Total CVEs

141,537

Critical Severity

3,871

High Severity

13,923

Last 7 Days

1,599
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 13,281 - 13,300 of 13,618 CVEs
CVE-2026-0841 HIGH - 8.8

A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be...

Vendor: utt
Product: 520w_firmware
Published: Jan 11, 2026
Source: NVD
CVE-2026-0840 HIGH - 8.8

A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this vulnerability is the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart leads to buffer overflow. It is possible to initiate the attack remotely. The exploit h...

Vendor: utt
Product: 520w_firmware
Published: Jan 11, 2026
Source: NVD
CVE-2026-0839 HIGH - 8.8

A weakness has been identified in UTT 进取 520W 1.7.7-180627. Affected is the function strcpy of the file /goform/APSecurity. Executing a manipulation of the argument wepkey1 can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and cou...

Vendor: utt
Product: 520w_firmware
Published: Jan 11, 2026
Source: NVD
CVE-2026-0838 HIGH - 8.8

A security flaw has been discovered in UTT 进取 520W 1.7.7-180627. This impacts the function strcpy of the file /goform/ConfigWirelessBase. Performing a manipulation of the argument ssid results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the...

Vendor: utt
Product: 520w_firmware
Published: Jan 11, 2026
Source: NVD
CVE-2026-0837 HIGH - 8.8

A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor wa...

Vendor: utt
Product: 520w_firmware
Published: Jan 11, 2026
Source: NVD
CVE-2026-0836 HIGH - 8.8

A vulnerability was determined in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW. This manipulation of the argument ssid causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed ...

Vendor: utt
Product: 520w_firmware
Published: Jan 11, 2026
Source: NVD
CVE-2026-0822 HIGH - 8.8

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The ...

Vendor: quickjs-ng
Product: quickjs
Published: Jan 10, 2026
Source: NVD
CVE-2025-62235 HIGH - 8.1

Authentication Bypass by Spoofing vulnerability in Apache NimBLE. Receiving specially crafted Security Request could lead to removal of original bondΒ and re-bond with impostor. This issue affects Apache NimBLE: through 1.8.0. Users are recommended to upgrade to version 1.9.0, which fixes the issue...

Vendor: apache
Product: nimble
Published: Jan 10, 2026
Source: NVD
CVE-2025-53477 HIGH - 7.5

NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. This issue requires disabled asserts and broken or bogus Bluetooth controller and thus severity is considered low. This issue affe...

Vendor: apache
Product: nimble
Published: Jan 10, 2026
Source: NVD
CVE-2025-52435 HIGH - 7.5

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange. ...

Vendor: apache
Product: nimble
Published: Jan 10, 2026
Source: NVD
CVE-2026-22777 HIGH - 7.5

ComfyUI-Manager is an extension designed to enhance the usability of ComfyUI. Prior to versions 3.39.2 and 4.0.5, an attacker can inject special characters into HTTP query parameters to add arbitrary configuration values to the config.ini file. This can lead to security setting tampering or modifica...

Published: Jan 10, 2026
Source: NVD
CVE-2026-22704 HIGH - 8.0

HAX CMS helps manage microsite universe with PHP or NodeJs backends. In versions 11.0.6 to before 25.0.0, HAX CMS is vulnerable to stored XSS, which could lead to account takeover. This issue has been patched in version 25.0.0.

Published: Jan 10, 2026
Source: NVD
CVE-2026-22700 HIGH - 7.5

RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography (ECC) support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a denial-of-service vulnerability ex...

Vendor: rustcrypto
Product: sm2_elliptic_curve
Published: Jan 10, 2026
Source: NVD
CVE-2026-22699 HIGH - 7.5

RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography (ECC) support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a denial-of-service vulnerability ex...

Vendor: rustcrypto
Product: sm2_elliptic_curve
Published: Jan 10, 2026
Source: NVD
CVE-2026-22685 HIGH - 8.8

DevToys is a desktop app for developers. In versions from 2.0.0.0 to before 2.0.9.0, a path traversal vulnerability exists in the DevToys extension installation mechanism. When processing extension packages (NUPKG archives), DevToys does not sufficiently validate file paths contained within the arch...

Published: Jan 10, 2026
Source: NVD
CVE-2026-22688 HIGH - 8.8

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, there is a command injection vulnerability that allows authenticated users to inject stdio_config.command/args into MCP stdio settings, causing the server to execute subproces...

Vendor: tencent
Product: weknora
Published: Jan 10, 2026
Source: NVD
CVE-2026-22589 HIGH - 7.5

Spree is an open source e-commerce solution built with Ruby on Rails. Prior to versions 4.10.2, 5.0.7, 5.1.9, and 5.2.5, an Unauthenticated Insecure Direct Object Reference (IDOR) vulnerability was identified that allows an unauthenticated attacker to access guest address information without supplyi...

Vendor: spreecommerce
Product: spree
Published: Jan 10, 2026
Source: NVD
CVE-2025-13457 HIGH - 7.5

The WooCommerce Square plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.1 via the get_token_by_id function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to expose arbitrary Squ...

Published: Jan 10, 2026
Source: NVD
CVE-2026-22596 HIGH - 7.2

Ghost is a Node.js content management system. In versions 5.90.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost's /ghost/api/admin/members/events endpoint allows users with authentication credentials for the Admin API to execute arbitrary SQL. This issue has been patched in ...

Vendor: ghost
Product: ghost
Published: Jan 10, 2026
Source: NVD
CVE-2026-22595 HIGH - 8.1

Ghost is a Node.js content management system. In versions 5.121.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost's handling of Staff Token authentication allowed certain endpoints to be accessed that were only intended to be accessible via Staff Session authentication. Exter...

Vendor: ghost
Product: ghost
Published: Jan 10, 2026
Source: NVD