VulnCheck KEV: CVE-2026-25306

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through = 5.6.4...

CVE-2026-30226 devalue has prototype pollution in devalue.parse and devalue.unflatten

Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job. In devalue v5.6.3 and earlier, devalue.parse and devalue.unflatten were susceptible to prototype pollution via maliciously crafted payloads. Successful exploitation could...

CVE-2026-25451

CVE-2026-25451 describes a stored XSS flaw in WordPress Bold Page Builder (bold-page-builder) due to improper neutralization during web page generation. Affected: Bold Page Builder versions up to 5.6.9 (as per initial description). Root cause: improper input neutralization leading to stored paylo...

WordPress Shopping Cart & eCommerce Store plugin <= 5.6.4 - Sensitive Information Exposure vulnerability

Sensitive Information Exposure vulnerability discovered by rptl in WordPress Plugin WP EasyCart versions = 5.6.4...

UBUNTU-CVE-2022-0676

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4...

PT-2020-10904 · Mcafee · Mcafee Agent

Name of the Vulnerable Software and Affected Versions: McAfee Agent versions prior to 5.6.4 Description: The issue allows attackers with local access to execute arbitrary code via execution from a compromised folder. This is due to a DLL Search Order Hijacking vulnerability. Recommendations: For...