CVE search
363,138 resultsCVE-2026-53909MEDIUMArbitrary File Upload in MCOEPSS 0.2%CVE-2026-53908MEDIUMUser Enumeration in MCOEPSS 0.3%CVE-2026-53907MEDIUMStored Cross‑Site Scripting in MCOEPSS 0.3%CVE-2026-53906MEDIUMPath Disclosure and Path Traversal in MCOEPSS 0.4%CVE-2026-53905MEDIUMUnauthorized Access to Administrator ACL View in MCOEPSS 0.2%CVE-2026-53904MEDIUMAccount Denial of Service in MCOEPSS 0.2%CVE-2026-53903MEDIUMInsecure Direct Object Reference in MCOEPSS 0.2%CVE-2026-53902HIGHPrivilege Escalation in MCOEPSS 0.2%CVE-2026-14181HIGH@fastify/middie standalone engine vulnerable to Denial of Service via malformed percent-encoded pathsEPSS 0.3%CVE-2026-14198CRITICAL@fastify/middie vulnerable to authorization bypass via encoded slash in path parameter valuesEPSS 0.3%CVE-2026-13323MEDIUMIn Open VSX Registry before 1.0.2, the /vscode/unpkg/ endpoint serves user-supplied HTML files with Content-Type: text/html and without a CoEPSS 0.2%CVE-2026-12142HIGHNEX-Forms <= 9.2.2 - Unauthenticated Stored Cross-Site Scripting via '_name[]' Array ParameterEPSS 0.3%CVE-2026-13228HIGHLatePoint <= 5.6.3 - Authenticated (Custom+) Privilege Escalation to Administrator via 'order[customer_id]' ParameterEPSS 0.3%CVE-2026-10095MEDIUMWP Photo Album Plus <= 9.1.13.005 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'subtext' Shortcode AttributeEPSS 0.2%CVE-2026-14258MEDIUMDhcpcd: dhcpcd infinite loop and out-of-bounds read via zero-length ipv6 nd option in router advertisement handlingEPSS 0.2%CVE-2026-27435MEDIUMWordPress Woffice theme < 5.4.33 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-12754MEDIUMVikBooking Hotel Booking Engine & PMS <= 1.8.12 - Reflected Cross-Site Scripting via 'layoutstyle' ParameterEPSS 0.3%CVE-2026-13454MEDIUMMotoPress Appointment Booking <= 2.4.5 - Authenticated (Staff+) SQL Injection via 's' ParameterEPSS 0.4%CVE-2026-10538HIGHImproper deserialization handling in Control-M ComponentsEPSS 0.2%CVE-2026-10539CRITICALUnauthenticated command injection in Control-M/Server communication commandEPSS 0.2%