CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2459696 matches found

Vulnrichment•added 2 days ago•4 views

CVE-2026-56066 WordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...

5.8CVSS5.8AI score0.00346EPSS

Exploits0References1

EUVD•added 2 days ago•3 views

EUVD-2026-39719

Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...

5.8CVSS5.8AI score0.00346EPSS

Exploits0References1

Cvelist•added 2 days ago•30 views

CVE-2026-56066 WordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...

5.8CVSS0.00346EPSS

Exploits0References1

Cvelist•added 2 days ago•30 views

CVE-2026-56059 WordPress Travel Booking theme <= 2.2.5 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...

9.9CVSS0.00362EPSS

Exploits0References1

Vulnrichment•added 2 days ago•4 views

CVE-2026-56059 WordPress Travel Booking theme <= 2.2.5 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...

9.9CVSS5.8AI score0.00362EPSS

Exploits0References1

EUVD•added 2 days ago•4 views

EUVD-2026-39713

Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...

9.9CVSS5.8AI score0.00362EPSS

Exploits0References1

CVE•added 2 days ago•8 views

CVE-2026-56059

The CVE-2026-56059 entry concerns the WordPress Travel Booking theme version up to 2.2.5, which is affected by an arbitrary file upload vulnerability in Subscriber context. The linked sources (NVD/CVE records) confirm the affected product and version range and classify the severity as critical wi...

9.9CVSS5.8AI score0.00362EPSS

Exploits0References1

CVE•added 2 days ago•8 views

CVE-2026-56058

CVE-2026-56058 affects the WordPress Quform plugin, specifically versions up to 2.23.0, with a Subscriber Arbitrary File Upload vulnerability. The connected records confirm the affected product and vulnerability class but do not provide root-cause details or a patch/version to remediate within th...

9.9CVSS5.8AI score0.00362EPSS

Exploits0References1

Vulnrichment•added 2 days ago•3 views

CVE-2026-56058 WordPress Quform plugin <= 2.23.0 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...

9.9CVSS5.8AI score0.00362EPSS

Exploits0References1

EUVD•added 2 days ago•3 views

EUVD-2026-39712

Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...

9.9CVSS5.8AI score0.00362EPSS

Exploits0References1

Cvelist•added 2 days ago•29 views

CVE-2026-56058 WordPress Quform plugin <= 2.23.0 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...

9.9CVSS0.00362EPSS

Exploits0References1

CVE•added 2 days ago•11 views

CVE-2026-56027

This CVE pertains to the WordPress Booster for WooCommerce plugin. The affected component is Booster for WooCommerce

9.9CVSS5.8AI score0.00328EPSS

Exploits0References1

EUVD•added 2 days ago•3 views

EUVD-2026-39690

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS5.8AI score0.00328EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2026-56027 WordPress Booster for WooCommerce plugin <= 8.0.1 - Arbitrary File Upload vulnerability

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS0.00328EPSS

Exploits0References1

Vulnrichment•added 2 days ago•5 views

CVE-2026-56027 WordPress Booster for WooCommerce plugin <= 8.0.1 - Arbitrary File Upload vulnerability

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS5.8AI score0.00328EPSS

Exploits0References1

Cvelist•added 2 days ago•33 views

CVE-2026-45257 Arbitrary file overwrite via the KTLS receive path

The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through non-anonymous MEXTPG pages or...

0.00154EPSS

Exploits0References1

Vulnrichment•added 2 days ago•4 views

CVE-2026-45257 Arbitrary file overwrite via the KTLS receive path

5.8AI score0.00154EPSS

Exploits0References1

IBM Security Bulletins•added 2 days ago•5 views

Security Bulletin: Multiple vulnerabilities affect IBM® Db2® Big SQL on IBM Software Hub.

Summary Multiple vulnerabilities have been addressed in IBM® Db2® Big SQL on IBM Software Hub. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465:...

9.8CVSS7.5AI score0.01026EPSS

Exploits5Affected Software1

Cvelist•added 2 days ago•30 views

CVE-2026-57527 ZAP ViewState Add-on Insecure Deserialization via JSFViewState.decode()

Zed Attack Proxy ZAP ViewState add-on before version 4 contains an insecure deserialization vulnerability that allows attackers who control a proxied web server to achieve arbitrary code execution by embedding a malicious serialized Java object in the javax.faces.ViewState HTTP response parameter...

8.8CVSS0.00463EPSS

Exploits0References5

Vulnrichment•added 2 days ago•5 views

CVE-2026-57527 ZAP ViewState Add-on Insecure Deserialization via JSFViewState.decode()

8.8CVSS6.4AI score0.00463EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by