CVE search
363,680 resultsCVE-2026-10833MEDIUMGutenberg Essential Blocks - Page Builder for Gutenberg Blocks & Patterns <= 6.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'configurablePrefix' Block AttributeEPSS 0.2%CVE-2026-8658MEDIUMOS Command Injection in Rapid7 InsightConnect Tcpdump PluginEPSS 0.8%CVE-2026-8662LOWPath Traversal in Rapid7 InsightConnect Compression PluginEPSS 0.2%CVE-2026-8666HIGHOS Command Injection in Rapid7 InsightConnect Traceroute PluginEPSS 0.7%CVE-2026-8592HIGHOS Command Injection in Rapid7 InsightConnect AWK PluginEPSS 0.7%CVE-2026-8664MEDIUMOS Command Injection in Rapid7 InsightConnect Finger PluginEPSS 0.8%CVE-2026-8665HIGHOS Command Injection in Rapid7 InsightConnect Translate PluginEPSS 0.7%CVE-2026-8660HIGHOS Command Injection in Rapid7 InsightConnect Ping PluginEPSS 0.7%CVE-2026-57589HIGHsys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-afEPSS 0.1%CVE-2026-9153MEDIUMArbitrary File Read in Rapid7 InsightConnect Sed PluginEPSS 0.3%CVE-2026-9154HIGHArbitrary File Write in Rapid7 InsightConnect Sed PluginEPSS 0.3%CVE-2026-9155HIGHOS Command Injection in Rapid7 InsightConnect Sed Plugin via expression parameter.EPSS 0.9%CVE-2026-8659MEDIUMOS Command Injection in Rapid7 InsightConnect SQLmap PluginEPSS 0.8%CVE-2026-37453HIGHInsecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via EPSS 0.4%CVE-2026-37452HIGHInsecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via EPSS 0.4%CVE-2026-38637HIGHAn issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via a cEPSS 0.4%CVE-2025-60465MEDIUMA use-after-free in the gf_filter_pid_inst_swap function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers EPSS 0.1%CVE-2026-37149HIGHGROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN v1.0 was discovered to contain a SQL injection vulnerability in the scost parEPSS 0.2%CVE-2026-38640HIGHA reachable unwrap in the __assert_fail function (/assert/mod.rs) of relibc commit 61f42d allows attackers to cause a Denial of Service (DoSEPSS 0.4%CVE-2026-37454HIGHInsecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via EPSS 0.3%