CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

8254 matches found

EUVD•added 6 hours ago•7 views

EUVD-2026-39993

A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminprofile.php. The manipulation of the argument loginid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ...

5.8CVSS5.7AI score

Exploits0References6

Nuclei•added 15 hours ago•26 views

NocoBase - SQL Injection

NocoBase versions prior to 2.0.39 contain a SQL injection vulnerability in the @nocobase/database package. The queryParentSQL function in eager-loading-tree.ts constructs a recursive CTE query by directly concatenating user-controlled primary key values into the SQL WHERE IN clause without...

8.8CVSS6AI score0.01875EPSS

Exploits1References2

NVD•added 2 days ago•5 views

CVE-2026-56068

Unauthenticated SQL Injection in JetEngine = 3.8.10.2 versions...

9.3CVSS0.00236EPSS

Exploits0References1

NVD•added 2 days ago•4 views

CVE-2026-56067

Unauthenticated SQL Injection in JetSmartFilters = 3.8.3 versions...

9.3CVSS0.00236EPSS

Exploits0References1

EUVD•added 2 days ago•5 views

EUVD-2026-39671

Sales Representative SQL Injection in Groundhogg = 4.5 versions...

8.5CVSS5.8AI score0.00211EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2026-57653 WordPress WP Job Portal plugin <= 2.5.2 - SQL Injection vulnerability

Contributor SQL Injection in WP Job Portal = 2.5.2 versions...

8.5CVSS0.00211EPSS

Exploits0References1

Cvelist•added 2 days ago•30 views

CVE-2026-57643 WordPress WP Post Author plugin <= 3.9.1 - SQL Injection vulnerability

Contributor SQL Injection in WP Post Author = 3.9.1 versions...

8.5CVSS0.00211EPSS

Exploits0References1

EUVD•added 2 days ago•4 views

EUVD-2026-39759

Contributor SQL Injection in Restaurant Menu by MotoPress = 2.4.10 versions...

8.5CVSS5.8AI score0.00211EPSS

Exploits0References1

CVE•added 2 days ago•8 views

CVE-2026-57631

CVE-2026-57631 affects the WordPress Popup box plugin (versions

7.6CVSS5.8AI score0.00279EPSS

Exploits0References1

EUVD•added 2 days ago•5 views

EUVD-2026-39723

Unauthenticated SQL Injection in Advance Product Search = 1.4.4 versions...

9.3CVSS5.8AI score0.00236EPSS

Exploits0References1

EUVD•added 2 days ago•5 views

EUVD-2026-39716

Unauthenticated SQL Injection in Quotes llama = 3.1.5 versions...

9.3CVSS5.8AI score0.00236EPSS

Exploits0References1

Patchstack•added 2 days ago•7 views

WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Baikuya in WordPress Plugin Groundhogg versions = 4.5...

8.5CVSS5.8AI score0.00211EPSS

Exploits0Affected Software1

CVE•added 2 days ago•10 views

CVE-2026-10835

The CVE-2026-10835 entry concerns the SALESmanago & Leadoo WordPress plugin, affected versions before 3.11.3. The vulnerability arises from improper sanitisation/escaping of a parameter in an AJAX action before it is used in a SQL statement, coupled with missing authorization enforcement for that...

7.7CVSS5.8AI score0.00215EPSS

Exploits0References1

EUVD•added 3 days ago•4 views

EUVD-2026-39409

A SQL injection vulnerability in Nessus allows an attacker to craft a malicious scan result file that, when imported by a privileged user, injects malicious SQL into the scan results database, potentially enabling exfiltration of scan-result data...

4.6CVSS5.9AI score0.00158EPSS

Exploits0References1

Cvelist•added 3 days ago•31 views

CVE-2026-54836 WordPress Filter & Grids plugin <= 3.11.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YMC Filter allows SQL Injection. This issue affects YMC Filter: from n/a through 3.11.5...

9.3CVSS0.00229EPSS

Exploits0References1

EUVD•added 3 days ago•4 views

EUVD-2026-39373

Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce = 1.1.11 versions...

9.3CVSS5.9AI score0.00229EPSS

Exploits0References1

EUVD•added 3 days ago•4 views

EUVD-2026-39370

Unauthenticated SQL Injection in MDTF = 1.3.7 versions...

9.3CVSS5.9AI score0.00229EPSS

Exploits0References1

Cvelist•added 3 days ago•29 views

CVE-2026-54822 WordPress SALESmanago & Leadoo plugin <= 3.11.2 - SQL Injection vulnerability

Subscriber SQL Injection in SALESmanago & Leadoo = 3.11.2 versions...

8.5CVSS0.0027EPSS

Exploits0References1

Patchstack•added 3 days ago•4 views

WordPress Groundhogg — CRM, Newsletters, and Marketing Automation plugin <= 4.5.4 - Authenticated (Custom+) SQL Injection vulnerability

Authenticated Custom+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin Groundhogg versions = 4.5.4...

6.5CVSS6AI score0.00281EPSS

Exploits0References1Affected Software1

EUVD•added 3 days ago•4 views

EUVD-2026-39166

The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the via 'latitude' and 'longitude' parameters in all versions up to, and including, 5.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

7.5CVSS6AI score0.00273EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by