Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,778
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 13,121 - 13,140 of 38,432 CVEs
CVE-2026-34666 MEDIUM - 6.2

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation o...

Vendor: Adobe
Product: CAI Content Credentials
Published: May 12, 2026
Source: NVD
CVE-2026-34665 HIGH - 7.5

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service cond...

Vendor: Adobe
Product: CAI Content Credentials
Published: May 12, 2026
Source: NVD
CVE-2026-34658 MEDIUM - 4.8

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may ...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34656 MEDIUM - 4.3

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34655 MEDIUM - 4.8

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may ...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34654 MEDIUM - 5.3

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the applica...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34653 HIGH - 8.7

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in arbitrary file system read and write. An authenticated a...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34652 HIGH - 7.5

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the applica...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34651 HIGH - 7.5

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resultin...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34650 HIGH - 7.5

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resultin...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34649 HIGH - 7.5

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resultin...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34648 HIGH - 7.5

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resultin...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34647 HIGH - 7.4

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain u...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34646 HIGH - 7.5

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorize...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-34645 HIGH - 7.5

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorize...

Vendor: Adobe
Product: Adobe Commerce
Published: May 12, 2026
Source: NVD
CVE-2026-23827 HIGH - 7.5

A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged user o...

Vendor: Hewlett Packard Enterprise (HPE)
Product: HPE Aruba Networking Wireless Operating System (AOS)
Published: May 12, 2026
Source: NVD
CVE-2026-23826 HIGH - 7.5

A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitation ...

Vendor: Hewlett Packard Enterprise (HPE)
Product: HPE Aruba Networking Wireless Operating System (AOS)
Published: May 12, 2026
Source: NVD
CVE-2026-23825 HIGH - 7.5

Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may term...

Vendor: Hewlett Packard Enterprise (HPE)
Product: HPE Aruba Networking Wireless Operating System (AOS)
Published: May 12, 2026
Source: NVD
CVE-2026-23824 HIGH - 7.5

Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may term...

Vendor: Hewlett Packard Enterprise (HPE)
Product: HPE Aruba Networking Wireless Operating System (AOS)
Published: May 12, 2026
Source: NVD
CVE-2026-8431 HIGH - 7.2

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax.ย  This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior.

Published: May 12, 2026
Source: NVD