Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,724
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 15,361 - 15,380 of 38,432 CVEs
CVE-2026-42260 HIGH - 8.2

Open-WebSearch is a multi-engine MCP server, CLI, and local daemon for agent web search and content retrieval. Prior to 2.1.7, isPublicHttpUrl / assertPublicHttpUrl in src/utils/urlSafety.ts do not recognize bracketed IPv6 literals and do not resolve DNS, which combine to allow non-blind SSRF with t...

Vendor: npm
Product: open-websearch
Published: May 05, 2026
Source: GitHub
CVE-2026-43939 HIGH - 7.3

YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 and 3.2.12, the thread posting and reply feature accepts user-supplied content via a a post or reply that is stored server-side and later rendered back into the thread page without adequate HTML sanitization or contextual output enc...

Vendor: nuget
Product: YAFNET.Core
Published: May 05, 2026
Source: GitHub
CVE-2026-43937 HIGH - 8.8

YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5, Any admin OnPost… handler executes its side effects before the ResultFilterAttribute rewrites the response to a 302 to /Info/4. The most impactful abuse is /Admin/RunSql, whose OnPostRunQuery binds Editor from the POST body and pas...

Vendor: nuget
Product: YAFNET.Core
Published: May 05, 2026
Source: GitHub
CVE-2026-43938 HIGH - 8.1

YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 and 3.2.12, the application's database logger (YAFNET.Core/Logger/DbLogger.cs) captures the incoming request's User-Agent header into a JObject, serializes it with JsonConvert, and stores the result in the EventLog.Descrip...

Vendor: nuget
Product: YAFNET.Core
Published: May 05, 2026
Source: GitHub

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.76 and 9.9.0-alpha.2, a race condition in the MFA SMS one-time password (OTP) login path allows two concurrent /login requests carrying the same OTP to both succeed and both receive v...

Vendor: npm
Product: parse-server
Published: May 05, 2026
Source: GitHub
CVE-2026-43929 HIGH - 8.2

ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address (e.g. http://[::ffff:127.0.0.1]/). The WHATWG URL parser bu...

Vendor: npm
Product: ssrfcheck
Published: May 05, 2026
Source: GitHub
CVE-2026-7857 HIGH - 7.2

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may...

Vendor: dlink
Product: di-8100_firmware
Published: May 05, 2026
Source: NVD
CVE-2026-7856 HIGH - 7.2

A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /url_member.asp of the component Web Management Interface. Executing a manipulation of the argument Name can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and m...

Vendor: dlink
Product: di-8100_firmware
Published: May 05, 2026
Source: NVD
CVE-2026-44331 HIGH - 8.1

In ProFTPD through 1.3.9a before 7666224, a SQL injection vulnerability in sqltab_fetch_clients_cb() in contrib/mod_wrap2_sql.c allows a remote attacker to inject arbitrary SQL commands via a crafted domain name that is accessed in a reverse DNS lookup. When "UseReverseDNS on" is enabled, ...

Vendor: ProFTPD
Product: ProFTPD
Published: May 05, 2026
Source: NVD

Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, the unauthenticated JSON API accepts an altTable parameter that is stored via the setAltTable() method without validation or sanitization. This v...

Vendor: MasaCMS
Product: MasaCMS
Published: May 05, 2026
Source: NVD

Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's handling of the sortDirection parameter. T...

Vendor: MasaCMS
Product: MasaCMS
Published: May 05, 2026
Source: NVD

Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of the sortBy parameter. The application fails to properly sanitize or parameterize this input before...

Vendor: MasaCMS
Product: MasaCMS
Published: May 05, 2026
Source: NVD
CVE-2026-38947 MEDIUM - 6.1

FluentCMS 1.2.3 is vulnerable to Cross Site Scripting (XSS) in TextHTML plugin.

Published: May 05, 2026
Source: NVD
CVE-2026-34596 HIGH - 7.0

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use (TOCTOU) race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by Sbi...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34527 MEDIUM - 5.3

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit valu...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34464 HIGH - 8.8

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMED_PIPE_OPEN_REQ into a fixed WCHAR pipename[160] stack buffer using wcscat without verifying null termination. The handler only...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34462 HIGH - 7.8

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers (KillAllHandler, SuspendAllHandler, and RunSandboxedHandler) copy a WCHAR boxname[34] field from request structures into WCHAR[40] stack buffers using wcscpy ...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34461 HIGH - 7.8

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGID_SBIE_INI_RUN_SBIE_CTRL message is handled before normal sandbox and impersonation checks, and for non-sandb...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34459 HIGH - 8.8

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34458 HIGH - 8.8

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection vulnerability allows any standard local user to bypass configuration restrictions (EditAdminOnly and ConfigPassword) and inject arbitrary directives into the global Sandbox...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD