Total CVEs

144,218

Critical Severity

4,148

High Severity

14,965

Last 7 Days

1,623
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 2,781 - 2,800 of 40,623 CVEs
CVE-2026-20215 HIGH - 7.5

A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z file...

Vendor: Cisco
Product: Cisco Secure Endpoint
Published: Jul 01, 2026
Source: NVD
CVE-2026-20214 HIGH - 7.5

A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG fi...

Vendor: Cisco
Product: Cisco Secure Endpoint
Published: Jul 01, 2026
Source: NVD
CVE-2026-20213 HIGH - 7.5

A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE file...

Vendor: Cisco
Product: Cisco Secure Endpoint
Published: Jul 01, 2026
Source: NVD
CVE-2026-20191 HIGH - 7.5

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container.  This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HT...

Vendor: Cisco
Product: Cisco Catalyst Center
Published: Jul 01, 2026
Source: NVD
CVE-2026-13211 MEDIUM - 4.3

The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role.

Vendor: genua
Product: genucenter
Published: Jul 01, 2026
Source: NVD
CVE-2026-12480 MEDIUM - 5.5

Keras versions up to and including 3.13.2 are vulnerable to an arbitrary HDF5 file read due to an incomplete fix for CVE-2026-1669. The vulnerability resides in the `H5IOStore._verify_dataset()` and `file_editor.py` methods, which fail to check the `dataset.is_virtual` property of HDF5 datasets. Thi...

Vendor: keras-team
Product: keras-team/keras
Published: Jul 01, 2026
Source: NVD

A vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files scripts/EasyTimeline.Pl, includes/Timeline.Php. This issue affects timeline: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Published: Jul 01, 2026
Source: NVD
CVE-2026-8480 MEDIUM - 4.3

A vulnerability was discovered on Stormshield Network Security 4.3.0  to 4.3.41 (included), 4.4.0 to 4.8.15 (included) , 5.0.2 EA to 5.0.5 (included) A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certific...

Published: Jul 01, 2026
Source: NVD
CVE-2026-58127 CRITICAL - 9.8

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET WebCl...

Vendor: Hyland
Product: PACSgear MediaWriter
Published: Jul 01, 2026
Source: NVD
CVE-2026-58126 CRITICAL - 9.8

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can chai...

Vendor: Hyland
Product: PACSgear PACS Scan
Published: Jul 01, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl. This issue affects timeline: from * before 1....

Vendor: Wikimedia Foundation
Product: timeline
Published: Jul 01, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Language/Language.Php, includes/Logging/BlockLogFormatter.Php, includes/Logging/LogFor...

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php, includes/User/UserGroupMana...

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/InfoAction.Php. This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Api/index.Js. This issue affects MediaWiki: from * before 1.46.0, 1....

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation SyntaxHighlight_GeSHi. This vulnerability is associated with program files includes/SyntaxHighlight.Php. This issue affects SyntaxHighlight_GeSHi: from * b...

Vendor: Wikimedia Foundation
Product: SyntaxHighlight_GeSHi
Published: Jul 01, 2026
Source: NVD

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiChangeAuthenticationData.Php, includes/Api/ApiLinkAccount.Php, includes/Api/ApiRemoveAuthenticationData.Php, includes/Specials/SpecialLinkAccounts.Php, includes/Specials/SpecialUnli...

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation CentralAuth. This vulnerability is associated with program files includes/Api/ApiFormatBase.Php, includes/Api/ApiHelp.Php, inc...

Vendor: Wikimedia Foundation
Product: MediaWiki, CentralAuth
Published: Jul 01, 2026
Source: NVD

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseFilters.Php. This issue affects AbuseFilter: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Vendor: Wikimedia Foundation
Product: AbuseFilter
Published: Jul 01, 2026
Source: NVD

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Parser/Parser.Php. This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD