CVE search

364,804 results
CVE-2026-57285MEDIUMA missing permission check in Jenkins GitHub Branch Source Plugin 1967.1969.v205fd594c821 and earlier allows attackers with Overall/Read perEPSS 0.2%CVE-2026-57284MEDIUMJenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier does not restrict the types that can be instantiated through the Pipeline SniEPSS 0.3%CVE-2026-57283MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier allows attackers to instEPSS 0.2%CVE-2026-57282MEDIUMJenkins Git client Plugin 6.6.0 and earlier does not correctly escape the workspace directory name when it is embedded into a generated SSH EPSS 0.2%CVE-2026-57281HIGHJenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not reject Groovy AST transformation annotations carrying an extensions mEPSS 0.6%CVE-2026-57280HIGHJenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not intercept the implicit type casts applied to the elements of typed foEPSS 0.4%CVE-2026-13163MEDIUMLack of input validation in Mailerup input parameter leads to Open RedirectEPSS 0.3%CVE-2026-12242HIGHAdRotate Banner Manager <= 5.17.7 - Authenticated (Contributor+) PHP Code Injection via 'banner' Shortcode AttributeEPSS 0.5%CVE-2026-56761MEDIUMhono - HTML Injection via Improper JSX Attribute Name Handling in SSREPSS 0.2%CVE-2026-56370MEDIUMImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components ArtifactEPSS 0.1%CVE-2026-56368MEDIUMImageMagick - Memory Leak in Raw Pixel Data CodersEPSS 0.3%CVE-2026-56358MEDIUMn8n - Stored Cross-Site Scripting in Form Trigger NodeEPSS 0.1%CVE-2026-56351MEDIUMn8n - SQL Injection in MySQL, PostgreSQL, and Microsoft SQL NodesEPSS 0.2%CVE-2026-56338MEDIUMCapgo - Denial of Service in 2FA Email Verification via /auth/v1/otp EndpointEPSS 0.3%CVE-2026-56337MEDIUMCapgo - Information Disclosure via Unauthenticated RPC Function exist_app_v2EPSS 0.3%CVE-2026-56310MEDIUMCap-go - Authorization Bypass in Organization Members Endpoint via API Key Scope BypassEPSS 0.2%CVE-2026-56302MEDIUMCapgo - Unsecured Supabase Images Bucket via Missing Row Level SecurityEPSS 0.2%CVE-2026-56272MEDIUMFlowise - Insufficient Password Salt Rounds in Bcrypt HashingEPSS 0.1%CVE-2026-56270HIGHFlowise - Unauthenticated OAuth Secrets Disclosure via /api/v1/loginmethod EndpointEPSS 0.4%CVE-2026-56269MEDIUMFlowise - Weak Default Token Hash Secret in JWT Token EncryptionEPSS 0.1%