Total CVEs

142,398

Critical Severity

3,966

High Severity

14,271

Last 7 Days

1,816
Quick preset (or use dates below)
Clear Filters
Showing 12,821 - 12,840 of 14,271 CVEs
CVE-2026-0783 HIGH - 7.2

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw ...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0782 HIGH - 7.2

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw ...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0781 HIGH - 7.2

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw ...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0780 HIGH - 7.2

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw ...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0779 HIGH - 7.2

ALGO 8180 IP Audio Alerter Ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw ex...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0778 HIGH - 8.8

Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this vulnerability...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0776 HIGH - 7.3

Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Discord Client. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0775 HIGH - 7.0

npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit t...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0774 HIGH - 8.8

WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WatchYourLAN. Authentication is not required to exploit this vulnerability. The specific flaw exists wi...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0772 HIGH - 7.5

Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is required to exploit this vulnerability. The specific flaw exists within the disk c...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0771 HIGH - 7.1

Langflow PythonFunction Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Attack vectors and exploitability will vary depending on the configuration of the product. The specific flaw exists...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0766 HIGH - 8.8

Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability. The specific flaw exists within the load_t...

Vendor: openwebui
Product: open_webui
Published: Jan 23, 2026
Source: NVD
CVE-2026-0765 HIGH - 8.8

Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability. The specific flaw exists wit...

Vendor: openwebui
Product: open_webui
Published: Jan 23, 2026
Source: NVD
CVE-2026-0762 HIGH - 8.1

GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Interaction with a malicious DAAS server is required to exploit this vulnerability but attac...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0758 HIGH - 7.8

mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of mcp-server-siri-shortcuts. An attacker must first obtain the ability to execute low-privileged code on the target...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0757 HIGH - 8.8

MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability. This vulnerability allows remote attackers to bypass the sandbox on affected installations of MCP Manager for Claude Desktop. User interaction is required to exploit this vulnerability in that the target m...

Published: Jan 23, 2026
Source: NVD
CVE-2026-0710 HIGH - 8.4

A flaw was found in SIPp. A remote attacker could exploit this by sending specially crafted Session Initiation Protocol (SIP) messages during an active call. This vulnerability, a NULL pointer dereference, can cause the application to crash, leading to a denial of service. Under specific conditions,...

Published: Jan 23, 2026
Source: NVD
CVE-2025-15351 HIGH - 7.8

Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to exploit this vulnerability in that the targ...

Vendor: Anritsu
Product: VectorStar
Published: Jan 23, 2026
Source: NVD
CVE-2025-15350 HIGH - 7.8

Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to exploit this vulnerability in that the targ...

Vendor: Anritsu
Product: VectorStar
Published: Jan 23, 2026
Source: NVD
CVE-2025-15349 HIGH - 7.5

Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

Vendor: Anritsu
Product: ShockLine
Published: Jan 23, 2026
Source: NVD