Total CVEs

145,906

Critical Severity

4,292

High Severity

15,777

Last 7 Days

2,207
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 23,601 - 23,620 of 42,311 CVEs
CVE-2026-5496 HIGH - 7.8

Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in that th...

Published: Apr 11, 2026
Source: NVD
CVE-2026-5495 HIGH - 7.8

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in th...

Published: Apr 11, 2026
Source: NVD
CVE-2026-5494 HIGH - 7.8

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in th...

Published: Apr 11, 2026
Source: NVD
CVE-2026-5493 HIGH - 7.8

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in th...

Published: Apr 11, 2026
Source: NVD
CVE-2026-5059 CRITICAL - 9.8

aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling ...

Published: Apr 11, 2026
Source: NVD
CVE-2026-5058 CRITICAL - 9.8

aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the a...

Published: Apr 11, 2026
Source: NVD
CVE-2026-5055 HIGH - 7.8

NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exp...

Vendor: nomachine
Product: nomachine
Published: Apr 11, 2026
Source: NVD
CVE-2026-5054 HIGH - 7.8

NoMachine External Control of File Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit...

Vendor: nomachine
Product: nomachine
Published: Apr 11, 2026
Source: NVD
CVE-2026-5053 HIGH - 7.1

NoMachine External Control of File Path Arbitrary File Deletion Vulnerability. This vulnerability allows local attackers to delete arbitrary files on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit...

Vendor: nomachine
Product: nomachine
Published: Apr 11, 2026
Source: NVD
CVE-2026-4158 HIGH - 7.3

KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute low-privileged code on the target s...

Published: Apr 11, 2026
Source: NVD
CVE-2026-4157 HIGH - 7.5

ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex devices. Authentication is not required to exploit this vulnerability. The sp...

Published: Apr 11, 2026
Source: NVD
CVE-2026-4156 HIGH - 7.5

ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex EV chargers. Authentication is not required to exploit this vulnerabil...

Published: Apr 11, 2026
Source: NVD
CVE-2026-4155 HIGH - 7.5

ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit t...

Published: Apr 11, 2026
Source: NVD
CVE-2026-4154 HIGH - 7.8

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a mali...

Vendor: gimp
Product: gimp
Published: Apr 11, 2026
Source: NVD
CVE-2026-4153 HIGH - 7.8

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or o...

Vendor: gimp
Product: gimp
Published: Apr 11, 2026
Source: NVD
CVE-2026-4152 HIGH - 7.8

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or o...

Vendor: gimp
Product: gimp
Published: Apr 11, 2026
Source: NVD
CVE-2026-4151 HIGH - 7.8

GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a mali...

Vendor: gimp
Product: gimp
Published: Apr 11, 2026
Source: NVD
CVE-2026-4150 HIGH - 7.8

GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a mali...

Vendor: gimp
Product: gimp
Published: Apr 11, 2026
Source: NVD
CVE-2026-4149 CRITICAL - 10.0

Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The specific flaw exists within the han...

Vendor: sonos
Product: era_300_firmware
Published: Apr 11, 2026
Source: NVD

Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.

Vendor: Flatpak
Product: xdg-desktop-portal
Published: Apr 11, 2026
Source: NVD