Total CVEs

140,373

Critical Severity

3,747

High Severity

13,527

Last 7 Days

1,775
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 9,781 - 9,800 of 13,224 CVEs
CVE-2026-28098 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through <= 1.2.13.

Vendor: ThemeREX
Product: Save Life
Published: Mar 05, 2026
Source: NVD
CVE-2026-28097 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Artrium artrium allows PHP Local File Inclusion.This issue affects Artrium: from n/a through <= 1.0.14.

Vendor: ThemeREX
Product: Artrium
Published: Mar 05, 2026
Source: NVD
CVE-2026-28096 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX WealthCo wealthco allows PHP Local File Inclusion.This issue affects WealthCo: from n/a through <= 2.18.

Vendor: ThemeREX
Product: WealthCo
Published: Mar 05, 2026
Source: NVD
CVE-2026-28095 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Marcell marcell allows PHP Local File Inclusion.This issue affects Marcell: from n/a through <= 1.2.14.

Vendor: ThemeREX
Product: Marcell
Published: Mar 05, 2026
Source: NVD
CVE-2026-28094 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX RexCoin rexcoin allows PHP Local File Inclusion.This issue affects RexCoin: from n/a through <= 1.2.6.

Vendor: ThemeREX
Product: RexCoin
Published: Mar 05, 2026
Source: NVD
CVE-2026-28093 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Ozisti ozisti allows PHP Local File Inclusion.This issue affects Ozisti: from n/a through <= 1.1.10.

Vendor: ThemeREX
Product: Ozisti
Published: Mar 05, 2026
Source: NVD
CVE-2026-28092 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Sounder sounder allows PHP Local File Inclusion.This issue affects Sounder: from n/a through <= 1.3.11.

Vendor: ThemeREX
Product: Sounder
Published: Mar 05, 2026
Source: NVD
CVE-2026-28091 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Coleo coleo allows PHP Local File Inclusion.This issue affects Coleo: from n/a through <= 1.1.7.

Vendor: ThemeREX
Product: Coleo
Published: Mar 05, 2026
Source: NVD
CVE-2026-28090 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Gamezone gamezone allows PHP Local File Inclusion.This issue affects Gamezone: from n/a through <= 1.1.11.

Vendor: ThemeREX
Product: Gamezone
Published: Mar 05, 2026
Source: NVD
CVE-2026-28089 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Daiquiri daiquiri allows PHP Local File Inclusion.This issue affects Daiquiri: from n/a through <= 1.2.4.

Vendor: ThemeREX
Product: Daiquiri
Published: Mar 05, 2026
Source: NVD
CVE-2026-28088 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Aqualots aqualots allows PHP Local File Inclusion.This issue affects Aqualots: from n/a through <= 1.1.6.

Vendor: ThemeREX
Product: Aqualots
Published: Mar 05, 2026
Source: NVD
CVE-2026-28087 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Filmax filmax allows PHP Local File Inclusion.This issue affects Filmax: from n/a through <= 1.1.11.

Vendor: ThemeREX
Product: Filmax
Published: Mar 05, 2026
Source: NVD
CVE-2026-28086 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Run Gran run-gran allows PHP Local File Inclusion.This issue affects Run Gran: from n/a through <= 2.0.

Vendor: ThemeREX
Product: Run Gran
Published: Mar 05, 2026
Source: NVD
CVE-2026-28085 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Mahogany mahogany allows PHP Local File Inclusion.This issue affects Mahogany: from n/a through <= 2.9.

Vendor: ThemeREX
Product: Mahogany
Published: Mar 05, 2026
Source: NVD
CVE-2026-28084 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Bazinga bazinga allows PHP Local File Inclusion.This issue affects Bazinga: from n/a through <= 1.1.9.

Vendor: ThemeREX
Product: Bazinga
Published: Mar 05, 2026
Source: NVD
CVE-2026-28081 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Windsor windsor allows PHP Local File Inclusion.This issue affects Windsor: from n/a through <= 2.5.0.

Vendor: ThemeREX
Product: Windsor
Published: Mar 05, 2026
Source: NVD
CVE-2026-28079 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Conquerors conquerors allows PHP Local File Inclusion.This issue affects Conquerors: from n/a through <= 1.2.13.

Vendor: axiomthemes
Product: Conquerors
Published: Mar 05, 2026
Source: NVD
CVE-2026-28077 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Vapester vapester allows PHP Local File Inclusion.This issue affects Vapester: from n/a through <= 1.1.10.

Vendor: ThemeREX
Product: Vapester
Published: Mar 05, 2026
Source: NVD
CVE-2026-28076 HIGH - 7.5

Missing Authorization vulnerability in Frenify Guff guff allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Guff: from n/a through <= 1.0.1.

Vendor: Frenify
Product: Guff
Published: Mar 05, 2026
Source: NVD
CVE-2026-28075 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in p-themes Porto porto allows Reflected XSS.This issue affects Porto: from n/a through <= 7.6.2.

Vendor: p-themes
Product: Porto
Published: Mar 05, 2026
Source: NVD