Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-6566 | MEDIUM | 4.3 | The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and … | May 20, 2026 |
| CVE-2026-5776 | MEDIUM | 6.1 | The Email Encoder WordPress plugin before 2.4.7 does not escape email addresses retrieved via user input, allowing unauthenticated attackers to perform Stored XSS attacks | May 20, 2026 |
| CVE-2026-47784 | HIGH | 8.1 | In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass. | May 20, 2026 |
| CVE-2026-47783 | HIGH | 8.1 | In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid … | May 20, 2026 |
| CVE-2026-44392 | MEDIUM | 4.3 | Missing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in to the product, unintended update processing may … | May 20, 2026 |
| CVE-2026-2955 | MEDIUM | 6.4 | The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' header in versions up to, … | May 20, 2026 |
| CVE-2026-9057 | HIGH | 8.2 | A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio … | May 20, 2026 |
| CVE-2026-9056 | MEDIUM | 5.4 | A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can store a XSS payload … | May 20, 2026 |
| CVE-2026-7522 | HIGH | 8.8 | The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.1.0 via the 'template' … | May 20, 2026 |
| CVE-2026-5075 | MEDIUM | 4.3 | The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, … | May 20, 2026 |
| CVE-2026-9010 | HIGH | 7.5 | The Boost plugin for WordPress is vulnerable to time-based SQL Injection via the 'current_url' and 'user_name' parameters in versions up to, and including, 2.0.3 due … | May 20, 2026 |
| CVE-2026-9003 | HIGH | 7.5 | E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. | May 20, 2026 |
| CVE-2026-7637 | CRITICAL | 9.8 | The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in the … | May 20, 2026 |
| CVE-2026-7460 | UNKNOWN | — | mailcow-dockerized contains a stored cross-site scripting vulnerability in the administrator Queue Manager. The Queue Manager fetches mail queue entries from /api/v1/get/mailq/all, copies server-controlled Postfix queue … | May 20, 2026 |
| CVE-2026-24215 | MEDIUM | 5.7 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend, where an attacker could cause uncontrolled resource consumption. A successful exploit of this vulnerability … | May 20, 2026 |
| CVE-2026-24214 | HIGH | 8.0 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of this vulnerability … | May 20, 2026 |
| CVE-2026-24213 | HIGH | 8.0 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-bounds read. A successful exploit of this vulnerability … | May 20, 2026 |
| CVE-2026-24210 | HIGH | 7.5 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to denial … | May 20, 2026 |
| CVE-2026-24209 | HIGH | 7.5 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to … | May 20, 2026 |
| CVE-2026-24208 | MEDIUM | 5.3 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to … | May 20, 2026 |
| CVE-2026-24207 | CRITICAL | 9.8 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code … | May 20, 2026 |
| CVE-2026-24206 | HIGH | 7.3 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation … | May 20, 2026 |
| CVE-2026-24163 | HIGH | 7.5 | NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability … | May 20, 2026 |
| CVE-2026-24160 | MEDIUM | 5.5 | NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit … | May 20, 2026 |
| CVE-2026-24142 | MEDIUM | 6.3 | NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data … | May 20, 2026 |