CVE
Info.com
  • Browse CVEs
  • Trends
  • Email Alerts
  • About

📊 CVE Trends & Statistics

Discover trending vulnerabilities and security insights

Last 7 Days Last 30 Days Last 90 Days Last Year
7,555
Total CVEs
914
Critical
2,946
High
2,556
Medium
261
Low
7.1
Avg CVSS Score

Severity Distribution

914
Critical
12%
Click to view
2,946
High
39%
Click to view
2,556
Medium
34%
Click to view
261
Low
3%
Click to view

Daily CVE Trends

266
Jun 10
202
Jun 11
259
Jun 12
23
Jun 13
16
Jun 14
457
Jun 15
285
Jun 16
767
Jun 17
178
Jun 18
269
Jun 19
45
Jun 20
70
Jun 21
185
Jun 22
180
Jun 23
482
Jun 24
474
Jun 25
381
Jun 26
31
Jun 27
43
Jun 28
246
Jun 29
649
Jun 30
401
Jul 01
291
Jul 02
192
Jul 03
70
Jul 04
86
Jul 05
232
Jul 06
174
Jul 07
338
Jul 08
183
Jul 09

Top Affected Vendors

Google
Click to view all CVEs
609
🔥 70
Linux
Click to view all CVEs
456
🔥 35
Oracle
Click to view all CVEs
232
🔥 118
Go
Click to view all CVEs
175
🔥 18
Npm
Click to view all CVEs
154
🔥 13
Pip
Click to view all CVEs
145
🔥 15
Apache Software Foundation
Click to view all CVEs
113
🔥 27
Red Hat
Click to view all CVEs
98
🔥 2
Composer
Click to view all CVEs
81
🔥 6
Adobe
Click to view all CVEs
70
🔥 12

Top Affected Products

chrome
Google
Click to view all CVEs
544
🔥 66
Linux
Linux
Click to view all CVEs
456
🔥 35
Capgo
Capgo
Click to view all CVEs
66
🔥 1
OpenClaw
OpenClaw
Click to view all CVEs
61
🔥 1
android
Google
Click to view all CVEs
58
🔥 1
picklescan
Picklescan
Click to view all CVEs
49
🔥 7
edge_chromium
Microsoft
Click to view all CVEs
46
🔥 1
coolify
Coollabsio
Click to view all CVEs
45
🔥 5
Firefox
Mozilla
Click to view all CVEs
43
🔥 9
ImageMagick
ImageMagick
Click to view all CVEs
35

🔥 Recently Published CVEs

CVE-2026-61344 MEDIUM - 5.3

The Superior Court of California Hearing Reminder Service at https://www.hrs.courts.ca.gov exposes an API endpoint that returns court reminder records containing potentially sensitive information with...

Vendor: Superior Court of California, County of Los Angeles Product: Hearing Reminder Service Published: Jul 09, 2026
CVE-2026-61343 HIGH - 7.2

LibreBooking's email template editor save action passes the submitted template name directly into the destination file path, allowing a remote attacker with administrator credentials to write an arbit...

Vendor: LibreBooking Product: LibreBooking Published: Jul 09, 2026
CVE-2026-59827 CRITICAL - 9.9

Metabase is an open-source business intelligence and embedded analytics tool. Prior to 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4, Metabase instances with an H2 database connection, including the defaul...

Vendor: metabase Product: metabase Published: Jul 09, 2026
CVE-2026-59826 CRITICAL - 9.1

Metabase is an open-source business intelligence and embedded analytics tool. From 1.55.0 until 1.58.15.1, 1.59.12, 1.60.6.3, and 1.61.2, Metabase did not validate unsafe H2 connection properties on o...

Vendor: metabase Product: metabase Published: Jul 09, 2026
CVE-2026-59817 MEDIUM - 5.3

Ghost is a Node.js content management system. From 6.27.0 before 6.44.0, Ghost's public donation checkout flow allowed an unauthenticated attacker to control donation checkout metadata and obtain full...

Vendor: TryGhost Product: Ghost Published: Jul 09, 2026
CVE-2026-59734 HIGH - 8.8

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, Coolify's app/Jobs/ApplicationDeploymentJob.php generate_healthcheck_comman...

Vendor: coollabsio Product: coolify Published: Jul 09, 2026
CVE-2026-59726 CRITICAL - 10.0

Ruflo is an agent meta-harness for Claude Code and Codex. Prior to 3.16.3, ruflo's default docker-compose deployment exposed the MCP bridge POST /mcp and POST /mcp/:group endpoints without authenticat...

Vendor: ruvnet Product: ruflo Published: Jul 09, 2026
CVE-2026-59721 HIGH - 7.2

Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, the updateInfraConfigs GraphQL mutation in admin/infra.resolver.ts accepts an attacker-controlled MAILER_SMTP_URL value, and ...

Vendor: hoppscotch Product: hoppscotch Published: Jul 09, 2026
CVE-2026-59720 HIGH - 7.5

Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, mock server creation in mock-server.service.ts does not persist the isPublic input field while schema.prisma defaults isPubli...

Vendor: hoppscotch Product: hoppscotch Published: Jul 09, 2026
CVE-2026-59221 HIGH - 7.7

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.6 before 0.10.0, _sanitize_proxy_path in backend/open_webui/routers/terminals.py decoded proxy paths only...

Vendor: open-webui Product: open-webui Published: Jul 09, 2026
Browse CVEs Trends Email Alerts About

© 2026 CVEInfo.com - Aggregating CVE Information from Multiple Sources

Data sources: NVD, MITRE, GitHub Security Advisories