Total CVEs

142,265

Critical Severity

3,947

High Severity

14,217

Last 7 Days

1,881
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 12,301 - 12,320 of 14,292 CVEs
CVE-2026-24927 MEDIUM - 5.5

Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS, EMUI
Published: Feb 06, 2026
Source: NVD
CVE-2026-24924 MEDIUM - 6.1

Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: Huawei
Product: HarmonyOS
Published: Feb 06, 2026
Source: NVD
CVE-2026-24920 MEDIUM - 6.2

Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS, EMUI
Published: Feb 06, 2026
Source: NVD
CVE-2026-24931 MEDIUM - 5.9

Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: Huawei
Product: HarmonyOS
Published: Feb 06, 2026
Source: NVD
CVE-2026-24929 MEDIUM - 5.9

Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS
Published: Feb 06, 2026
Source: NVD
CVE-2026-24923 MEDIUM - 6.3

Permission control vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: Huawei
Product: HarmonyOS
Published: Feb 06, 2026
Source: NVD
CVE-2026-24922 MEDIUM - 6.9

Buffer overflow vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS
Published: Feb 06, 2026
Source: NVD
CVE-2026-24921 MEDIUM - 4.8

Address read vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

Vendor: Huawei
Product: HarmonyOS
Published: Feb 06, 2026
Source: NVD
CVE-2026-24919 MEDIUM - 6.0

Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS, EMUI
Published: Feb 06, 2026
Source: NVD
CVE-2026-24918 MEDIUM - 6.8

Address read vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS, EMUI
Published: Feb 06, 2026
Source: NVD
CVE-2026-24917 MEDIUM - 6.5

UAF vulnerability in the security module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS, EMUI
Published: Feb 06, 2026
Source: NVD
CVE-2026-24916 MEDIUM - 5.9

Identity authentication bypass vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vendor: Huawei
Product: HarmonyOS
Published: Feb 06, 2026
Source: NVD
CVE-2026-24915 MEDIUM - 6.2

Out-of-bounds read issue in the media subsystem. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

Vendor: Huawei
Product: HarmonyOS
Published: Feb 06, 2026
Source: NVD
CVE-2026-24914 MEDIUM - 4.0

Type confusion vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendor: Huawei
Product: HarmonyOS
Published: Feb 06, 2026
Source: NVD
CVE-2026-1785 MEDIUM - 4.3

The Code Snippets plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.9.4. This is due to missing nonce validation on the cloud snippet download and update actions in the Cloud_Search_List_Table class. This makes it possible for unauthenticated at...

Published: Feb 06, 2026
Source: NVD
CVE-2026-1252 MEDIUM - 6.4

The Events Listing Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Event URL' parameter in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-...

Published: Feb 06, 2026
Source: NVD
CVE-2026-2010 MEDIUM - 4.2

A vulnerability has been found in Sanluan PublicCMS up to 4.0.202506.d/5.202506.d/6.202506.d. Impacted is the function Paid of the file publiccms-parent/publiccms-trade/src/main/java/com/publiccms/logic/service/trade/TradePaymentService.java of the component Trade Payment Handler. The manipulation o...

Published: Feb 06, 2026
Source: NVD
CVE-2026-2009 MEDIUM - 6.3

A flaw has been found in SourceCodester Gas Agency Management System 1.0. This issue affects some unknown processing of the file /gasmark/php_action/createUser.php. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been publi...

Vendor: mayurik
Product: gas_agency_management_system
Published: Feb 06, 2026
Source: NVD
CVE-2026-1279 MEDIUM - 6.4

The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'form_title' parameter in the `search_employee_directory` shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possibl...

Published: Feb 06, 2026
Source: NVD
CVE-2026-2008 MEDIUM - 6.3

A vulnerability was detected in abhiphile fermat-mcp up to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a. This vulnerability affects the function eqn_chart of the file fmcp/mpl_mcp/core/eqn_chart.py. Performing a manipulation of the argument equations results in code injection. It is possible to initiate...

Published: Feb 06, 2026
Source: NVD