CVE search
366,690 resultsCVE-2026-53916HIGHApache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codecEPSS 0.8%CVE-2026-53917HIGHApache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory allocation in OpenWire property unmarshallingEPSS 0.8%CVE-2026-54475HIGHApache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeoverEPSS 0.6%CVE-2026-10763HIGHPROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party DigipedEPSS 0.3%CVE-2026-8141HIGHAjax Load More - Filters <= 3.4.1 - Unauthenticated Stored Cross-Site Scripting via 'taxonomy_include_children' FieldEPSS 0.3%CVE-2026-9711CRITICALEventON - WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection via Search ParameterEPSS 0.4%CVE-2026-12076CRITICALSQL Injection in Raytha CMSEPSS 0.4%CVE-2025-7406HIGHA Sudo Privilege Escalation Vulnerability in Nokia MantaRay NMEPSS 0.1%CVE-2025-24816MEDIUMAn Improper Access Control vulnerability in Nokia MantaRay NMEPSS 0.3%CVE-2025-24815HIGHAn unrestricted file upload vulnerability in Nokia MantaRay NMEPSS 0.1%CVE-2026-6954MEDIUMMultiple vulnerabilities in Intermark IT's WebControl CMSEPSS 0.4%CVE-2026-6953MEDIUMMultiple vulnerabilities in Intermark IT's WebControl CMSEPSS 0.4%CVE-2026-13149HIGHbrace-expansion through 5.0.6 is vulnerable to denial of service. The expand() function exhibits exponential-time complexity in the number oEPSS 0.4%CVE-2026-12610MEDIUMSssd: use-after-free crash in sssd' 'sssd_pam' processEPSS 0.2%CVE-2026-45822MEDIUMdecode-uri-component through 0.4.1 is vulnerable to denial of service. The decode() function splits input on '%' producing N tokens and callEPSS 0.3%CVE-2026-12578HIGHDTMSoft - Deserialization of Untrusted Data VulnerabilityEPSS 0.4%CVE-2026-12240HIGHExport User Data <= 2.2.6 - Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion via display_name FieldEPSS 0.3%CVE-2026-14164HIGHLibarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()EPSS 0.4%CVE-2026-12819CRITICALDVP-12SE Missing Authentication and Unauthorized Write access VulnerabilityEPSS 0.3%CVE-2026-12818CRITICALDVP-12SE Exposure of Sensitive Information VulnerabilityEPSS 0.3%