5.3

CVSS3.1

CVE-2026-25436 - WordPress Royal Elementor Addons plugin < 1.7.1053 - Broken Access Control vulnerability

Missing Authorization vulnerability in WProyal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal Elementor Addons: from n/a before 1.7.1053.

📅 Published: May 7, 2026, 7:34 a.m. 🔄 Last Modified: May 7, 2026, 7:34 a.m.

4.7

CVSS3.1

CVE-2026-44407 - Remote Denial of Service Vulnerability Exists in ZTE Cloud PC Client uSmartview

A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service.

📅 Published: May 7, 2026, 7:33 a.m. 🔄 Last Modified: May 7, 2026, 7:33 a.m.

6.5

CVSS3.1

CVE-2026-27421 - WordPress Royal Elementor Addons plugin < 1.7.1053 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WProyal Royal Elementor Addons allows Stored XSS. This issue affects Royal Elementor Addons: from n/a before 1.7.1053.

📅 Published: May 7, 2026, 7:31 a.m. 🔄 Last Modified: May 7, 2026, 7:31 a.m.

5.3

CVSS3.1

CVE-2025-2514 - Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachi Virtual Storage …

Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One B…

📅 Published: May 7, 2026, 7:30 a.m. 🔄 Last Modified: May 7, 2026, 7:30 a.m.

5.4

CVSS4.0

CVE-2026-4430 - Heap Buffer Overflow in AgileEngine

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.

📅 Published: May 7, 2026, 7:16 a.m. 🔄 Last Modified: May 7, 2026, 7:16 a.m.

8.1

CVSS3.1

CVE-2025-9661 - OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual S…

OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28. This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.

📅 Published: May 7, 2026, 7:08 a.m. 🔄 Last Modified: May 7, 2026, 7:08 a.m.

5.7

CVSS3.1

CVE-2026-44406 - DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since uSmartViewServi…

📅 Published: May 7, 2026, 6:49 a.m. 🔄 Last Modified: May 7, 2026, 6:49 a.m.

9.3

CVSS4.0

CVE-2026-41586 - ObjectInputStream.readObject() without ObjectInputFilter in fabric-sdk-java allows Java deserializa…

Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. From versions 1.0.0 to 2.2.26, Channel.java implements readObject() and exposes deSerializeChannel() which call ObjectInputStream.readObject() on untrusted byte arrays with…

📅 Published: May 7, 2026, 5:12 a.m. 🔄 Last Modified: May 7, 2026, 5:12 a.m.

8.8

CVSS3.1

CVE-2026-41143 - YesWiki vulnerable to authenticated SQL Injection via id_fiche in EntryManager::formatDataBeforeSav…

YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data['id_fiche'] value (sourced from $_POST['id_fiche']) is concatenated directly into a raw SQL query without any …

📅 Published: May 7, 2026, 5:08 a.m. 🔄 Last Modified: May 7, 2026, 5:08 a.m.

8.8

CVSS3.0

CVE-2026-41139 - Unsafe array index getter in mathjs

Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the expression parser of mathjs. This issue has been patched in version 15.2.0.

📅 Published: May 7, 2026, 5:06 a.m. 🔄 Last Modified: May 7, 2026, 5:06 a.m.
Total resulsts: 348619
Page 2 of 34,862
« previous page » next page
Filters