Filter and search through 200,001 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-28433 | No description available | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-28432 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-28431 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-28427 | OpenDeck is Linux software for your Elgato Stream Deck. Prior to 2.8.1, the service listening on port 57118 serves static files for installed plugins ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-28410 | The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the tok... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-2836 | ### Impact Pingora versions prior to 0.8.0 generated cache keys using only the URI path, excluding critical factors such as the host header. This allo... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-28355 | Canarytokens help track activity and actions on a network. Versions prior to `sha-7ff0e12` have a Self Cross-Site Scripting vulnerability in the "PWA"... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-28353 | Trivy Vulnerability Scanner is a VS Code extension that helps find vulnerabilities. In Trivy VSCode Extension version 1.8.12, which was distributed vi... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-2835 | ### Impact Pingora versions prior to 0.8.0 improperly allowed HTTP/1.0 request bodies to be close-delimited and incorrectly handled multiple Transfer-... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-2833 | ### Impact Pingora versions prior to 0.8.0 would immediately forward bytes following a request with an Upgrade header to the backend, without waiting ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-2832 | Certain Samsung MultiXpress Multifunction Printers may be vulnerable to information disclosure, potentially exposing address book entries and other de... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-28288 | Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify API to existing and non-existent accounts differ, allowin... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-28281 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-28267 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-28135 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Func... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-28133 | Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection allows Upload a Web Shell to a Web Server.This issue af... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-27982 | An open redirect vulnerability exists in django-allauth versions prior to 65.14.1 when SAML IdP initiated SSO is enabled (it is disabled by default), ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-27896 | The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing. Go's standard library performs case-insensiti... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-27887 | Spin is an open source developer tool for building and running serverless applications powered by WebAssembly. When Spin is configured to allow connec... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-27830 | ### Impact c3p0 is vulnerable to attack via maliciously crafted Java-serialized objects and `javax.naming.Reference` instances. Several c3p0 `Connect... | 0.0 | 0 | Neutral | No | Yes |