Total CVEs

141,249

Critical Severity

3,795

High Severity

13,708

Last 7 Days

2,152
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 11,161 - 11,180 of 37,654 CVEs
CVE-2026-47311 HIGH - 7.8

Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

Vendor: Samsung Open Source
Product: Escargot
Published: May 19, 2026
Source: NVD
CVE-2026-47310 HIGH - 7.8

Use after free vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

Vendor: Samsung Open Source
Product: Escargot
Published: May 19, 2026
Source: NVD
CVE-2026-47309 MEDIUM - 5.5

Uncontrolled Recursion vulnerability in Samsung Open Source Escargot allows Oversized Serialized Data Payloads. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

Vendor: Samsung Open Source
Product: Escargot
Published: May 19, 2026
Source: NVD
CVE-2025-15609 HIGH - 7.5

The Fortis for WooCommerce WordPress plugin before 1.3.1 may leak sensitive API keys to unauthenticated attackers, allowing them to query Fortis' API and retrieve sensitive customer information, like past orders, PII, etc.

Vendor: Unknown
Product: Fortis for WooCommerce
Published: May 19, 2026
Source: NVD
CVE-2026-47308 MEDIUM - 5.5

NULL pointer dereference vulnerability in Samsung Open Source Walrus allows Pointer Manipulation. This issue affects Walrus: f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9.

Vendor: Samsung Open Source
Product: Walrus
Published: May 19, 2026
Source: NVD
CVE-2026-32994 MEDIUM - 5.3

The /api/v1/autotranslate.translateMessage endpoint in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.6, <7.13.8, and <7.10.12 allows any authenticated user to retrieve the full content of any message from any room (private groups, direct messages, channels) by simply ...

Vendor: Rocket.Chat
Product: Rocket.Chat
Published: May 19, 2026
Source: NVD
CVE-2026-47307 MEDIUM - 5.5

NULL pointer dereference vulnerability in Samsung Open Source Walrus allows an attacker to cause a denial of service via a crafted WebAssembly module containing deeply nested instructions. This issue affects Walrus: f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9.

Vendor: Samsung Open Source
Product: Walrus
Published: May 19, 2026
Source: NVD

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

Vendor: OpenHarmony
Product: OpenHarmony
Published: May 19, 2026
Source: NVD

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

Vendor: OpenHarmony
Product: OpenHarmony
Published: May 19, 2026
Source: NVD
CVE-2026-28733 MEDIUM - 6.5

in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution.

Vendor: OpenHarmony
Product: OpenHarmony
Published: May 19, 2026
Source: NVD

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

Vendor: OpenHarmony
Product: OpenHarmony
Published: May 19, 2026
Source: NVD
CVE-2026-27766 MEDIUM - 5.5

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak.

Vendor: OpenHarmony
Product: OpenHarmony
Published: May 19, 2026
Source: NVD
CVE-2026-27648 HIGH - 8.8

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.

Vendor: OpenHarmony
Product: OpenHarmony
Published: May 19, 2026
Source: NVD
CVE-2026-25850 MEDIUM - 5.5

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak

Vendor: OpenHarmony
Product: OpenHarmony
Published: May 19, 2026
Source: NVD
CVE-2026-25781 HIGH - 8.4

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered.

Vendor: OpenHarmony
Product: OpenHarmony
Published: May 19, 2026
Source: NVD

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

Vendor: OpenHarmony
Product: OpenHarmony
Published: May 19, 2026
Source: NVD
CVE-2026-24792 HIGH - 8.1

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.

Vendor: OpenHarmony
Product: OpenHarmony
Published: May 19, 2026
Source: NVD
CVE-2026-22069 HIGH - 7.3

A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface.

Vendor: OPPO
Product: O+ Connect
Published: May 19, 2026
Source: NVD

Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, an authenticated user on a Discourse instance with the form templates feature enabled can read the name and structured content of form templates that are intended exclusively for...

Vendor: discourse
Product: discourse
Published: May 19, 2026
Source: NVD
CVE-2026-33234 MEDIUM - 5.0

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.1.0 through 0.6.51, SendEmailBlock in autogpt_platform/backend/backend/blocks/email_block.py accepts a user-supplied smtp_server (string) and smtp_port (integer) ...

Vendor: Significant-Gravitas
Product: AutoGPT
Published: May 19, 2026
Source: NVD