CVE
Info.com
  • Browse CVEs
  • Trends
  • Email Alerts
  • About

📊 CVE Trends & Statistics

Discover trending vulnerabilities and security insights

Last 7 Days Last 30 Days Last 90 Days Last Year
20,883
Total CVEs
2,116
Critical
7,975
High
7,733
Medium
867
Low
6.9
Avg CVSS Score

Severity Distribution

2,116
Critical
10%
Click to view
7,975
High
38%
Click to view
7,733
Medium
37%
Click to view
867
Low
4%
Click to view

Weekly CVE Trends

Apr 19
Apr 26
May 03
May 10
May 17
May 24
May 31
Jun 07
Jun 14
Jun 21
Jun 28
Jul 05
Jul 12

Top Affected Vendors

Linux
Click to view all CVEs
1867
🔥 103
Google
Click to view all CVEs
1609
🔥 141
Go
Click to view all CVEs
479
🔥 61
Npm
Click to view all CVEs
465
🔥 59
Microsoft
Click to view all CVEs
455
🔥 42
Pip
Click to view all CVEs
423
🔥 45
Oracle
Click to view all CVEs
353
🔥 132
Composer
Click to view all CVEs
309
🔥 21
Apache Software Foundation
Click to view all CVEs
301
🔥 60
Adobe
Click to view all CVEs
250
🔥 22

Top Affected Products

Linux
Linux
Click to view all CVEs
1866
🔥 103
chrome
Google
Click to view all CVEs
1482
🔥 137
OpenClaw
OpenClaw
Click to view all CVEs
242
🔥 9
firefox
Mozilla
Click to view all CVEs
136
🔥 25
windows_10_1607
Microsoft
Click to view all CVEs
135
🔥 4
android
Google
Click to view all CVEs
119
🔥 1
gitlab
Gitlab
Click to view all CVEs
71
open-webui
Pip
Click to view all CVEs
70
🔥 1
Capgo
Capgo
Click to view all CVEs
66
🔥 1
Adobe Experience Manager
Adobe
Click to view all CVEs
61

🔥 Recently Published CVEs

CVE-2026-60095 MEDIUM - 6.5

Vinchin Backup & Recovery through 9.0.0.86562 contains a stack buffer overflow vulnerability in the ModuleHandShake function of the agentlink_server service that allows unauthenticated remote attacker...

Vendor: Vinchin Product: Backup & Recovery 9.0 Published: Jul 09, 2026
CVE-2026-60094 MEDIUM - 6.5

Vinchin Backup & Recovery through 9.0.0.86562 contains a heap buffer overflow vulnerability that allows unauthenticated remote attackers to cause process crash or memory corruption by sending a malfor...

Vendor: Vinchin Product: Backup & Recovery 9.0 Published: Jul 09, 2026
CVE-2026-4256 HIGH - 8.2

Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in PEAKUP Technology Inc. PassGate allows LDAP Injection. This issue affects PassGate: through 30042...

Published: Jul 09, 2026
CVE-2026-15186 MEDIUM - 6.3

A vulnerability was identified in macrozheng mall up to 1.0.3. This impacts an unknown function of the file /returnApply/create of the component Portal Endpoint. The manipulation of the argument order...

Vendor: macrozheng Product: mall Published: Jul 09, 2026
CVE-2026-15185 LOW - 3.3

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsub_read_idx of the file /src/media_tools/vobsub.c of the component MP4Box. Executing a manipulation of the argument num_...

Product: GPAC Published: Jul 09, 2026
CVE-2026-14261

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a rem...

Vendor: Xerte Product: Xerte Online Tools Published: Jul 09, 2026
CVE-2026-12879

An Improper Input Validation vulnerability in BigQuery DAO in Google Cloud Apigee versions prior to 2026-06-12 on Google Cloud Platform allows an authenticated attacker to exfiltrate cross-tenant data...

Vendor: Google Cloud Product: Apigee Published: Jul 09, 2026
CVE-2026-12593

The implementation of an internal and undocumented Dashboard API endpoint (POST /api/users/~/{user}/tokens) forgot to ensure an HTTP request for creating an API Token for another user had s...

Vendor: Qt Product: Axivion Published: Jul 09, 2026
CVE-2026-12116

A vulnerability in the Xerte Online Tools allows for RCE through the antivirus binary path in the tools server settings, which can be changed to a PHP interpreter, allowing an attacker to upload PHP d...

Vendor: Xerte Product: Xerte Online Tools Published: Jul 09, 2026
CVE-2026-53760 MEDIUM - 5.2

Admidio: CSRF on Plugin Install, Uninstall, and Update via Unprotected GET Requests...

Vendor: composer Product: admidio/admidio Published: Jul 09, 2026

💬 Most Discussed CVEs

CVE-2021-47931
MEDIUM 💬 1 comment

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing en...

Browse CVEs Trends Email Alerts About

© 2026 CVEInfo.com - Aggregating CVE Information from Multiple Sources

Data sources: NVD, MITRE, GitHub Security Advisories