Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-40789 2 Tms, Wordpress 2 Amelia, Wordpress 2026-06-23 7.5 High
Unauthenticated Sensitive Data Exposure in Amelia <= 2.2 versions.
CVE-2026-40795 2 Tms, Wordpress 2 Amelia, Wordpress 2026-06-23 6.5 Medium
Subscriber Broken Access Control in Amelia <= 2.2 versions.
CVE-2026-48889 2 Tms, Wordpress 2 Amelia, Wordpress 2026-06-23 8.8 High
Subscriber Privilege Escalation in Amelia <= 2.3 versions.
CVE-2026-49080 2 Tms, Wordpress 2 Wpdatatables, Wordpress 2026-06-20 9.3 Critical
Unauthenticated SQL Injection in wpDataTables <= 7.3.6 versions.
CVE-2025-69828 1 Tms 1 Management Console 2026-04-15 10 Critical
File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit
CVE-2025-69612 2 Tms, Tmsglobalsoft 2 Management Console, Tms Management Console 2026-02-03 6.5 Medium
A path traversal vulnerability exists in TMS Management Console (version 6.3.7.27386.20250818) from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences (../) in the filePath parameter, allowing authenticated users to read arbitrary files, such as the server's Web.config.