Total CVEs

141,537

Critical Severity

3,871

High Severity

13,923

Last 7 Days

1,592
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 14,121 - 14,140 of 37,942 CVEs
CVE-2026-42877 MEDIUM - 5.4

FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting (XSS) vulnerability exists in the product search modal of sales (Core/Lib/AjaxForms/SalesModalHTML.php) and purchases documents (Core/Lib/AjaxForms/PurchasesModalHTML.php). An au...

Vendor: composer
Product: facturascripts/facturascripts
Published: May 07, 2026
Source: GitHub

FacturaScripts is an open source accounting and invoicing software. Versions 2025.7 and prior contain a Reflected Cross-Site Scripting (XSS) vulnerability through the fsNick cookie parameter. The application reflects the cookie's value directly into the HTML without sanitization. The fsNick coo...

Vendor: composer
Product: facturascripts/facturascripts
Published: May 07, 2026
Source: GitHub
CVE-2026-27892 MEDIUM - 6.5

FacturaScripts is an open source accounting and invoicing software. In versions prior to 2026, the Library module stores and serves uploaded images byte-for-byte, without stripping EXIF/XMP/IPTC metadata. Any authenticated user who downloaded an image could extract the uploader's embedded metad...

Vendor: composer
Product: facturascripts/facturascripts
Published: May 07, 2026
Source: GitHub
CVE-2026-27891 HIGH - 7.2

FacturaScripts is an open source accounting and invoicing software. Versions 2026 and below contain a critical vulnerability in the Plugins::add() function. The system fails to properly validate the file paths within uploaded ZIP archives. This allows an attacker to perform a Zip Slip attack, leadin...

Vendor: composer
Product: facturascripts/facturascripts
Published: May 07, 2026
Source: GitHub
CVE-2026-8086 MEDIUM - 5.3

A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly avai...

Vendor: osgeo
Product: gdal
Published: May 07, 2026
Source: NVD
CVE-2026-8084 LOW - 3.3

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit has...

Vendor: osgeo
Product: gdal
Published: May 07, 2026
Source: NVD
CVE-2026-8083 HIGH - 7.3

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be u...

Published: May 07, 2026
Source: NVD
CVE-2026-44742 HIGH - 7.2

Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026.

Vendor: Postorius project
Product: Postorius
Published: May 07, 2026
Source: NVD
CVE-2026-42284 CRITICAL - 9.8

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, _clone() validates multi_options as the original list, then executes shlex.split(" ".join(multi_options)). A string like "--branch main --config core.hooksPath=/x" passes validation (st...

Vendor: gitpython_project
Product: gitpython
Published: May 07, 2026
Source: NVD
CVE-2026-42215 HIGH - 8.8

GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs upload_pack and receive_pack bypass that check. If an appli...

Vendor: gitpython-developers
Product: GitPython
Published: May 07, 2026
Source: NVD
CVE-2026-42214 HIGH - 7.8

Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension() function interpolates a file's extension directly into a Lua script without sanitization. An attacker can craft a filename whose extension contains Lua code, ...

Vendor: dail8859
Product: NotepadNext
Published: May 07, 2026
Source: NVD
CVE-2026-41906 HIGH - 7.1

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filtered search endpoint, but the backend conversation_change_customer action accepts any supplied cu...

Vendor: freescout-help-desk
Product: freescout
Published: May 07, 2026
Source: NVD
CVE-2026-41905 HIGH - 7.7

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, Helper::sanitizeRemoteUrl() in app/Misc/Helper.php follows HTTP redirects via curlGetLastRedirectedUrl() but then re-validates the original URL instead of the final redirect destination....

Vendor: freescout-help-desk
Product: freescout
Published: May 07, 2026
Source: NVD
CVE-2026-41904 HIGH - 7.6

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user with updateAutoReply permission can store an XSS payload in the mailbox auto-reply message. The payload is rendered unescaped in the auto-reply email sent to every customer who co...

Vendor: freescout-help-desk
Product: freescout
Published: May 07, 2026
Source: NVD
CVE-2026-41903 MEDIUM - 5.4

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user holding the PERM_EDIT_USERS permission (intended for general user-profile editing) can read and modify the notification subscriptions of any other user, including admins, by sendi...

Vendor: freescout-help-desk
Product: freescout
Published: May 07, 2026
Source: NVD
CVE-2026-41902 CRITICAL - 9.1

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, the /user-setup/{hash} endpoint accepts a 60-character random invite_hash to set a new user's password. The endpoint performs no expiration check โ€” the hash remains valid indefinite...

Vendor: freescout-help-desk
Product: freescout
Published: May 07, 2026
Source: NVD

BentoPDF is a client-side PDF toolkit that is self hostable. Prior to version 2.8.3, a cross-site scripting vulnerability was identified in BentoPD. An attacker may be able to execute arbitrary JavaScript in certain circumstances in Markdown to PDF Tool. This issue has been patched in version 2.8.3.

Vendor: alam00000
Product: bentopdf
Published: May 07, 2026
Source: NVD
CVE-2026-8081 MEDIUM - 6.3

A vulnerability has been found in router-for-me CLIProxyAPI 6.9.29. Affected by this issue is some unknown functionality of the file internal/api/handlers/management/api_tools.go of the component API Interface. The manipulation of the argument url leads to server-side request forgery. Remote exploit...

Vendor: router-for-me
Product: cliproxyapi
Published: May 07, 2026
Source: NVD
CVE-2026-37709 CRITICAL - 9.8

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component

Vendor: composer
Product: snipe/snipe-it
Published: May 07, 2026
Source: NVD
CVE-2026-7415 CRITICAL - 9.8

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization of...

Vendor: yarbo
Product: lawn_mower_firmware
Published: May 07, 2026
Source: NVD