CVE search
364,899 resultsCVE-2026-52916—batman-adv: frag: disallow unicast fragment in fragmentEPSS 0.1%CVE-2026-52915HIGHnetfilter: ip6t_hbh: reject oversized option listsEPSS 0.1%CVE-2026-52914CRITICALbatman-adv: fix fragment reassembly length accountingEPSS 0.5%CVE-2026-52913—batman-adv: v: stop OGMv2 on disabled interfaceEPSS 0.1%CVE-2026-52912HIGHnetfilter: nf_queue: hold bridge skb->dev while queuedEPSS 0.1%CVE-2026-7761HIGHUltimate Member <= 2.11.4 - Authenticated (Contributor+) Account Takeover via Password Reset Link DisclosureEPSS 0.5%CVE-2026-9710HIGHThemeco Cornerstone < 7.8.8 (Premium, bundled with X Theme) - Subscriber+ Arbitrary User Password Hash DisclosureEPSS 0.2%CVE-2026-9709HIGHThemeco Cornerstone < 7.8.9 (Premium, bundled with X Theme) - Subscriber+ Arbitrary User Meta DisclosureEPSS 0.2%CVE-2026-10753LOWSite Kit by Google < 1.176.0 - Editor+ Email Reporting Settings UpdateEPSS 0.2%CVE-2026-10749HIGHPost Duplicator < 3.0.15 - Contributor+ PHP Object Injection via customMetaDataEPSS 0.3%CVE-2026-10735HIGHShapedPlugin Multiple Pro Plugins - Backdoor via Compromised Vendor Update ServerEPSS 0.4%CVE-2026-10531MEDIUMAI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode AttributeEPSS 0.1%CVE-2026-13006HIGHIncomplete protection against CVE-2025-11226EPSS 0.1%CVE-2026-8690MEDIUMRentMy Real-Time Rental Management Plugin <= 4.0.4.1 - Missing Authorization to Unauthenticated Settings Update via rentmy_cdn_request AJAX ActionEPSS 0.3%CVE-2026-9178HIGHWP Forms Connector <= 1.8 - Missing Authorization to Unauthenticated Information Exposure via 'user/list' REST EndpointEPSS 0.3%CVE-2026-11997MEDIUMBulk SEO Image <= 1.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-8622MEDIUMImage Sizes on Demand <= 1.3 - Reflected Cross-Site Scripting via PHP_SELF Server VariableEPSS 0.2%CVE-2026-9612MEDIUMWhatsOrder <= 1.0.1 - Unauthenticated Sensitive Information Exposure via Predictable Invoice File URLsEPSS 0.3%CVE-2026-8688MEDIUMAdvance Nav Menu Manager <= 1.3 - Missing Authorization to Authenticated (Subscriber+) Nav Menu Item Modification via anmm_save_menu_data AJAX ActionEPSS 0.2%CVE-2026-9620MEDIUMWP Latest Posts <= 5.0.11 - Authenticated (Author+) Stored Cross-Site Scripting via Post Content Image src AttributeEPSS 0.2%