Lucene search
+L
VulnrichmentRecent

163375 matches found

vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12320 Information disclosure in the Password Manager component

Information disclosure in the Password Manager component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00179EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12319 Denial-of-service in the Audio/Video: Playback component

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.0021EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.9 views

CVE-2026-12318 Incorrect boundary conditions in the Libraries component in NSS

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00263EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12317 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00288EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12316 Mitigation bypass in the DOM: Security component

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00245EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12315 Mitigation bypass in the DOM: Security component

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00251EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12314 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00252EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.8 views

CVE-2026-12313 Information disclosure, sandbox escape in the Security: Process Sandboxing component

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00175EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12312 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00252EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.10 views

CVE-2026-12311 Information disclosure, sandbox escape in the Security: Process Sandboxing component

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00185EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12310 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00252EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12309 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00235EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12308 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00261EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12307 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00261EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.8 views

CVE-2026-12306 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00261EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12305 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00374EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12304 Same-origin policy bypass in the Networking: Cookies component

Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00189EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12303 Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component

Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00222EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12302 Mitigation bypass in the DOM: Security component

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00248EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12301 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00252EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12300 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00252EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.8 views

CVE-2026-12299 JIT miscompilation in the DOM: Core & HTML component

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00306EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.8 views

CVE-2026-12298 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00306EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12297 Sandbox escape due to incorrect boundary conditions in the Networking component

Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00393EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12296 Sandbox escape in the Security: Process Sandboxing component

Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00393EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12295 Sandbox escape in the DOM: Navigation component

Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

5.1AI score0.00393EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12294 Sandbox escape in the DOM: Workers component

Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

5.1AI score0.00363EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12293 Use-after-free in the Graphics: WebGPU component

Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00302EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12292 Incorrect boundary conditions in the Web Audio component

Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00398EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12291 Use-after-free in the Networking: HTTP component

Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00382EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.10 views

CVE-2026-12290 Memory safety bug fixed in Firefox 152

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

5.8AI score0.00397EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/16 11:52 a.m.11 views

CVE-2026-12289 Privilege escalation in the Graphics: WebRender component

Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00395EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/16 11:47 a.m.8 views

CVE-2026-9507 Session fixation vulnerability in Enhancesoft's osTicket

A session fixation vulnerability has been identified in osTicket v1.18.2. This security flaw allows an attacker to hijack a victim’s account by keeping the initial session identifier OSTSESSID active after a successful login. The issue lies in the fact that the application does not invalidate the...

5.1CVSS5.2AI score0.00403EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 11:20 a.m.10 views

CVE-2026-12225 syracom Secure Login (2FA) for Confluence allows 2FA bypass via spoofed User-Agent

syracom AG Secure Login 2FA for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sending HTTP requests with a crafted User-Agent header containi...

8.7CVSS5.6AI score0.00481EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/16 10:39 a.m.10 views

CVE-2026-40750 WordPress Kids Online Store theme <= 0.8.9 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in themagnifico52 Kids Online Store allows Upload a Web Shell to a Web Server. This issue affects Kids Online Store: from n/a through 0.8.9...

9.9CVSS5.2AI score0.00273EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 10:32 a.m.8 views

CVE-2026-8484 Heap buffer overflow in Jansi

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS5.6AI score0.0014EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/16 10:18 a.m.8 views

CVE-2026-10829

A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit...

8.6CVSS6.5AI score0.00472EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 10:16 a.m.10 views

CVE-2026-10828

A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and prior. This vulnerability stems from insufficient input validation and improper handling of externally supplied format strings. An...

6.9CVSS5.3AI score0.00472EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 9:31 a.m.8 views

CVE-2026-2381 WooCommerce Stripe Payment Gateway <= 10.7.0 - Missing Authorization to Unauthenticated Order Status Manipulation via 'order' Parameter

The WooCommerce Stripe Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxpayfororder function in all versions up to, and including, 10.7.0 This is due to a missing order ownership or orderkey verification when...

6.5CVSS5.3AI score0.00267EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/16 9:31 a.m.8 views

CVE-2026-8442 WP Review Slider Pro <= 12.6.8 - Authenticated (Subscriber+) Arbitrary File Deletion via 'myaction' Parameter

The WP Review Slider Pro plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 12.6.8. This is due to missing authorization checks on the wpfbhidereview and wprpsavereviewadmin AJAX handlers combined with insufficient path validation in the wpfbhidereviewaj...

8.1CVSS6.3AI score0.00501EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/16 9:31 a.m.14 views

CVE-2026-8176 LatePoint <= 5.5.1 - Authenticated (Agent+) Privilege Escalation to Administrator via IDOR in OsOrdersController::create_or_update + Unauthenticated Customer-Cabinet Password Reset

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in versions up to, and including, 5.5.1. The plugin chains three independent flaws that together allow an authenticated Agent Agent+ to overwrite a...

7.5CVSS5.3AI score0.00349EPSS
Exploits0References22
vulnrichment
vulnrichment
added 2026/06/16 9:5 a.m.8 views

CVE-2026-40809 WordPress Metro Magazine theme <= 1.4.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Metro Magazine: from n/a through 1.4.1...

6.5CVSS5.2AI score0.00196EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 9:4 a.m.9 views

CVE-2026-49772 WordPress The Events Calendar plugin 6.15.12-6.16.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2...

9.3CVSS5.6AI score0.00229EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/06/16 9:2 a.m.7 views

CVE-2026-49774 WordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0...

9.9CVSS5.4AI score0.0028EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 9:0 a.m.6 views

CVE-2026-54198 WordPress Media LIbrary Assistant plugin <= 3.35 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Media LIbrary Assistant = 3.35 versions...

7.1CVSS5.1AI score0.00146EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 9:0 a.m.6 views

CVE-2026-54197 WordPress GetGenie plugin <= 4.4.1 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in GetGenie = 4.4.1 versions...

6.5CVSS5.2AI score0.00207EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 9:0 a.m.9 views

CVE-2026-54191 WordPress Pods plugin <= 3.3.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Pods = 3.3.8 versions...

7.1CVSS5.1AI score0.00146EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 9:0 a.m.6 views

CVE-2026-54190 WordPress Envira Photo Gallery plugin <= 1.12.5 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Envira Photo Gallery = 1.12.5 versions...

6.5CVSS5.1AI score0.00196EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 9:0 a.m.7 views

CVE-2026-52715 WordPress GEO my WordPress plugin <= 4.5.5 - SQL Injection vulnerability

Unauthenticated SQL Injection in GEO my WordPress = 4.5.5 versions...

9.3CVSS5.7AI score0.0025EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/16 9:0 a.m.7 views

CVE-2026-52714 WordPress SEO Plugin by Squirrly SEO plugin <= 12.4.16 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in SEO Plugin by Squirrly SEO = 12.4.16 versions...

5.9CVSS5.2AI score0.00176EPSS
Exploits0References1
Total number of security vulnerabilities163375