Vulnerabilities

Recent vulnerabilities

Recent vulnerabilities from 🏠GNA-1 (CIRCL)
Select from 78 available sources using the dropdown above.

NVD 🇺🇸

Recent vulnerabilities · 272069 entries
ID CVSS Description Vendor Product Published Updated
CVE-2026-9508
10 (4.0)
Incorrect Permission Assignment for Critical Resource … Suprema
BioStar 2 (server)
2026-05-29T12:09:02.026Z 2026-05-29T13:33:31.937Z
CVE-2026-9152
10 (4.0)
Unauthenticated SOAP Endpoint in Altium 365 SearchServ… Altium
Altium 365
2026-05-21T00:47:24.365Z 2026-05-21T12:41:39.633Z
CVE-2026-8326
10 (4.0)
Remote Spark SparkView Path Traversal in RDP Drive Red… Remote Spark (https://www.remotespark.com/)
SparkView
2026-05-29T11:47:02.652Z 2026-05-29T13:34:00.474Z
CVE-2026-8054
10 (4.0)
Unauthenticated SQL Injection in dotCMS Publish Audit API dotCMS
dotCMS Core
2026-05-27T07:55:25.905Z 2026-05-27T13:40:13.159Z
CVE-2026-7411
10 (3.1)
In Eclipse BaSyx Java Server SDK versions prior t… Eclipse Foundation
Eclipse BaSyx
2026-05-05T14:07:53.476Z 2026-05-06T15:25:50.007Z
CVE-2026-7312
10 (3.1)
CWE‑522: Insufficiently Protected Credentials in web s… Progress Software
Sitefinity
2026-06-02T13:09:06.250Z 2026-06-03T12:55:14.770Z
CVE-2026-6213
10 (4.0)
Remote Spark SparkView RCE Remote Spark (https://www.remotespark.com/)
SparkView
2026-05-08T09:04:24.188Z 2026-05-11T07:48:23.801Z
CVE-2026-57983
8.7 (3.1)
Microsoft Edge (Chromium-based) Security Feature Bypas… Microsoft
Microsoft Edge (Chromium-based)
2026-07-03T20:35:10.166Z 2026-07-07T03:55:57.286Z
CVE-2026-57700
10 (3.1)
WordPress OMGF Pro plugin <= 5.2.6 - Arbitrary File Up… Daan.dev
OMGF Pro
2026-06-25T17:29:31.795Z 2026-06-29T17:43:48.914Z
CVE-2026-57624
10 (3.1)
WordPress Blocksy Companion Pro plugin <= 2.1.46 - Rem… Creative Themes
Blocksy Companion Pro
2026-07-02T11:15:26.664Z 2026-07-02T19:39:14.229Z
CVE-2026-57572
10 (3.1)
Crawl4AI: Unauthenticated RCE via Chromium launch-argu… unclecode
crawl4ai
2026-07-06T20:16:21.597Z 2026-07-06T20:16:21.597Z
CVE-2026-56415
10 (4.0)
10 (3.1)
OS Command Injection in StoneFly Storage Concentrator Stonefly
Storage Concentrator
2026-06-30T22:40:55.582Z 2026-07-01T12:42:03.699Z
CVE-2026-56413
10 (4.0)
10 (3.1)
OS Command Injection in StoneFly Storage Concentrator StoneFly
Storage Concentrator
2026-06-30T22:50:58.131Z 2026-07-01T12:41:07.971Z
CVE-2026-56290
10 (4.0)
Joomla Extension - joomlack.fr - Unauthenticated file … joomlack.fr
JoomlaCK.fr Page Builder CK extension for Joomla
2026-06-29T14:31:37.952Z 2026-07-08T09:53:18.704Z
CVE-2026-56004
10 (3.1)
obs-service-tar_scm: command injection via mercurial handler openSUSE
buildservice
2026-07-02T14:54:02.119Z 2026-07-02T16:11:28.338Z
CVE-2026-54917
7.8 (4.0)
SeaweedFS: Path traversal in the S3 and Iceberg REST g… seaweedfs
seaweedfs
2026-06-25T18:41:19.111Z 2026-06-25T19:05:31.072Z
CVE-2026-54763
7.8 (4.0)
Traefik: headerField underscore-variant identity spoof… traefik
traefik
2026-07-06T20:33:36.059Z 2026-07-07T02:52:40.600Z
CVE-2026-54350
10 (3.1)
Budibase: Anonymous NoSQL operator injection via publi… Budibase
budibase
2026-06-26T20:44:00.337Z 2026-06-30T19:31:58.021Z
CVE-2026-54309
8.8 (4.0)
n8n: n8n MCP Browser HTTP Transport Exposes Unauthenti… n8n-io
n8n
2026-06-23T15:36:13.270Z 2026-06-23T15:45:15.836Z
CVE-2026-53753
9.8 (3.1)
Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain… unclecode
crawl4ai
2026-06-23T18:17:18.936Z 2026-06-23T18:55:22.278Z
CVE-2026-53622
7.8 (4.0)
9.1 (3.1)
Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions l… traefik
traefik
2026-06-23T19:13:28.844Z 2026-06-30T12:09:27.550Z
CVE-2026-53576
10 (3.1)
Kestra: Unauthenticated RCE via /configs path-suffix a… kestra-io
kestra
2026-06-26T20:54:08.282Z 2026-06-29T15:19:50.974Z
CVE-2026-52813
10 (3.1)
Gogs: Path Traversal in organization name results in R… gogs
gogs
2026-06-24T20:33:42.162Z 2026-06-26T03:55:38.322Z
CVE-2026-52704
10 (3.1)
WordPress WooCommerce PDF Invoice Builder plugin <= 2.… Edgar Rojas
WooCommerce PDF Invoice Builder
2026-06-15T12:49:49.160Z 2026-06-15T15:54:11.621Z
CVE-2026-50746
10 (3.1)
A malicious actor with access to the network coul… Ubiquiti Inc
UniFi Connect Application
2026-07-02T14:49:16.907Z 2026-07-02T15:52:15.315Z
CVE-2026-50242
10 (3.1)
In JetBrains Hub before 2026.1.13757, 2025.3.1480… JetBrains
Hub
2026-06-19T11:49:42.383Z 2026-06-24T03:56:16.426Z
CVE-2026-50160
10 (3.1)
Mass Assignment via Onboarding Endpoint Allows Unauthe… hoppscotch
hoppscotch
2026-07-01T17:48:49.381Z 2026-07-02T03:57:34.538Z
CVE-2026-50086
10 (3.1)
Aqara unauthenticated AES oracle Aqara
Aqara IAM/SSO Gateway
2026-06-12T15:01:26.055Z 2026-06-12T15:48:59.149Z
CVE-2026-49869
10 (3.1)
Kestra: Unauthenticated Remote Code Execution via Auth… kestra-io
kestra
2026-06-26T20:58:19.576Z 2026-06-29T13:20:38.655Z
CVE-2026-49777
10 (3.1)
WordPress Product Slider Pro for WooCommerce plugin < … ShapedPlugin, LLC
Product Slider Pro for WooCommerce
2026-06-05T08:59:53.320Z 2026-06-08T16:18:18.074Z