Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,724
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 10,681 - 10,700 of 14,221 CVEs
CVE-2026-20801 MEDIUM - 5.6

Cleartext Transmission of Sensitive Information (CWE-319) in a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams. This issue affects all versions of Gallagher NxWitness VMS integrati...

Vendor: Gallagher
Product: NxWitness VMS and Hanwha VMS Integrations
Published: Mar 03, 2026
Source: NVD
CVE-2025-47147 MEDIUM - 5.7

Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration. This issue affects Command Centre ...

Vendor: Gallagher
Product: Command Centre Mobile Client
Published: Mar 03, 2026
Source: NVD
CVE-2026-1487 MEDIUM - 6.5

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to SQL Injection via the JSON Import in all versions up to, and including, 5.2.7 due to insufficient validation on the user-supplied JSON data. This makes it possible for authenticated attackers, ...

Published: Mar 03, 2026
Source: NVD
CVE-2026-1336 MEDIUM - 5.3

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on the store_data() and get_chatgpt_api_key() functions in all versions up to, and including, 2.7.5. This makes it possible for...

Published: Mar 03, 2026
Source: NVD
CVE-2026-2583 MEDIUM - 6.4

The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the `blocksy_meta` metadata fields in all versions up to, and including, 2.1.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acce...

Published: Mar 02, 2026
Source: NVD
CVE-2026-3337 MEDIUM - 5.9

Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVP_aes_128_ccm, EVP_aes_192_ccm, and EVP_aes_256_ccm. Customers...

Vendor: aws
Product: aws_libcrypto
Published: Mar 02, 2026
Source: NVD
CVE-2026-2256 MEDIUM - 6.5

A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input.

Published: Mar 02, 2026
Source: NVD
CVE-2026-27631 MEDIUM - 5.3

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra comma...

Vendor: Exiv2
Product: exiv2
Published: Mar 02, 2026
Source: NVD
CVE-2026-28413 MEDIUM - 5.3

Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?came_from=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0.

Vendor: pip
Product: Products.isurlinportal
Published: Mar 02, 2026
Source: GitHub
CVE-2026-28350 MEDIUM - 6.1

lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.4, the <base> tag passes through the default Cleaner configuration. While page_structure=True removes html, head, and title tags, there is no specific handling for <base>, a...

Vendor: pip
Product: lxml-html-clean
Published: Mar 02, 2026
Source: GitHub
CVE-2026-28348 MEDIUM - 6.1

lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.4, the _has_sneaky_javascript() method strips backslashes before checking for dangerous CSS keywords. This causes CSS Unicode escape sequences to bypass the @import and expression() fil...

Vendor: pip
Product: lxml-html-clean
Published: Mar 02, 2026
Source: GitHub
CVE-2026-0027 MEDIUM - 6.7

In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Vendor: google
Product: android
Published: Mar 02, 2026
Source: NVD
CVE-2026-0024 MEDIUM - 4.0

In isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitat...

Vendor: google
Product: android
Published: Mar 02, 2026
Source: NVD
CVE-2026-0015 MEDIUM - 6.2

In multiple locations of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Vendor: google
Product: android
Published: Mar 02, 2026
Source: NVD
CVE-2026-0014 MEDIUM - 6.2

In isPackageNullOrSystem of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Vendor: google
Product: android
Published: Mar 02, 2026
Source: NVD
CVE-2026-0012 MEDIUM - 6.2

In setHideSensitive of ExpandableNotificationRow.java, there is a possible contact name leak due due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Vendor: google
Product: android
Published: Mar 02, 2026
Source: NVD
CVE-2026-0005 MEDIUM - 6.2

In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and imp...

Vendor: google
Product: android
Published: Mar 02, 2026
Source: NVD
CVE-2025-48644 MEDIUM - 5.5

In multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Vendor: Google
Product: Android
Published: Mar 02, 2026
Source: NVD
CVE-2025-48642 MEDIUM - 5.5

In jump_to_payload of payload.rs, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Vendor: Google
Product: Android
Published: Mar 02, 2026
Source: NVD
CVE-2025-48587 MEDIUM - 6.2

In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Vendor: Google
Product: Android
Published: Mar 02, 2026
Source: NVD