Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

23329
Total
1657
Critical
7330
High
7410
Medium
CVE ID Severity Score Description Published
CVE-2026-56217 MEDIUM 4.3 Capgo before 12.128.2 contains a policy bypass vulnerability in app_versions update enforcement that allows app-scoped API keys to downgrade encrypted bundles to non-encrypted state. Attackers … Jul 08, 2026
CVE-2026-56086 HIGH 8.8 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through … Jul 08, 2026
CVE-2026-54061 CRITICAL 9.1 Dgraph is an open source distributed GraphQL database. Prior to version 25.3.5, Dgraph Alpha exposes the RPCs used for external snapshot import on the public … Jul 08, 2026
CVE-2026-53482 HIGH 7.5 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through … Jul 08, 2026
CVE-2026-53480 LOW 2.7 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through … Jul 08, 2026
CVE-2026-44840 HIGH 7.5 Dgraph is an open source distributed GraphQL database. Prior to version 25.3.4, the `checkUserPassword` GraphQL query in Dgraph is vulnerable to DQL (Dgraph Query Language) … Jul 08, 2026
CVE-2026-41122 HIGH 7.1 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through … Jul 08, 2026
CVE-2026-22927 HIGH 7.8 Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability. Jul 08, 2026
CVE-2026-15053 HIGH 7.5 Tanium addressed a denial of service vulnerability in Tanium Server. Jul 08, 2026
CVE-2026-15035 MEDIUM 5.3 A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the function async_run_command of the file src/openllm/common.py of the component Model Repository Directory Name Handler. … Jul 08, 2026
CVE-2026-15034 MEDIUM 4.3 A vulnerability has been found in flask-dashboard Flask-MonitoringDashboard up to 5.0.2. Affected by this issue is some unknown functionality. Such manipulation leads to cross-site request … Jul 08, 2026
CVE-2026-15033 MEDIUM 6.3 A flaw has been found in christopherthielen check-peer-dependencies up to 4.3.4. Affected by this vulnerability is the function shelljs.exec of the file dist/packageUtils.js of the … Jul 08, 2026
CVE-2026-8315 MEDIUM 5.4 Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Webbeyaz Web Design Mediküm Web allows Stored XSS. This issue affects Mediküm Web: … Jul 08, 2026
CVE-2026-8310 MEDIUM 6.1 Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Webbeyaz Web Design Mediküm Web allows Reflected XSS. This issue affects Mediküm Web: … Jul 08, 2026
CVE-2026-8307 CRITICAL 9.8 Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Webbeyaz Web Design Mediküm Web allows SQL Injection. This issue affects … Jul 08, 2026
CVE-2026-6820 HIGH 7.2 The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'email' parameter in all versions up to, … Jul 08, 2026
CVE-2026-6740 MEDIUM 6.4 The Nexter Blocks – Gutenberg Blocks, Page Builder & AI Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'commentIcon' parameter … Jul 08, 2026
CVE-2026-6459 MEDIUM 6.4 The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Event Calendar widget … Jul 08, 2026
CVE-2026-5459 MEDIUM 5.3 The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in … Jul 08, 2026
CVE-2026-5356 HIGH 7.5 The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and … Jul 08, 2026
CVE-2026-14454 UNKNOWN Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as … Jul 08, 2026
CVE-2026-12002 MEDIUM 4.7 The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, … Jul 08, 2026
CVE-2026-6854 HIGH 7.5 The My Calendar – Accessible Event Manager plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'mc_auth' parameter in all versions up … Jul 08, 2026
CVE-2026-6818 HIGH 7.2 The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'special_requests' parameter in all versions up to, … Jul 08, 2026
CVE-2026-6742 MEDIUM 6.4 The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in all versions up to, and including, 2026.1 due … Jul 08, 2026