Search

Expected end of text, found 's' (at char 38), (line:1, col:39)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (361387 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-69127 2 Themerex, Wordpress 2 Plumbing, Wordpress 2026-06-26 9.8 Critical
Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions.
CVE-2025-69157 2 Themerex, Wordpress 2 Gamic, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Gamic <= 1.15 versions.
CVE-2025-69158 2 Themerex, Wordpress 2 Granola, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Granola <= 1.13 versions.
CVE-2025-69166 2 Themerex, Wordpress 2 Gunslinger, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Gunslinger <= 1.7 versions.
CVE-2025-69174 2 Themerex, Wordpress 2 Etude, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Etude <= 1.6 versions.
CVE-2026-39523 2 Elated-themes, Wordpress 2 Solene Core, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Solene Core <= 2.3.2 versions.
CVE-2026-39556 2 Elated-themes, Wordpress 2 Konsept, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in Konsept <= 1.9 versions.
CVE-2026-39560 2 Select-themes, Wordpress 2 Hiroshi, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions.
CVE-2026-39576 2 Elated-themes, Wordpress 2 Singlemalt, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions.
CVE-2026-39590 2 Thememove, Wordpress 2 Atomlab, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Atomlab <= 2.4.5 versions.
CVE-2026-40733 2 Mikado-themes, Wordpress 2 Shiftup, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in ShiftUp <= 1.3 versions.
CVE-2026-40756 2 Mikado-themes, Wordpress 2 Zoya, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in Zoya <= 1.4 versions.
CVE-2026-40757 2 Mikado-themes, Wordpress 2 Château, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in Château <= 1.2.1 versions.
CVE-2026-52707 2 Mikado-themes, Wordpress 2 Kastell, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Kastell <= 2.0 versions.
CVE-2026-54813 2 Brainstorm Force, Wordpress 2 Suredash, Wordpress 2026-06-26 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brainstorm Force SureDash allows Blind SQL Injection. This issue affects SureDash: from n/a through 1.8.0.
CVE-2026-40641 1 Dell 1 Powerflex 2026-06-26 4.8 Medium
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering.
CVE-2026-22283 1 Dell 1 Powerflex 2026-06-26 7.5 High
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2026-49502 1 Dell 1 Powerflex 2026-06-26 7.4 High
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access.
CVE-2026-32804 1 Dell 1 Powerflex 2026-06-26 8.1 High
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2026-35065 1 Dell 1 Powerflex 2026-06-26 8.8 High
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Information tampering, Remote execution, Script injection, and Unauthorized access.