5.4 CVE-2025-15611
The Popup Box WordPress plugin before 5.5.0 does not properly validate nonces in the add_or_edit_popupbox()...

CVE-2026-1114
In parisneo/lollms version 2.1.0, the application's session management is vulnerable to improper access...

6.5 CVE-2026-1900
The Link Whisper Free WordPress plugin before 0.9.1 has a publicly accessible REST endpoint that allows...

6.5 CVE-2026-4079
The SQL Chart Builder WordPress plugin before 2.3.8 does not properly escape user input as it is concatened...

8.8 CVE-2026-5465
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to...

5.3 CVE-2026-3177
The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations &...

CVE-2026-28810
Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel (inet_res, inet_db...

4.3 CVE-2026-33227
Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client,...

8.8 CVE-2026-34197
Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in...

7.5 CVE-2026-34896
Cross-Site Request Forgery (CSRF) vulnerability in Analytify Under Construction, Coming Soon & Maintenance...

5.3 CVE-2026-34899
Missing Authorization vulnerability in Eniture technology LTL Freight Quotes – Worldwide Express...

5.4 CVE-2026-34903
Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured...

7.5 CVE-2026-34904
Cross-Site Request Forgery (CSRF) vulnerability in Analytify Simple Social Media Share Buttons allows...

CVE-2026-4420
Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its page creating functionality. An authenticated...

7.5 CVE-2026-31842
Tinyproxy through 1.11.3 is vulnerable to HTTP request parsing desynchronization due to a case-sensitive...

9.8 CVE-2021-4473
Tianxin Internet Behavior Management System contains a command injection vulnerability in the Reporter...

CVE-2025-39666
Local privilege escalation in Checkmk 2.2.0 (EOL), Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0 before...

7.2 CVE-2026-22666
Dolibarr ERP/CRM versions prior to 23.0.2 contain an authenticated remote code execution vulnerability...

9.8 CVE-2026-22679
Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code...

8.8 CVE-2026-23818
A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Private...

CVE-2026-28808
Incorrect Authorization vulnerability in Erlang OTP (inets modules) allows unauthenticated access to...