Filter and search through 199,248 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-0712 | An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Gr... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-0709 | Some Hikvision Wireless Access Points are vulnerable to authenticated command execution due to insufficient input validation. Attackers with valid cre... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0705 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager (Windows) before build 6.4.2... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0675 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webaware NextGEN Download Gallery nextgen-download-gallery... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-0672 | When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-0663 | Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0650 | OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of pa... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-0629 | Authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0625 | Multiple D-Link DSL gateway devices contain a command injection vulnerability in the dnscfg.cgi endpoint due to improper sanitization of user-supplied... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0601 | A reflected cross-site scripting vulnerability exists in Nexus Repository 3 that allows unauthenticated attackers to execute arbitrary JavaScript in a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0600 | Server-Side Request Forgery (SSRF) vulnerability in Sonatype Nexus Repository 3 versions 3.0.0 and later allows authenticated administrators to config... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0519 | In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentication token to logs under certain configurations. ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0518 | CVE-2026-0518 is a cross-site scripting vulnerability in versions of Secure Access prior to 14.20. An attacker with administrative privileges can in... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0517 | CVE-2026-0517 is a denial-of-service vulnerability in versions of Secure Access Server prior to 14.20. An attacker can send a specially crafted packe... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0483 | Stored Cross-Site Scripting (XSS) vulnerability in the PDF file upload functionality of Live Helper Chat, versions prior to 4.72. An attacker can uplo... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0408 | A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the c... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0407 | An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physic... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0406 | An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injectio... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0405 | An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-0404 | An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over Wi... | 0.0 | 0 | Neutral | No | No |