🔥 Trending CVEs - Last 90 Days

This CVE describes a command injection vulnerability in WPGraphQL's GitHub Actions workflow that allows arbitrary command execution when merging pull ...

Plane project management tool versions before 1.2.2 contain a Full Read SSRF vulnerability in the 'Add Link' feature. Authenticated users can send arb...

An authenticated remote attacker can cause a denial of service (DoS) on Cisco Nexus 9000 Series Fabric Switches in ACI mode by sending continuous SNMP...

This vulnerability allows a malicious actor to take over local user accounts when federated authentication with Silent Just-In-Time Provisioning is en...

Wallos versions 4.6.0 and below contain a Server-Side Request Forgery (SSRF) vulnerability in the logo/icon upload functionality. Attackers can bypass...

This vulnerability allows authenticated users in Metabase to extract sensitive information including database credentials via template evaluation in e...

This path traversal vulnerability in the WordPress User Extra Fields plugin allows attackers to delete arbitrary files on the server. It affects all W...

This path traversal vulnerability in the Woo File Dropzone WordPress plugin allows attackers to delete arbitrary files on the server. It affects all W...

CVE-2025-1272 is a Linux kernel vulnerability where lockdown mode is disabled without warning in Fedora Linux kernel versions 6.12+, allowing attacker...

This vulnerability allows unauthenticated attackers to mark WooCommerce orders as paid without actual payment by reusing valid payment tokens from oth...

CVE-2026-25991 is a Blind Server-Side Request Forgery (SSRF) vulnerability in Tandoor Recipes that allows authenticated users to make the server conne...

A high-privileged user in Infoblox NIOS can exploit the account creation mechanism to write arbitrary files to the system. This affects Infoblox NIOS ...

This CVE describes an out-of-bounds read vulnerability in macOS kernel memory that could allow an attacker to cause system crashes or read sensitive k...

A buffer overflow vulnerability in MUNGE authentication daemon (munged) versions 0.5 to 0.5.17 allows local attackers to leak cryptographic key materi...

SAP Solution Tools Plug-In (ST-PI) contains an authorization bypass vulnerability where authenticated users can access sensitive information without p...

This CVE describes a denial-of-service vulnerability in SAP systems where authenticated users can trigger excessive resource consumption by invoking a...

Cube semantic layer versions 0.27.19 through 1.5.12, 1.4.1 and earlier, and 1.0.13 and earlier contain an API token validation vulnerability that allo...

This cross-site scripting (XSS) vulnerability in Mattermost's Confluence plugin allows authenticated Confluence users with malicious display names to ...

OpenClaw versions before 2026.1.29 contain two command injection vulnerabilities. Attackers can execute arbitrary commands on remote SSH hosts via une...

This vulnerability in n8n workflow automation platform allows uninitialized memory allocation via Buffer.allocUnsafe() and Buffer.allocUnsafeSlow() in...

This vulnerability allows a local attacker with physical USB access to cause a full device reset by using an invalid reset file. It affects devices th...

This vulnerability allows attackers to execute arbitrary Python code on TechDocs build servers when configured with 'runIn: local'. Malicious actors w...

This vulnerability allows attackers to intercept unencrypted update requests and deliver malicious packages to affected NETGEAR routers and Orbi WiFi ...

This vulnerability allows unauthenticated attackers on the local network to execute arbitrary commands on affected NETGEAR routers and Orbi WiFi syste...

This CVE describes a server-side request forgery (SSRF) vulnerability in Chainlit versions before 2.9.4 when using the SQLAlchemy data layer backend. ...

The Kafka Connect BigQuery Connector prior to version 2.11.0 has an arbitrary file read vulnerability in credential configuration processing. Attacker...

This vulnerability allows any authenticated Rocket.Chat user to access OAuth application credentials (client_id and client_secret) by querying the /ap...

This vulnerability allows authenticated users to execute stored cross-site scripting (XSS) attacks through improper input validation in GitLab's Kuber...

CVE-2026-20852 is a privilege assignment vulnerability in Windows Hello that allows local attackers to tamper with authentication mechanisms. This aff...

This Windows Hello vulnerability allows an unauthorized local attacker to tamper with authentication processes due to incorrect privilege assignment. ...

CVE-2026-22035 is a command injection vulnerability in Greenshot screenshot utility that allows attackers to execute arbitrary operating system comman...

This vulnerability in the Frontend File Manager WordPress plugin allows any authenticated user, including low-privilege subscribers, to delete arbitra...

Emlog versions up to 2.5.19 are vulnerable to server-side request forgery (SSRF) via malicious SVG file uploads. Attackers can upload crafted SVG file...

This vulnerability in coturn TURN/STUN server allows attackers to predict random nonces and port assignments due to a weak random number generator. At...

This CVE describes a missing authorization vulnerability in Gmission Web Fax that allows attackers to abuse authentication mechanisms and falsify sess...

This vulnerability allows attackers to upload malicious files to web servers running Innorix WP, potentially leading to remote code execution. All ver...

A local privilege escalation vulnerability exists in IBM Concert due to a race condition involving symbolic link handling. This allows authenticated l...

A Local Privilege Escalation vulnerability in K7 Ultimate Security allows unprivileged local users to edit any registry key via insecure named pipe ac...

This CVE describes a Missing Authorization vulnerability in HappyFiles Pro WordPress plugin that allows attackers to bypass access controls. It affect...

This vulnerability in Weblate allows attackers to read arbitrary files from the server file system by exploiting crafted symbolic links in repositorie...

Zed code editor versions before 0.218.2-pre have an arbitrary code execution vulnerability where malicious Language Server Protocol configurations in ...

Zed code editor versions before 0.218.2-pre have an arbitrary code execution vulnerability where malicious MCP configurations in project settings file...

LINE client for iOS versions before 15.4 has a critical SSL/TLS certificate validation bypass vulnerability in an integrated financial SDK. This allow...

This vulnerability allows any authenticated user, even with the lowest 'visitor' role, to bypass authorization checks and perform unauthorized file op...

This reflected XSS vulnerability in facileManager's fmDNS module allows attackers to inject malicious JavaScript via the log_search_query parameter in...

Ghost CMS versions 0.7.2 through 6.19.0 contain a vulnerability where malicious themes can execute arbitrary code on the server. This allows attackers...

Textream macOS teleprompter app versions before 1.5.1 have a WebSocket server that doesn't validate the Origin header, allowing malicious web pages to...

This SQL injection vulnerability in Mautic's API endpoint allows authenticated users to inject arbitrary SQL commands via the sort direction parameter...

This vulnerability allows attackers to inject malicious scripts via model outputs containing <script> tags in New API's MarkdownRenderer.jsx component...

This vulnerability allows authenticated administrators in Zscaler Internet Access (ZIA) to execute backend functions through improper input validation...