Total CVEs

145,909

Critical Severity

4,292

High Severity

15,777

Last 7 Days

2,189
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 21,701 - 21,720 of 42,314 CVEs
CVE-2026-31192 MEDIUM - 6.5

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request.

Published: Apr 22, 2026
Source: NVD

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all ve...

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD
CVE-2026-6857 HIGH - 7.5

A flaw was found in camel-infinispan. This vulnerability involves unsafe deserialization in the ProtoStream remote aggregation repository. A remote attacker with low privileges could exploit this by sending specially crafted data, leading to arbitrary code execution. This allows the attacker to gain...

Published: Apr 22, 2026
Source: NVD
CVE-2026-6855 HIGH - 7.1

A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in the chat session handler by manipulating the `logs_dir` parameter. This allows the attacker to create new directories and write files to arbitrary locations on the system, potentially leading to unautho...

Published: Apr 22, 2026
Source: NVD
CVE-2026-6848 MEDIUM - 5.4

A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be bypassed. This allows a user with a timed-out session, or an attacker with access to an idle authent...

Published: Apr 22, 2026
Source: NVD