Total CVEs

139,456

Critical Severity

3,644

High Severity

13,084

Last 7 Days

1,238
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 1,921 - 1,940 of 35,861 CVEs
CVE-2025-69129 CRITICAL - 10.0

Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site <= 1.0.7 versions.

Vendor: Extendons
Product: WordPress & WooCommerce Scraper Plugin, Import Data from Any Site
Published: Jun 17, 2026
Source: NVD
CVE-2025-69125 HIGH - 8.1

Unauthenticated Local File Inclusion in Food Drop <= 1.3 versions.

Vendor: ThemeREX
Product: Food Drop
Published: Jun 17, 2026
Source: NVD
CVE-2025-69124 HIGH - 8.1

Unauthenticated Local File Inclusion in Especio <= 1.0 versions.

Vendor: ThemeREX
Product: Especio
Published: Jun 17, 2026
Source: NVD
CVE-2025-69122 CRITICAL - 9.8

Unauthenticated PHP Object Injection in SeaFood Company <= 1.4 versions.

Vendor: ThemeREX
Product: SeaFood Company
Published: Jun 17, 2026
Source: NVD
CVE-2025-69121 HIGH - 8.1

Unauthenticated Local File Inclusion in Deliciosa <= 1.10.0 versions.

Vendor: ThemeREX
Product: Deliciosa
Published: Jun 17, 2026
Source: NVD
CVE-2025-69119 HIGH - 8.1

Unauthenticated Local File Inclusion in Corbesier <= 1.15.0 versions.

Vendor: ThemeREX
Product: Corbesier
Published: Jun 17, 2026
Source: NVD
CVE-2025-69118 HIGH - 8.1

Unauthenticated Local File Inclusion in CopyPress <= 1.4.5 versions.

Vendor: ThemeREX
Product: CopyPress
Published: Jun 17, 2026
Source: NVD
CVE-2025-69117 HIGH - 8.1

Unauthenticated Local File Inclusion in Ingenioso <= 1.14.0 versions.

Vendor: ThemeREX
Product: Ingenioso
Published: Jun 17, 2026
Source: NVD
CVE-2025-69116 HIGH - 8.1

Unauthenticated Local File Inclusion in Iona <= 1.0.8 versions.

Vendor: ThemeREX
Product: Iona
Published: Jun 17, 2026
Source: NVD
CVE-2025-69114 HIGH - 8.1

Unauthenticated Local File Inclusion in MaxiNet <= 1.2.10 versions.

Vendor: ThemeREX
Product: MaxiNet
Published: Jun 17, 2026
Source: NVD
CVE-2025-69113 HIGH - 8.1

Unauthenticated Local File Inclusion in Nexio <= 1.10.0 versions.

Vendor: ThemeREX
Product: Nexio
Published: Jun 17, 2026
Source: NVD
CVE-2025-69112 HIGH - 8.1

Unauthenticated Local File Inclusion in Planty <= 1.14.0 versions.

Vendor: ThemeREX
Product: Planty
Published: Jun 17, 2026
Source: NVD
CVE-2025-69110 HIGH - 8.1

Unauthenticated Local File Inclusion in AirSupply <= 2.0.0 versions.

Vendor: ThemeREX
Product: AirSupply
Published: Jun 17, 2026
Source: NVD
CVE-2025-69109 HIGH - 8.1

Unauthenticated Local File Inclusion in Raider Spirit <= 1.1.2 versions.

Vendor: ThemeREX
Product: Raider Spirit
Published: Jun 17, 2026
Source: NVD
CVE-2025-69108 CRITICAL - 9.8

Unauthenticated PHP Object Injection in Hot Coffee <= 1.7 versions.

Vendor: ThemeREX
Product: Hot Coffee
Published: Jun 17, 2026
Source: NVD
CVE-2025-69107 HIGH - 8.1

Unauthenticated Local File Inclusion in Rosaleen <= 2.8 versions.

Vendor: ThemeREX
Product: Rosaleen
Published: Jun 17, 2026
Source: NVD
CVE-2025-69105 HIGH - 8.1

Unauthenticated Local File Inclusion in Modernee <= 1.6.0 versions.

Vendor: ThemeREX
Product: Modernee
Published: Jun 17, 2026
Source: NVD
CVE-2025-69104 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Qreatix <= 1.9.4 versions.

Vendor: jkdevstudio
Product: Qreatix
Published: Jun 17, 2026
Source: NVD
CVE-2025-69103 HIGH - 7.5

Subscriber Arbitrary Content Deletion in Brikk <= 3.0.0 versions.

Vendor: Utillz
Product: Brikk
Published: Jun 17, 2026
Source: NVD
CVE-2025-62340 LOW - 3.1

HCL iControl was affected by Inadequate Session Timeout vulnerability. The vulnerability involves a security risk where a web application fails to automatically terminate user sessions after a period of inactivity

Vendor: HCL Software
Product: iControl
Published: Jun 17, 2026
Source: NVD