CVE search
361,532 resultsCVE-2026-9220HIGHSetracker2 Children's Smartwatch Ecosystem Use of hard-coded cryptographic keyEPSS —CVE-2026-9219HIGHSetracker2 Children's Smartwatch Ecosystem Generation of Predictable Numbers or IdentifiersEPSS —CVE-2026-43920MEDIUMFOSSBilling: Unauthenticated update patcher endpoint allows remote maintenance executionEPSS —CVE-2026-40941HIGHCacti: Package Import Signature Validation Bypass Allows Self-Signed PackagesEPSS —CVE-2026-40084MEDIUMCacti: Arbitrary File Read via Path Traversal in Report `format_file` ParameterEPSS —CVE-2026-40083HIGHCacti: SQL Injection in managers.phpEPSS —CVE-2026-40082MEDIUMCacti: Session Fixation via missing session_regenerate_id() after loginEPSS —CVE-2026-40080MEDIUMCacti: Open Redirect via HTTP_REFERER substring check in auth_login_redirectEPSS 0.1%CVE-2026-13283HIGHUse after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in sEPSS 0.2%CVE-2026-13282MEDIUMUse after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruptiEPSS 0.1%CVE-2026-13281HIGHInteger overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to poteEPSS 0.2%CVE-2026-22879HIGHvtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerabilityEPSS 0.3%CVE-2025-71340HIGHpicklescan - Remote Code Execution via idlelib.pyshell.ModifiedInterpreter.runcodeEPSS 0.3%CVE-2025-71338CRITICALFlowise - Arbitrary File Write to Remote Code Execution via document-store APIEPSS 0.6%CVE-2025-71336CRITICALFlowise - Unsandboxed Remote Code Execution via Custom MCPEPSS 0.7%CVE-2025-71335HIGHFlowise - Session Invalidation Failure After Password ChangeEPSS 0.3%CVE-2025-71334CRITICALFlowise - Arbitrary File Access via Missing Chat Flow ID ValidationEPSS 0.9%CVE-2025-71333CRITICALFlowise - Arbitrary File Upload via Unauthenticated /api/v1/attachments EndpointEPSS 0.5%CVE-2025-71328HIGHFlowise - Unverified Password Change via Account SettingsEPSS 0.3%CVE-2025-71327CRITICALFlowise - Authentication Bypass via Unprotected Registration EndpointEPSS 0.5%