Vulnerabilities database (CVE, CAPEC, CWE, Exploit-db)

6.5 CVE-2025-13078
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.10 before 18.8.7, 18.9...

2026-03-26T15:13:15.790

6.5 CVE-2025-13436
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.8.7, 18.9...

2026-03-26T15:13:15.790

4.3 CVE-2025-14595
GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.8.7, 18.9 before...

2026-03-26T15:13:15.790

7.1 CVE-2025-69096
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in...

2026-03-25T21:16:26.167

8.5 CVE-2025-69347
Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription...

2026-03-26T16:16:04.680

CVE-2025-69358
Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows...

2026-03-25T17:16:27.830

CVE-2026-1712
Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Escalation.This issue affects...

2026-03-26T15:13:15.790

6.8 CVE-2026-1724
GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.8.7, 18.9 before...

2026-03-26T15:13:15.790

4.3 CVE-2026-20719
Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11...

2026-03-26T15:13:15.790

CVE-2026-22448
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in flexcubed...

2026-03-25T17:16:30.507

CVE-2026-22480
Deserialization of Untrusted Data vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed...

2026-03-25T17:16:30.650

CVE-2026-22484
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in...

2026-03-25T17:16:30.803

CVE-2026-22485
Missing Authorization vulnerability in Ruhul Amin My Album Gallery my-album-gallery allows Exploiting...

2026-03-25T17:16:30.940

7.1 CVE-2026-22491
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in...

2026-03-25T21:16:29.060

CVE-2026-22493
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')...

2026-03-25T17:16:31.227

CVE-2026-22494
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')...

2026-03-25T17:16:31.363

CVE-2026-22495
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')...

2026-03-25T17:16:31.503

CVE-2026-22496
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')...

2026-03-25T17:16:31.643

CVE-2026-22498
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')...

2026-03-25T17:16:31.783

CVE-2026-22499
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')...

2026-03-25T17:16:31.917

CVE-2026-22500
Deserialization of Untrusted Data vulnerability in axiomthemes m2 | Construction and Tools Store m2-ce...

2026-03-25T17:16:32.063