Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
13428
Total
886
Critical
3903
High
4235
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-5608 | HIGH | 8.8 | A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in … | Apr 06, 2026 |
| CVE-2026-5607 | MEDIUM | 6.3 | A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL … | Apr 06, 2026 |
| CVE-2026-5606 | MEDIUM | 6.3 | A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /order-details.php of … | Apr 06, 2026 |
| CVE-2026-5605 | HIGH | 8.8 | A weakness has been identified in Tenda CH22 1.0.0.1. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. Executing a manipulation of the argument GO … | Apr 06, 2026 |
| CVE-2026-5604 | HIGH | 8.8 | A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function formCertLocalPrecreate of the file /goform/CertLocalPrecreate of the component Parameter … | Apr 05, 2026 |
| CVE-2026-5603 | MEDIUM | 5.3 | A vulnerability was identified in elgentos magento2-dev-mcp up to 1.0.2. The affected element is the function executeMagerun2Command of the file src/index.ts. Such manipulation leads to … | Apr 05, 2026 |
| CVE-2026-5602 | MEDIUM | 5.3 | A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component new_heim_application/deploy_heim_application/deploy_heim_application_to_cloud. This manipulation … | Apr 05, 2026 |
| CVE-2026-5601 | MEDIUM | 5.3 | A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup … | Apr 05, 2026 |
| CVE-2026-5597 | MEDIUM | 6.3 | A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation … | Apr 05, 2026 |
| CVE-2026-4272 | HIGH | 8.1 | Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows Authentication Abuse.This issue affects Handheld Scanners: from C1 Base(Ingenic x1000) before GK000432BAA, from D1 … | Apr 05, 2026 |
| CVE-2026-35679 | LOW | 3.5 | Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from … | Apr 05, 2026 |
| CVE-2026-5596 | MEDIUM | 6.3 | A vulnerability was detected in griptape-ai griptape 0.19.4. Affected by this issue is some unknown functionality of the file griptape/tools/sql/tool.py of the component SqlTool. Performing … | Apr 05, 2026 |
| CVE-2019-25704 | HIGH | 8.2 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filter_user_mail parameter. Attackers can … | Apr 05, 2026 |
| CVE-2019-25702 | HIGH | 8.2 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the id_project parameter. Attackers can … | Apr 05, 2026 |
| CVE-2019-25700 | HIGH | 8.2 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the sort_direction parameter. Attackers can … | Apr 05, 2026 |
| CVE-2019-25698 | HIGH | 8.2 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the id_to_delete parameter. Attackers can … | Apr 05, 2026 |
| CVE-2019-25696 | HIGH | 8.2 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the language_tag parameter. Attackers can … | Apr 05, 2026 |
| CVE-2019-25694 | HIGH | 8.2 | Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user2reset parameter. Attackers … | Apr 05, 2026 |
| CVE-2019-25692 | HIGH | 8.2 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id_to_modify' parameter. Attackers can … | Apr 05, 2026 |
| CVE-2019-25690 | HIGH | 8.2 | Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the mng_profile_id parameter. Attackers can … | Apr 05, 2026 |
| CVE-2019-25688 | HIGH | 8.2 | Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the menu_lev1 parameter. Attackers … | Apr 05, 2026 |
| CVE-2019-25687 | CRITICAL | 9.8 | Pegasus CMS 1.0 contains a remote code execution vulnerability in the extra_fields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval … | Apr 05, 2026 |
| CVE-2019-25686 | HIGH | 7.5 | Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows unauthenticated attackers to crash the service by sending … | Apr 05, 2026 |
| CVE-2019-25685 | HIGH | 8.8 | phpBB contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by exploiting the plupload functionality and phar:// stream wrapper. Attackers … | Apr 05, 2026 |
| CVE-2019-25684 | HIGH | 8.2 | OpenDocMan 1.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'where' parameter. Attackers can … | Apr 05, 2026 |