Filter and search through 392,208 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-23887 | Group-Office is an enterprise customer relationship management and groupware tool. In versions 6.8.148 and below, and 25.0.1 through 25.0.79, the appl... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-23886 | ### Impact A denial-of-service vulnerability due to improper input validation allows a remote attacker to crash the service via a malformed HTTP head... | 5.3 | 210 | Neutral | No | Yes |
| CVE-2026-23885 | ### Summary A vulnerability was discovered during a manual security audit of the AlchemyCMS source code. The application uses the Ruby `eval()` functi... | 6.4 | 451 | Neutral | Yes | Yes |
| CVE-2026-23884 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves `gdi->drawing` pointing to ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-23883 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, `xf_Pointer_New` frees `cursorPixels` on failure, then `poin... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-23880 | OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida. Versions of the sof... | 7.3 | 343 | Neutral | No | No |
| CVE-2026-23878 | HotCRP is conference review software. Starting in commit aa20ef288828b04550950cf67c831af8a525f508 and prior to commit ceacd5f1476458792c44c6a993670f02... | 6.5 | 217 | Neutral | No | No |
| CVE-2026-23877 | ### Summary Swing Music's `list_folders()` function in the `/folder/dir-browser` endpoint is vulnerable to directory traversal attacks. Any authentica... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-23876 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer... | 8.1 | 482 | Neutral | No | Yes |
| CVE-2026-23875 | CrawlChat is an open-source, AI-powered platform that transforms technical documentation into intelligent chatbots. Prior to version 0.0.8, a non-exis... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-23874 | ## Summary Stack overflow via infinite recursion in MSL (Magick Scripting Language) `<write>` command when writing to MSL format. ## Version - Imag... | 5.5 | 125 | Neutral | No | Yes |
| CVE-2026-23873 | hustoj is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC and NOIP training. All versions are vulnerable to CSV Injection (Formu... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-23864 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-23852 | SiYuan is a personal knowledge management system. Versions prior to 3.5.4 have a stored Cross-Site Scripting (XSS) vulnerability that allows an attack... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-23851 | ### Summary The SiYuan Note application (v3.5.3) contains a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authent... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-23850 | ### Summary Markdown feature allows unrestricted server side html-rendering which allows arbitary file read (LFD) and fully SSRF access We in @0xL4ugh... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-23849 | ### Summary The JSONAuth.Auth function contains a logic flaw that allows unauthenticated attackers to enumerate valid usernames by measuring the respo... | 5.3 | 124 | Neutral | No | Yes |
| CVE-2026-23848 | MyTube is a self-hosted downloader and player for several video websites. Prior to version 1.7.71, a rate limiting bypass via `X-Forwarded-For` header... | 6.5 | 224 | Neutral | No | No |
| CVE-2026-23847 | ### Summary Reflected XSS in /api/icon/getDynamicIcon due to unsanitized SVG input. ### Details The endpoint generates SVG images for text icons (type... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-23846 | Tugtainer is a self-hosted app for automating updates of Docker containers. In versions prior to 1.16.1, the password authentication mechanism transmi... | 8.1 | 484 | Neutral | No | No |