Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
14253
Total
958
Critical
4178
High
4523
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-5021 | HIGH | 8.8 | A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of … | Mar 29, 2026 |
| CVE-2026-2602 | MEDIUM | 6.4 | The Twentig plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'featuredImageSizeWidth' parameter in versions up to, and including, 1.9.7 due to insufficient … | Mar 29, 2026 |
| CVE-2026-5020 | MEDIUM | 6.3 | A vulnerability was detected in Totolink A3600R 4.1.2cu.5182_B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. … | Mar 29, 2026 |
| CVE-2026-4851 | UNKNOWN | — | GRID::Machine versions through 0.127 for Perl allows arbitrary code execution via unsafe deserialization. GRID::Machine provides Remote Procedure Calls (RPC) over SSH for Perl. The client … | Mar 29, 2026 |
| CVE-2026-5019 | HIGH | 7.3 | A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php … | Mar 29, 2026 |
| CVE-2026-5018 | HIGH | 7.3 | A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the file register-router.php of the component Parameter … | Mar 28, 2026 |
| CVE-2026-5017 | HIGH | 7.3 | A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component … | Mar 28, 2026 |
| CVE-2026-5016 | HIGH | 7.3 | A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of the file /mock of the component URL Handler. Such … | Mar 28, 2026 |
| CVE-2026-5015 | MEDIUM | 4.3 | A vulnerability was determined in elecV2 elecV2P up to 3.8.3. The impacted element is an unknown function of the file /logs of the component Endpoint. … | Mar 28, 2026 |
| CVE-2026-5014 | MEDIUM | 5.3 | A vulnerability was found in elecV2 elecV2P up to 3.8.3. The affected element is the function path.join of the file /log/ of the component Wildcard … | Mar 28, 2026 |
| CVE-2026-5013 | MEDIUM | 5.3 | A vulnerability has been found in elecV2 elecV2P up to 3.8.3. Impacted is the function path.join of the file /store/:key. The manipulation of the argument … | Mar 28, 2026 |
| CVE-2026-5012 | HIGH | 7.3 | A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can … | Mar 28, 2026 |
| CVE-2026-5011 | MEDIUM | 6.3 | A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. … | Mar 28, 2026 |
| CVE-2026-5007 | MEDIUM | 5.3 | A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function cloneRepository of the file src/index.ts of the component add_git_repository/add_text_file. The manipulation … | Mar 28, 2026 |
| CVE-2026-3256 | UNKNOWN | — | HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids. HTTP::Session defaults to using HTTP::Session::ID::SHA1 to generate session ids using a SHA-1 … | Mar 28, 2026 |
| CVE-2025-15604 | UNKNOWN | — | Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions. In versions 6.06 through 6.16, the random_string function will attempt to … | Mar 28, 2026 |
| CVE-2026-5004 | HIGH | 8.8 | A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation … | Mar 28, 2026 |
| CVE-2026-5003 | MEDIUM | 5.3 | A vulnerability was found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. This affects the function handle_index of the file rag_system/api_server.py of the component Web Interface. Performing … | Mar 28, 2026 |
| CVE-2026-5002 | HIGH | 7.3 | A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function _route_using_overviews of the file backend/server.py of the component … | Mar 28, 2026 |
| CVE-2026-5001 | HIGH | 7.3 | A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The affected element is the function do_POST of the file backend/server.py. This manipulation causes … | Mar 28, 2026 |
| CVE-2026-5000 | HIGH | 7.3 | A vulnerability was detected in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. Impacted is the function LocalGPTHandler of the file backend/server.py of the component API Endpoint. The … | Mar 28, 2026 |
| CVE-2026-4999 | MEDIUM | 6.3 | A security vulnerability has been detected in z-9527 admin up to 72aaf2dd05cf4ec2e98f390668b41e128eec5ad2. This issue affects the function uploadFile of the file /server/utils/upload.js of the component … | Mar 28, 2026 |
| CVE-2026-4998 | HIGH | 7.3 | A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/code_execution/code_executor.py of the component … | Mar 28, 2026 |
| CVE-2026-4997 | MEDIUM | 5.3 | A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function is_sql_query_safe of the file pandasai/helpers/sql_sanitizer.py. Performing a manipulation … | Mar 28, 2026 |
| CVE-2026-4996 | HIGH | 7.3 | A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function delete_question_and_answers/delete_docs/update_question_answer/update_docs/get_relevant_question_answers_by_id/get_relevant_docs_by_id of the file extensions/ee/vectorstores/lancedb/pandasai_lancedb/lancedb.py of the … | Mar 28, 2026 |