CVE-2026-54192

Unauthenticated Cross Site Scripting XSS in Popup box = 6.2.9 versions...

CVE-2026-52696

Unauthenticated Sensitive Data Exposure in JetBlog = 2.4.8 versions...

CVE-2026-49071

Unauthenticated Broken Authentication in WooCommerce Dropshipping = 5.2.4 versions...

CVE-2026-49058

Unauthenticated Privilege Escalation in LoginPress Pro = 6.2.2 versions...

CVE-2026-40735

Unauthenticated PHP Object Injection in Reina = 2.1 versions...

CVE-2026-40723

Subscriber Broken Access Control in Bricks Builder = 2.1.4 versions...

CVE-2026-39595

Author Broken Access Control in W3 Total Cache = 2.9.1 versions...

CVE-2026-39558

Unauthenticated Local File Inclusion in Malmö = 2.2 versions...

CVE-2026-39568

Unauthenticated Local File Inclusion in Mr. SEO = 2.0 versions...

CVE-2026-39546

Subscriber Privilege Escalation in MultiLoca = 4.2.15 versions...

CVE-2026-22328

Unauthenticated Cross Site Scripting XSS in Auto Repair = 22.6 versions...

CVE-2025-69168

Unauthenticated Local File Inclusion in Spike = 1.2 versions...

CVE-2025-69107

Unauthenticated Local File Inclusion in Rosaleen = 2.8 versions...

CVE-2025-60205

Unauthenticated PHP Object Injection in ThemeREX Addons = 2.36.1.1 versions...

EUVD-2026-37699

Unauthenticated Local File Inclusion in Kastell = 2.0 versions...

CVE-2026-47103

creationtimestamp| type| source ---|---|--- 2026-06-17 11:39:45+00:00| published-proof-of-concept| https://github.com/fgmacedo/python-statemachine/security/advisories/GHSA-v4jc-pm6r-3vj8 2026-06-17 15:30:34+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3moimysp6w224 2026-06-17...

CVE-2026-46973

Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

CVE-2026-46969

Vulnerability in the Oracle Financials for EMEA product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Financials...

CVE-2026-46916

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite component: Quality Management Specs. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2026-46905

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime Security. Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...