Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-33893 | HIGH | 7.5 | A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter … | May 12, 2026 |
| CVE-2026-33862 | HIGH | 7.3 | A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter … | May 12, 2026 |
| CVE-2026-27662 | HIGH | 7.7 | Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could … | May 12, 2026 |
| CVE-2026-25789 | HIGH | 7.1 | Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user … | May 12, 2026 |
| CVE-2026-25787 | CRITICAL | 9.1 | Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface. This could … | May 12, 2026 |
| CVE-2026-25786 | CRITICAL | 9.1 | Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow an authenticated … | May 12, 2026 |
| CVE-2026-22925 | HIGH | 7.5 | A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application is susceptible to resource exhaustion when subjected to high … | May 12, 2026 |
| CVE-2026-22924 | CRITICAL | 9.1 | A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does not properly restrict unauthenticated connections and is susceptible … | May 12, 2026 |
| CVE-2026-1934 | MEDIUM | 4.3 | The Motors – Car Dealership & Classified Listings plugin for WordPress is vulnerable to Payment Bypass via insecure user meta update in all versions up … | May 12, 2026 |
| CVE-2025-6577 | CRITICAL | 9.8 | Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows SQL Injection. … | May 12, 2026 |
| CVE-2025-40949 | CRITICAL | 9.1 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions … | May 12, 2026 |
| CVE-2025-40948 | MEDIUM | 6.8 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions … | May 12, 2026 |
| CVE-2025-40947 | HIGH | 7.5 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions … | May 12, 2026 |
| CVE-2025-40946 | HIGH | 8.3 | A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 105 TL3 (All versions), … | May 12, 2026 |
| CVE-2025-40833 | HIGH | 7.5 | The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service … | May 12, 2026 |
| CVE-2024-54017 | MEDIUM | 5.3 | A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V11.0), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All … | May 12, 2026 |
| CVE-2026-7661 | MEDIUM | 6.4 | The Bootstrap Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `box` shortcode in all versions up to, and including, 1.0. This … | May 12, 2026 |
| CVE-2026-7659 | MEDIUM | 6.4 | The Advanced Social Media Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `social` shortcode in all versions up to, and including, … | May 12, 2026 |
| CVE-2026-7626 | MEDIUM | 5.3 | The Slek Gateway for WooCommerce plugin for WordPress is vulnerable to Information Exposure in version 1.0. This is due to the wsb_handle_slek_payment_redirect() function placing the … | May 12, 2026 |
| CVE-2026-7616 | MEDIUM | 4.3 | The Zawgyi Embed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.1. This is due to missing … | May 12, 2026 |
| CVE-2026-7562 | MEDIUM | 4.3 | The WP-Redirection plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.0.3. This is due to the absence … | May 12, 2026 |
| CVE-2026-7561 | MEDIUM | 6.1 | The Tm – WordPress Redirection plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due … | May 12, 2026 |
| CVE-2026-7464 | MEDIUM | 6.1 | The WP Google Maps Integration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `page` parameter in all versions up to, and including, … | May 12, 2026 |
| CVE-2026-7437 | MEDIUM | 6.1 | The AzonPost plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `editpos_hidden` parameter in all versions up to, and including, 1.3. This is … | May 12, 2026 |
| CVE-2026-7050 | MEDIUM | 4.3 | The Forms Rb plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.9. This is due to the plugin … | May 12, 2026 |