUM 5.1 A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This vulnerability … Jun 29, 2026
CVE-2026-57676 MEDIUM 4.3 Authorization Bypass Through User-Controlled Key vulnerability in Matteo Manna Simple User Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple User … Jun 29, 2026
CVE-2026-22078 HIGH 7.3 Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel. Jun 29, 2026
CVE-2026-13595 MEDIUM 6.8 A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a … Jun 29, 2026
CVE-2026-13551 HIGH 7.3 A security vulnerability has been detected in itsourcecode Baptism Information Management System 1.0. This affects an unknown function of the file /editBaptism.php. Such manipulation of … Jun 29, 2026
CVE-2026-13550 HIGH 7.3 A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /delbaptism.php. This manipulation … Jun 29, 2026
CVE-2026-13549 MEDIUM 5.4 A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the … Jun 29, 2026
CVE-2026-13548 MEDIUM 6.3 A vulnerability was identified in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /doctortimings.php. The manipulation of the argument editid … Jun 29, 2026
CVE-2026-13547 HIGH 7.3 A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of … Jun 29, 2026
CVE-2026-13546 HIGH 7.3 A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. … Jun 29, 2026
CVE-2026-13545 HIGH 8.8 A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub_400E40 of the file setconf.cgi of the component POST Parameter Handler. Such … Jun 29, 2026
CVE-2026-9676 MEDIUM 4.3 The F4 Post Tree WordPress plugin before 2.0.5 does not perform capability checks or CSRF/nonce verification on one of its AJAX actions, allowing authenticated users … Jun 29, 2026
CVE-2026-13544 MEDIUM 6.3 A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown functionality of the file /api/users of the … Jun 29, 2026
CVE-2026-13543 MEDIUM 5.6 A vulnerability was detected in Documenso up to 2.11.0. Affected by this vulnerability is an unknown functionality of the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts of the component Google … Jun 29, 2026
CVE-2026-13542 MEDIUM 6.3 A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /doctorprofile.php. The manipulation of the … Jun 29, 2026
CVE-2026-13541 MEDIUM 6.3 A weakness has been identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /doctorchangepassword.php. Executing a manipulation of the … Jun 29, 2026