Total CVEs

143,818

Critical Severity

4,094

High Severity

14,786

Last 7 Days

1,526
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 2,561 - 2,580 of 40,223 CVEs
CVE-2026-11380 MEDIUM - 6.4

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animation_effect setting before it is rendered insid...

Vendor: jetmonsters
Product: JetWidgets For Elementor
Published: Jul 01, 2026
Source: NVD
CVE-2026-20463 MEDIUM - 6.7

In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309.

Vendor: MediaTek, Inc.
Product: MediaTek chipset
Published: Jul 01, 2026
Source: NVD
CVE-2026-20462 MEDIUM - 6.7

In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS11006447; Issue ID: MSV-7871.

Vendor: MediaTek, Inc.
Product: MediaTek chipset
Published: Jul 01, 2026
Source: NVD
CVE-2026-20461 MEDIUM - 5.3

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Pat...

Vendor: MediaTek, Inc.
Product: MediaTek chipset
Published: Jul 01, 2026
Source: NVD
CVE-2026-20460 MEDIUM - 5.3

In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploi...

Vendor: MediaTek, Inc.
Product: MediaTek chipset
Published: Jul 01, 2026
Source: NVD
CVE-2026-20459 MEDIUM - 5.3

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch I...

Vendor: MediaTek, Inc.
Product: MediaTek chipset
Published: Jul 01, 2026
Source: NVD
CVE-2026-20458 HIGH - 7.5

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation....

Vendor: MediaTek, Inc.
Product: MediaTek chipset
Published: Jul 01, 2026
Source: NVD
CVE-2026-20457 MEDIUM - 5.3

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch I...

Vendor: MediaTek, Inc.
Product: MediaTek chipset
Published: Jul 01, 2026
Source: NVD
CVE-2026-14191 HIGH - 7.8

An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) parser in WinRAR and UnRAR (RecVolumes5::ReadHeader in recvol5.cpp). The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated agai...

Vendor: RARLAB
Product: WinRAR, RAR, UnRAR, UnRAR.dll
Published: Jul 01, 2026
Source: NVD
CVE-2026-57963 MEDIUM - 6.5

An attacker who can send HTML chat messages (via Matrix or XMPP) can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1.

Vendor: Mozilla
Product: Thunderbird
Published: Jul 01, 2026
Source: NVD
CVE-2026-57962 MEDIUM - 5.3

A malicious LDAP server, which a Thunderbird user is configured to query for address-book autocomplete, can stash arbitrarily large amounts of attacker-supplied data into the Thunderbird LDAP client until it crashes due to memory exhaustion. This vulnerability was fixed in Thunderbird 152.0.1 and Th...

Vendor: Mozilla
Product: Thunderbird
Published: Jul 01, 2026
Source: NVD
CVE-2026-53488 HIGH - 8.8

containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin propagates labels from an image config (LABEL instruction in Dockerfile) to a container without validation. This may result in executing an arbitrary command on the host, via a...

Vendor: containerd
Product: containerd
Published: Jul 01, 2026
Source: NVD

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, disabling symbol_keys on a reused Oj::Parser instance triggers a heap use-after-free. When symbol_keys is toggled from true to false, opt_symbol_keys_set frees the internal key cache (cache_fr...

Vendor: ohler55
Product: oj
Published: Jul 01, 2026
Source: NVD

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object&#...

Vendor: ohler55
Product: oj
Published: Jul 01, 2026
Source: NVD
CVE-2026-54592 HIGH - 7.5

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doc#each_child, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process, leading to DoS. In a two-step chain in ext/oj/...

Vendor: ohler55
Product: oj
Published: Jul 01, 2026
Source: NVD

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fill_indent in dump.h calls memset(indent_str, ' ', (size_t)opts-&...

Vendor: ohler55
Product: oj
Published: Jul 01, 2026
Source: NVD
CVE-2026-54500 MEDIUM - 5.3

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj.load in :object mode reads uninitialized stack memory (and, for long keys, reads out of bounds) when parsing a JSON object whose key is 254 bytes or longer. The interned bytes can surfa...

Vendor: ohler55
Product: oj
Published: Jul 01, 2026
Source: NVD
CVE-2026-57995 HIGH - 8.8

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in GroupController::updatePermissions that allows GROUP_EDIT administrators to grant arbitrary rights to groups without verifying they hold those rights themselves. A delegated administrator can exploit this by assigning high-value ...

Vendor: phpMyFAQ
Product: phpMyFAQ
Published: Jun 30, 2026
Source: NVD
CVE-2026-56777 MEDIUM - 5.0

n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree (AST) security validator bypass in the Python Code node. An authenticated user with permission to create or modify workflows containing a Python Code node can bypass the validator and access the task executor module namespac...

Vendor: n8n
Product: n8n
Published: Jun 30, 2026
Source: NVD
CVE-2026-56700 CRITICAL - 9.8

Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize() calls - in Scheduler\JobQueue, Framework\Cache\Adapter\FileCache, and Session - deserialize untrusted data without restricting allowed classes, enabling PHP object injection and, via a gadget ch...

Vendor: Grav
Product: Grav
Published: Jun 30, 2026
Source: NVD