📊 CVE Trends & Statistics

Discover trending vulnerabilities and security insights

Last 7 Days Last 30 Days Last 90 Days Last Year
1,220
Total CVEs
74
Critical
427
High
432
Medium
43
Low
6.8
Avg CVSS Score

Severity Distribution

74
Critical
6%
Click to view
427
High
35%
Click to view
432
Medium
35%
Click to view
43
Low
4%
Click to view

Daily CVE Trends

75
Feb 08
159
Feb 09
297
Feb 10
334
Feb 11
134
Feb 12
132
Feb 13
63
Feb 14

Top Affected Vendors

Apple
Click to view all CVEs
75
🔥 1
QNAP Systems Inc.
Click to view all CVEs
49
🔥 1
Microsoft
Click to view all CVEs
49
🔥 1
Adobe
Click to view all CVEs
44
Nsasoft
Click to view all CVEs
25
Fabian
Click to view all CVEs
23
Yokogawa Electric Corporation
Click to view all CVEs
20
SAP_SE
Click to view all CVEs
18
Dlink
Click to view all CVEs
18
AMD
Click to view all CVEs
16

Top Affected Products

Qsync Central
QNAP Systems Inc.
Click to view all CVEs
28
macOS
Apple
Click to view all CVEs
25
windows_10_1607
Microsoft
Click to view all CVEs
20
GitLab
GitLab
Click to view all CVEs
15
After Effects
Adobe
Click to view all CVEs
15
FAST/TOOLS
Yokogawa Electric Corporation
Click to view all CVEs
15
File Station 5
QNAP Systems Inc.
Click to view all CVEs
13
FreeRDP
FreeRDP
Click to view all CVEs
12
🔥 2
macOS, watchOS, visionOS, iOS and iPadOS, tvOS
Apple
Click to view all CVEs
11
chrome
Google
Click to view all CVEs
11

🔥 Recently Published CVEs

CVE-2026-1512 MEDIUM - 6.4

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Info Box widget in all versions up to, a...

Published: Feb 14, 2026
CVE-2026-1843 HIGH - 7.2

The Super Page Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Activity Log in all versions up to, and including, 5.2.2 due to insufficient input sanitization and outpu...

Published: Feb 14, 2026
CVE-2026-1258 MEDIUM - 4.9

The Mail Mint plugin for WordPress is vulnerable to blind SQL Injection via the 'forms', 'automation', 'email/templates', and 'contacts/import/tutorlms/map' API endpoints in all versions up to, and in...

Published: Feb 14, 2026
CVE-2026-1254 MEDIUM - 4.3

The Modula Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.13.6. This is due to the plugin not properly ...

Published: Feb 14, 2026
CVE-2026-1249 MEDIUM - 5.0

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Server-Side Request Forgery in versions 5.3 to 5.10 via the 'load_lyrics_ajax_callback' fu...

Published: Feb 14, 2026
CVE-2026-0550 MEDIUM - 6.4

The myCred plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mycred_load_coupon' shortcode in all versions up to, and including, 2.9.7.3 due to insufficient input san...

Published: Feb 14, 2026
CVE-2025-8572 CRITICAL - 9.8

The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validation of the user_role parameter during user ...

Published: Feb 14, 2026
CVE-2026-2024 HIGH - 7.5

The PhotoStack Gallery plugin for WordPress is vulnerable to SQL Injection via the 'postid' parameter in all versions up to, and including, 0.4.1 due to insufficient escaping on the user supplied para...

Published: Feb 14, 2026
CVE-2026-2022 MEDIUM - 4.3

The Smart Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'rednao_smart_forms_get_campaigns' AJAX action in all versions up to, and inc...

Published: Feb 14, 2026
CVE-2026-1988 HIGH - 7.5

The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the `flexipsg_carousel` shortcode. This is ...

Published: Feb 14, 2026