Export limit exceeded: 76127 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76127 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-27287 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-04-15 | 7.8 High |
| InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-34631 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-04-15 | 7.8 High |
| InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-40764 | 2 Syed Balkhi, Wordpress | 2 Contact Form By Wpforms, Wordpress | 2026-04-15 | 8.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through <= 1.10.0.2. | ||||
| CVE-2026-27880 | 1 Grafana | 1 Grafana | 2026-04-15 | 7.5 High |
| The OpenFeature feature toggle evaluation endpoint reads unbounded values into memory, which can cause out-of-memory crashes. | ||||
| CVE-2026-21720 | 1 Grafana | 2 Grafana, Grafana Enterprise | 2026-04-15 | 7.5 High |
| Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel. Sustained traffic with random hashes keeps tripping this timeout, so goroutine count grows linearly, eventually exhausting memory and causing Grafana to crash on some systems. | ||||
| CVE-2026-28377 | 1 Grafana | 1 Tempo | 2026-04-15 | 7.5 High |
| A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3. Thanks to william_goodfellow for reporting this vulnerability. | ||||
| CVE-2026-39429 | 2 Kcp, Kcp-dev | 2 Kcp, Kcp | 2026-04-15 | 8.2 High |
| kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads. Prior to 0.30.3 and 0.29.3, the cache server is directly exposed by the root shard and has no authentication or authorization in place. This allows anyone who can access the root shard to read and write to the cache server. This vulnerability is fixed in 0.30.3 and 0.29.3. | ||||
| CVE-2026-0807 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.2 High |
| The Frontis Blocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.6. This is due to insufficient restriction on the 'url' parameter in the 'template_proxy' function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application via the '/template-proxy/' and '/proxy-image/' endpoint. | ||||
| CVE-2026-40162 | 1 Bugsink | 1 Bugsink | 2026-04-15 | 7.1 High |
| Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem location writable by the Bugsink process. This vulnerability is fixed in 2.1.1. | ||||
| CVE-2026-39885 | 2 Agentfront, Frontmcp | 4 \@frontmcp\/adapters, \@frontmcp\/sdk, Frontmcp and 1 more | 2026-04-15 | 7.5 High |
| FrontMCP is a TypeScript-first framework for the Model Context Protocol (MCP). Prior to 2.3.0, the mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenAPI specification containing $ref values pointing to internal network addresses, cloud metadata endpoints, or local files will cause the library to fetch those resources during the initialize() call. This enables Server-Side Request Forgery (SSRF) and local file read attacks when processing untrusted OpenAPI specifications. This vulnerability is fixed in 2.3.0. | ||||
| CVE-2026-40074 | 1 Svelte | 1 Kit | 2026-04-15 | 7.5 High |
| SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, redirect, when called from inside the handle server hook with a location parameter containing characters that are invalid in a HTTP header, will cause an unhandled TypeError. This could result in DoS on some platforms, especially if the location passed to redirect contains unsanitized user input. This vulnerability is fixed in 2.57.1. | ||||
| CVE-2026-0702 | 2 Wordpress, Wpcreatix | 2 Wordpress, Vidshop – Shoppable Videos For Woo Commerce | 2026-04-15 | 7.5 High |
| The VidShop – Shoppable Videos for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the 'fields' parameter in all versions up to, and including, 1.1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | ||||
| CVE-2026-1280 | 2 Najeebmedia, Wordpress | 2 Frontend File Manager Plugin, Wordpress | 2026-04-15 | 7.5 High |
| The Frontend File Manager Plugin for WordPress is vulnerable to unauthorized file sharing due to a missing capability check on the 'wpfm_send_file_in_email' AJAX action in all versions up to, and including, 23.5. This makes it possible for unauthenticated attackers to share arbitrary uploaded files via email by supplying a file ID. Since file IDs are sequential integers, attackers can enumerate all uploaded files on the site and exfiltrate sensitive data that was intended to be restricted to administrators only. | ||||
| CVE-2026-1065 | 2 10web, Wordpress | 2 Form Maker, Wordpress | 2026-04-15 | 7.2 High |
| The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.35. This is due to the plugin's default file upload allowlist including SVG files combined with weak substring-based extension validation. This makes it possible for unauthenticated attackers to upload malicious SVG files containing JavaScript code that will execute when viewed by administrators or site visitors via file upload fields in forms granted they can submit forms. | ||||
| CVE-2026-1756 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 8.8 High |
| The WP FOFT Loader plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'WP_FOFT_Loader_Mimes::file_and_ext' function in all versions up to, and including, 2.1.39. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2026-1294 | 2 Bplugins, Wordpress | 2 All In One Image Viewer Block – Gutenberg Block To Create Image Viewer With Hyperlink, Wordpress | 2026-04-15 | 7.2 High |
| The All In One Image Viewer Block plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.2 due to missing authorization and URL validation on the image-proxy REST API endpoint. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||
| CVE-2026-21532 | 1 Microsoft | 1 Azure Functions | 2026-04-15 | 8.2 High |
| Azure Function Information Disclosure Vulnerability | ||||
| CVE-2026-0845 | 2 Wclovers, Wordpress | 2 Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible, Wordpress | 2026-04-15 | 7.2 High |
| The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'WCFM_Settings_Controller::processing' function in all versions up to, and including, 6.7.24. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. | ||||
| CVE-2026-21259 | 1 Microsoft | 9 365 Apps, Excel, Excel 2016 and 6 more | 2026-04-15 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-21235 | 1 Microsoft | 21 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 18 more | 2026-04-15 | 7.3 High |
| Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | ||||