Total CVEs

144,714

Critical Severity

4,191

High Severity

15,264

Last 7 Days

1,963
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 4,201 - 4,220 of 41,119 CVEs
CVE-2026-57959 MEDIUM - 5.9

Hi.Events through 1.9.0 contains a promo code validation vulnerability where reservation validates usage count before asynchronous UpdateEventStatisticsJob increments it, allowing attackers to redeem limited promo codes unlimited times. Attackers can sequentially reserve multiple orders with the sam...

Vendor: HiEventsDev
Product: Hi.Events
Published: Jun 29, 2026
Source: NVD
CVE-2026-57958 MEDIUM - 6.1

Mixpost through 2.6.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in authenticated users' browsers by crafting malicious OAuth callback URLs with unsanitized error query parameters. Attackers can exploit the OAuth...

Vendor: inovector
Product: mixpost
Published: Jun 29, 2026
Source: NVD
CVE-2026-57957 MEDIUM - 4.7

Papermark through 0.22.0 contains a cross-origin resource sharing (CORS) misconfiguration vulnerability that allows unauthenticated remote attackers to perform credentialed cross-origin requests by exploiting the TUS-based viewer upload endpoint reflecting arbitrary request Origins with Access-Contr...

Vendor: papermark
Product: papermark
Published: Jun 29, 2026
Source: NVD
CVE-2026-57956 MEDIUM - 6.4

SigNoz through 0.130.1 contains a broken access control vulnerability that allows authenticated users to access other organizations' alert rules by supplying a target rule UUID, as the alert rule store predicates fail to filter by organization ID. Attackers can read, edit, and delete alert rule...

Vendor: SigNoz
Product: signoz
Published: Jun 29, 2026
Source: NVD
CVE-2026-57955 HIGH - 8.5

SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers to execute arbitrary ClickHouse queries by injecting URL-encoded quotes into the rule ID path parameter of the alert-history endpoints. Attackers can manipulate the unsanitized rule ID interpolated into...

Vendor: SigNoz
Product: signoz
Published: Jun 29, 2026
Source: NVD
CVE-2026-57954 MEDIUM - 4.3

Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers can infer hidden field values through row ordering analysis, leaking relative field ordering across all...

Vendor: yahoo
Product: elide
Published: Jun 29, 2026
Source: NVD
CVE-2026-57953 MEDIUM - 5.4

Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perform unauthorized write operations by accessing the eventing_import_automatic_webhook endpoint registered under spectator-permitted middleware. Attackers with spectator role can...

Vendor: its-a-feature
Product: mythic
Published: Jun 29, 2026
Source: NVD
CVE-2026-57952 MEDIUM - 6.5

Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sample_message_webhook) that fail to verify payload ownership. An operator in one operation can invoke ...

Vendor: its-a-feature
Product: mythic
Published: Jun 29, 2026
Source: NVD
CVE-2026-57951 MEDIUM - 6.5

Mythic before 3.4.0.60 contains a broken hasura permission filter on the payload_build_step table with an always-satisfied _or condition that bypasses operation-scoped access controls. Authenticated operators and spectators can query payload_build_step to read step_stdout, step_stderr, step_name, an...

Vendor: its-a-feature
Product: mythic
Published: Jun 29, 2026
Source: NVD
CVE-2026-57950 HIGH - 8.1

ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control vulnerability in ErpSaleOrderController that allows attackers with erp:sale-out permissions to gain unauthorized access to sale order operations by exploiting an incorrect permission namespace enforcement. Attack...

Vendor: Yunai
Product: ruoyi-vue-pro
Published: Jun 29, 2026
Source: NVD
CVE-2026-57949 MEDIUM - 6.5

ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module's GET /admin-api/crm/follow-up-record/get endpoint that allows authenticated users to read any follow-up record by iterating sequential numeric IDs. Attackers can exploit thi...

Vendor: Yunai
Product: ruoyi-vue-pro
Published: Jun 29, 2026
Source: NVD
CVE-2026-57948 MEDIUM - 6.8

Pinpoint through version 3.1.0 contains an insecure session management vulnerability that allows attackers to access the pinpointJwt session cookie due to missing HttpOnly and Secure attributes, enabling JavaScript access via document.cookie and cleartext transmission over HTTP. Attackers can exploi...

Vendor: pinpoint-apm
Product: pinpoint
Published: Jun 29, 2026
Source: NVD
CVE-2026-57947 HIGH - 8.5

Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook registration endpoint that allows authenticated users to register internal URLs due to missing SSRF protection. Attackers can trigger alarm threshold breaches to force the server to issue POST requests to inte...

Vendor: pinpoint-apm
Product: pinpoint
Published: Jun 29, 2026
Source: NVD

Invidious before version 2.20260626.0 contains a broken access control vulnerability that allows unauthenticated attackers to retrieve private playlist contents by accessing the RSS feed playlist endpoint without authentication. Attackers can supply a playlist ID to the feed endpoint to obtain the f...

Vendor: iv-org
Product: Invidious
Published: Jun 29, 2026
Source: NVD
CVE-2026-57945 MEDIUM - 4.3

PhotoPrism before 260601-a7d098548 contains a broken access control vulnerability that allows authenticated non-admin users to modify other users' profile information by sending requests to arbitrary user endpoints. Attackers can exploit the missing session-to-user identifier validation in the ...

Vendor: photoprism
Product: photoprism
Published: Jun 29, 2026
Source: NVD
CVE-2026-57943 MEDIUM - 5.9

LibrePhotos before 1.0.0 contains a broken object level authorization vulnerability in the SetPhotosShared endpoint that allows authenticated users to grant themselves access to other users' private photos by bypassing ownership validation. Attackers can manipulate shared_to relations without p...

Vendor: LibrePhotos
Product: librephotos
Published: Jun 29, 2026
Source: NVD
CVE-2026-57942 MEDIUM - 5.3

LibreTranslate through 1.9.7, fixed in commit 397fd22, contains an IP spoofing vulnerability in the get_remote_address() function that allows unauthenticated attackers to spoof client IP addresses by injecting arbitrary values into the X-Forwarded-For header without trusted proxy validation. Attacke...

Vendor: LibreTranslate
Product: LibreTranslate
Published: Jun 29, 2026
Source: NVD
CVE-2026-56783 MEDIUM - 6.5

Parseable before 2.9.2 contains an information disclosure vulnerability in the notification-target API endpoints that returns webhook tokens and basic-auth credentials in cleartext due to commented-out secret-masking functionality. Any authenticated user with the GetAlert action, including low-privi...

Vendor: parseablehq
Product: parseable
Published: Jun 29, 2026
Source: NVD
CVE-2026-56782 CRITICAL - 9.8

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when admin_api_key is empty, which is the default configuration. Remote attackers can exfiltrate the entire database...

Vendor: gorse-io
Product: gorse
Published: Jun 29, 2026
Source: NVD
CVE-2026-56781 MEDIUM - 5.3

Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from share m...

Vendor: teableio
Product: teable
Published: Jun 29, 2026
Source: NVD