Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
11537
Total
770
Critical
3263
High
3665
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-7698 | HIGH | 7.3 | A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation … | May 03, 2026 |
| CVE-2026-7697 | MEDIUM | 4.7 | A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand_submit.php. This manipulation of the argument … | May 03, 2026 |
| CVE-2026-7696 | MEDIUM | 6.3 | A vulnerability was found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This impacts an unknown function of the file /SubstationWEBV2/main/uploadH5Files. … | May 03, 2026 |
| CVE-2026-7695 | HIGH | 7.3 | A vulnerability has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This affects an unknown function of the file … | May 03, 2026 |
| CVE-2026-7694 | HIGH | 7.3 | A flaw has been found in Acrel Electrical ECEMS Enterprise Microgrid Energy Efficiency Management System 1.3.0. The impacted element is an unknown function of the … | May 03, 2026 |
| CVE-2026-7692 | MEDIUM | 6.3 | A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410_221110. The affected element is the function ping_ddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the … | May 03, 2026 |
| CVE-2026-7691 | MEDIUM | 6.3 | A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410_221110. Impacted is the function set_sys_cmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument … | May 03, 2026 |
| CVE-2026-7690 | MEDIUM | 6.3 | A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410_221110. This issue affects the function set_sys_adm of the file /cgi-bin/adm.cgi. This manipulation of the argument … | May 03, 2026 |
| CVE-2026-7689 | LOW | 3.7 | A security flaw has been discovered in Dolibarr ERP CRM up to 23.0.2. This vulnerability affects the function dol_verifyHash in the library htdocs/core/lib/security.lib.php of the … | May 03, 2026 |
| CVE-2026-7688 | MEDIUM | 5.0 | A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. This affects the function _checkValForAPI of the file htdocs/expedition/class/expedition.class.php of the component Shipments API … | May 03, 2026 |
| CVE-2026-7687 | MEDIUM | 6.3 | A vulnerability was determined in langflow-ai langflow up to 1.8.4. Affected by this issue is the function CodeParser.parse_callable_details of the file src/lfx/src/lfx/custom/code_parser/code_parser.py of the component … | May 03, 2026 |
| CVE-2026-7686 | MEDIUM | 5.3 | A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js … | May 03, 2026 |
| CVE-2026-7685 | HIGH | 8.8 | A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument … | May 03, 2026 |
| CVE-2026-7684 | HIGH | 8.8 | A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the … | May 03, 2026 |
| CVE-2026-7683 | MEDIUM | 6.3 | A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. … | May 03, 2026 |
| CVE-2026-7682 | MEDIUM | 6.3 | A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP … | May 03, 2026 |
| CVE-2026-5337 | UNKNOWN | — | During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference (IDOR) attack. … | May 03, 2026 |
| CVE-2026-7681 | MEDIUM | 6.5 | A security vulnerability has been detected in jsbroks COCO Annotator up to 0.11.1. Affected by this vulnerability is an unknown functionality of the file backend/webserver/api/datasets.py … | May 03, 2026 |
| CVE-2026-7680 | MEDIUM | 4.3 | A weakness has been identified in jsbroks COCO Annotator up to 0.11.1. Affected is an unknown function of the file backend/webserver/api/datasets.py of the component Data … | May 03, 2026 |
| CVE-2026-5063 | HIGH | 7.2 | The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in the submit_nex_form() … | May 03, 2026 |
| CVE-2026-7679 | HIGH | 7.3 | A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This impacts the function getAccessToken of the file yudao-module-system-biz/src/main/java/io/github/ruoyi/common/oauth2/service/impl/OAuth2TokenServiceImpl.java. Performing a manipulation results … | May 03, 2026 |
| CVE-2026-7678 | MEDIUM | 6.3 | A vulnerability was identified in YunaiV yudao-cloud up to 2026.01. This affects the function getDataBySQL of the file yudao-module-report-biz/src/main/java/io/github/ruoyi/report/service/impl/GoViewDataServiceImpl.java. Such manipulation leads to sql injection. … | May 03, 2026 |
| CVE-2026-7677 | LOW | 3.5 | A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System … | May 03, 2026 |
| CVE-2026-7676 | MEDIUM | 4.3 | A vulnerability was found in kerwincui FastBee up to 1.2.1. The affected element is the function ToolController.download of the file springboot/fastbee-open-api/src/main/java/com/fastbee/data/controller/ToolController.java of the component Tool … | May 03, 2026 |
| CVE-2026-7675 | HIGH | 8.8 | A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function start_lan of the file /apply.cgi. The manipulation of … | May 03, 2026 |