Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
Select from 78 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-15505 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
vnotex vnote YAML Frontmatter markdownit.js cross site… |
vnotex |
vnote |
2026-07-12T19:15:07.533Z | 2026-07-12T19:15:07.533Z |
| CVE-2026-10668 |
2.4 (3.1)
|
Host-triggerable control-endpoint wedge (DoS) in Nuvot… |
zephyrproject |
zephyr |
2026-07-12T16:16:51.243Z | 2026-07-12T16:16:51.243Z |
| CVE-2026-10667 |
7.8 (3.1)
|
SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynami… |
zephyrproject |
zephyr |
2026-07-12T16:16:50.693Z | 2026-07-12T16:16:50.693Z |
| CVE-2026-10666 |
8.1 (3.1)
|
Stack buffer overflow in `net_ipaddr_parse()` IPv4 add… |
zephyrproject |
zephyr |
2026-07-12T16:16:50.160Z | 2026-07-12T16:16:50.160Z |
| CVE-2026-10665 |
7.4 (3.1)
|
Heap buffer overflow on WireGuard receive path via unb… |
zephyrproject |
zephyr |
2026-07-12T16:16:49.648Z | 2026-07-12T16:16:49.648Z |
| CVE-2026-10664 |
5 (3.1)
|
Out-of-bounds write in nRF70 Wi-Fi driver power-save e… |
zephyrproject |
zephyr |
2026-07-12T16:16:49.115Z | 2026-07-12T16:16:49.115Z |
| CVE-2026-10663 |
6.1 (3.1)
|
Use-after-free / double-free of the root USB device in… |
zephyrproject |
zephyr |
2026-07-12T16:16:48.576Z | 2026-07-12T16:16:48.576Z |
| CVE-2026-58596 |
8.3 (3.1)
|
Microsoft Edge (Chromium-based) Elevation of Privilege… |
Microsoft |
Microsoft Edge (Chromium-based) |
2026-07-12T15:22:59.392Z | 2026-07-12T19:05:03.154Z |
| CVE-2026-15502 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
AojiaoZero Antaris PayPal IPN Payment ipn.php _rewardP… |
AojiaoZero |
Antaris |
2026-07-12T12:45:07.222Z | 2026-07-12T12:45:07.222Z |
| CVE-2026-15501 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
AstrBotDevs AstrBot MCP Test Endpoint tools.py ToolsRo… |
AstrBotDevs |
AstrBot |
2026-07-12T12:30:07.184Z | 2026-07-12T12:30:07.184Z |
| CVE-2026-61876 |
9.4 (4.0)
8.8 (3.1)
|
LuCI DHCPv6 Lease Hostname Stored Cross-Site Scripting |
openwrt |
luci |
2026-07-12T12:07:55.788Z | 2026-07-12T12:07:55.788Z |
| CVE-2026-61875 |
8.7 (4.0)
8.8 (3.1)
|
luci-app-upnp Stored XSS via UPnP Port Mapping Description |
openwrt |
luci |
2026-07-12T12:06:36.956Z | 2026-07-12T12:06:36.956Z |
| CVE-2026-61874 |
2.3 (4.0)
3.1 (3.1)
|
filebrowser before 2.63.17 Stale Public Share via Trai… |
filebrowser |
filebrowser |
2026-07-12T12:06:36.293Z | 2026-07-12T12:06:36.293Z |
| CVE-2026-59260 |
8.7 (4.0)
8.8 (3.1)
|
OpenWrt luci-app-samba4 read ACL remote code execution… |
openwrt |
luci |
2026-07-12T12:06:35.592Z | 2026-07-12T12:06:35.592Z |
| CVE-2026-56336 |
6.9 (4.0)
5.3 (3.1)
|
Capgo - Information Disclosure via Unauthenticated SSO… |
Capgo |
Capgo |
2026-07-12T12:06:34.915Z | 2026-07-12T12:06:34.915Z |
| CVE-2026-56313 |
7.2 (4.0)
8.1 (3.1)
|
Capgo - Cross-Organization Account Disruption via SSO … |
Capgo |
Capgo |
2026-07-12T12:06:34.266Z | 2026-07-12T12:06:34.266Z |
| CVE-2026-56308 |
8.4 (4.0)
7.3 (3.1)
|
Capgo - Insufficient Authentication in Email Change Endpoint |
Capgo |
Capgo |
2026-07-12T12:06:33.602Z | 2026-07-12T12:06:33.602Z |
| CVE-2026-56281 |
5.1 (4.0)
3.8 (3.1)
|
Capgo - SQL Injection via Unvalidated limit Parameter … |
Capgo |
Capgo |
2026-07-12T12:06:32.940Z | 2026-07-12T12:06:32.940Z |
| CVE-2026-56271 |
9.3 (4.0)
9.8 (3.1)
|
Flowise - Weak Default JWT Secrets in Authentication M… |
Flowise |
Flowise |
2026-07-12T12:06:32.246Z | 2026-07-12T12:06:32.246Z |
| CVE-2026-56260 |
8.8 (4.0)
9.1 (3.1)
|
Crawl4AI - Arbitrary File Write via output_path Parameter |
Crawl4AI |
Crawl4AI |
2026-07-12T12:06:31.568Z | 2026-07-12T12:06:31.568Z |
| CVE-2026-56259 |
8.8 (4.0)
8.2 (3.1)
|
Crawl4AI - LLM Credential Exfiltration via base_url an… |
Crawl4AI |
Crawl4AI |
2026-07-12T12:06:30.919Z | 2026-07-12T12:06:30.919Z |
| CVE-2026-56252 |
5.3 (4.0)
5.4 (3.1)
|
Capgo - Scope Isolation Failure in Webhook Test Endpoint |
Capgo |
Capgo |
2026-07-12T12:06:30.257Z | 2026-07-12T12:06:30.257Z |
| CVE-2026-56241 |
7.2 (4.0)
8.3 (3.1)
|
Capgo - RBAC Demotion Privilege Retention via Stale or… |
Capgo |
Capgo |
2026-07-12T12:06:29.581Z | 2026-07-12T12:06:29.581Z |
| CVE-2026-56238 |
8.7 (4.0)
7.5 (3.1)
|
Capgo - Unauthenticated Information Disclosure via Pos… |
Capgo |
Capgo |
2026-07-12T12:06:28.923Z | 2026-07-12T12:06:28.923Z |
| CVE-2026-15500 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
AstrBotDevs AstrBot market_list Endpoint plugin.py get… |
AstrBotDevs |
AstrBot |
2026-07-12T12:00:07.716Z | 2026-07-12T12:00:07.716Z |
| CVE-2026-15499 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
AstrBotDevs AstrBot Scheduled Task cron_tools.py Futur… |
AstrBotDevs |
AstrBot |
2026-07-12T11:45:08.034Z | 2026-07-12T11:45:08.034Z |
| CVE-2026-15498 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
sergomanov SmartHomeAdatum Login users.php sql injection |
sergomanov |
SmartHomeAdatum |
2026-07-12T11:30:07.445Z | 2026-07-12T11:30:07.445Z |
| CVE-2026-15497 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
SonicCloudOrg sonic-agent JWT Authentication Filter Ex… |
SonicCloudOrg |
sonic-agent |
2026-07-12T11:15:07.681Z | 2026-07-12T11:15:07.681Z |
| CVE-2026-15496 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
SonicCloudOrg sonic-agent Groovy Script GroovyScriptIm… |
SonicCloudOrg |
sonic-agent |
2026-07-12T11:00:07.400Z | 2026-07-12T11:00:07.400Z |
| CVE-2026-15495 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
SonicCloudOrg sonic-agent Android WebSocket Server And… |
SonicCloudOrg |
sonic-agent |
2026-07-12T10:45:07.442Z | 2026-07-12T10:45:07.442Z |