CVE Tracker
487 records · 10 CISA KEV
A structured, cross-referenced database of 487 vulnerability records. Each record links the official CVSS severity (NVD), EPSS exploitation-probability (FIRST.org) and CISA KEV status. Filter, sort and download. All values are sourced and attributed; we add no opinion or risk rating of our own.
Source data as of:
Source: NVD · EPSS (FIRST.org) · CISA KEV
How to read these values
- CVSS — CVSS (NVD): a 0–10 severity score for the vulnerability itself. Higher is a more severe flaw, but a high CVSS does not by itself mean a record should be acted on first.
- EPSS — EPSS (FIRST.org): an estimated probability (0–1) that the vulnerability will be exploited in the wild in the next 30 days. It is a likelihood signal, distinct from CVSS severity.
- CISA KEV — CISA KEV: a yes/no flag for whether CISA has recorded the vulnerability as known to be exploited. Listing and dates are published by CISA.
Signals derived mechanically from the official source fields below (CVSS vector, CWE, EPSS percentile, CISA KEV, references). They restate facts — they are not a Quanteta risk rating, ranking or recommendation.
Filter & Sort
Showing 487 of 487 records
All records
| CVE ID | CVSS | Severity | EPSS | KEV | Signals | Affected vendors | Published |
|---|---|---|---|---|---|---|---|
| CVE-2026-21643 | 9.8 v3.1 | CRITICAL | 0.3391 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionSQL Injection | fortinet | 2026-02-06 |
| CVE-2005-2773 | 9.8 v3.1 | CRITICAL | 0.9030 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionCommand InjectionVendor advisory ref | hp | 2005-09-02 |
| CVE-2025-54236 | 9.1 v3.1 | CRITICAL | 0.7010 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionImproper Input ValidationVendor advisory ref | adobe | 2025-09-09 |
| CVE-2026-34197 | 8.8 v3.1 | HIGH | 0.0622 | Yes | CISA KEVEPSS highNetworkNo user interactionImproper Input ValidationCode InjectionVendor advisory ref | apache | 2026-04-07 |
| CVE-2006-2492 | 8.8 v3.1 | HIGH | 0.7783 | Yes | CISA KEVEPSS highNetworkNo privilegesBuffer OverflowVendor advisory ref | microsoft | 2006-05-20 |
| CVE-2025-27363 | 8.1 v3.1 | HIGH | 0.6344 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | freetype, debian | 2025-03-11 |
| CVE-2004-0210 | 7.8 v3.1 | HIGH | 0.0512 | Yes | CISA KEVNo user interactionBuffer OverflowVendor advisory ref | microsoft | 2004-08-06 |
| CVE-2002-0367 | 7.8 v3.1 | HIGH | 0.0123 | Yes | CISA KEVNo user interactionPrivilege ManagementVendor advisory ref | microsoft | 2002-06-25 |
| CVE-2006-1547 | 7.5 v3.1 | HIGH | 0.1537 | Yes | CISA KEVEPSS highNetworkNo privilegesNo user interactionVendor advisory ref | apache | 2006-03-30 |
| CVE-2004-1464 | 5.9 v3.1 | MEDIUM | 0.0170 | Yes | CISA KEVNetworkNo privilegesNo user interactionResource Exhaustion (DoS)Vendor advisory ref | cisco | 2004-12-31 |
| CVE-2025-62718 | 9.9 v3.1 | CRITICAL | 0.0003 | — | NetworkNo privilegesNo user interactionSSRFVendor advisory ref | axios | 2026-04-09 |
| CVE-2026-31843 | 9.8 v3.1 | CRITICAL | — | — | NetworkNo privilegesNo user interaction | — | 2026-04-16 |
| CVE-2026-3596 | 9.8 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interactionMissing Authorization | — | 2026-04-16 |
| CVE-2026-37345 | 9.8 v3.1 | CRITICAL | — | — | NetworkNo privilegesNo user interactionSQL Injection | — | 2026-04-16 |
| CVE-2026-30625 | 9.8 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interactionCommand InjectionVendor advisory ref | — | 2026-04-15 |
| CVE-2026-30993 | 9.8 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionCode Injection | — | 2026-04-15 |
| CVE-2025-61260 | 9.8 v3.1 | CRITICAL | 0.0002 | — | NetworkNo privilegesNo user interactionCode Injection | — | 2026-04-14 |
| CVE-2025-65133 | 9.8 v3.1 | CRITICAL | 0.0003 | — | NetworkNo privilegesNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-14 |
| CVE-2025-70023 | 9.8 v3.1 | CRITICAL | 0.0002 | — | NetworkNo privilegesNo user interaction | — | 2026-04-14 |
| CVE-2026-31049 | 9.8 v3.1 | CRITICAL | 0.0010 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-14 |
| CVE-2026-33698 | 9.8 v3.1 | CRITICAL | 0.0007 | — | NetworkNo privilegesNo user interactionVendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-5187 | 9.8 v3.1 | CRITICAL | 0.0005 | — | NetworkNo privilegesNo user interactionHeap OverflowOut-of-bounds Write | wolfssl | 2026-04-09 |
| CVE-2026-27143 | 9.8 v3.1 | CRITICAL | 0.0002 | — | NetworkNo privilegesNo user interactionVendor advisory ref | golang | 2026-04-08 |
| CVE-2026-5731 | 9.8 v3.1 | CRITICAL | 0.0007 | — | NetworkNo privilegesNo user interactionMemory CorruptionVendor advisory ref | mozilla | 2026-04-07 |
| CVE-2026-29139 | 9.8 v3.1 | CRITICAL | 0.0005 | — | NetworkNo privilegesNo user interaction | seppmail | 2026-04-02 |
| CVE-2026-33746 | 9.8 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interactionImproper AuthenticationVendor advisory ref | convoypanel | 2026-04-02 |
| CVE-2026-35002 | 9.8 v3.1 | CRITICAL | 0.0059 | — | NetworkNo privilegesNo user interactionVendor advisory ref | agno | 2026-04-02 |
| CVE-2026-33032 | 9.8 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionMissing AuthenticationVendor advisory ref | nginxui | 2026-03-30 |
| CVE-2026-22738 | 9.8 v3.1 | CRITICAL | 0.0009 | — | NetworkNo privilegesNo user interaction | vmware | 2026-03-27 |
| CVE-2026-32769 | 9.8 v3.1 | CRITICAL | 0.0005 | — | NetworkNo privilegesNo user interactionVendor advisory ref | ctfer | 2026-03-20 |
| CVE-2026-32771 | 9.8 v3.1 | CRITICAL | 0.0002 | — | NetworkNo privilegesNo user interactionPath TraversalVendor advisory ref | ctfer | 2026-03-20 |
| CVE-2026-32985 | 9.8 v3.1 | CRITICAL | 0.0076 | — | NetworkNo privilegesNo user interactionMissing AuthenticationUnrestricted Upload | apereo | 2026-03-20 |
| CVE-2025-11252 | 9.8 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interactionSQL Injection | signumtte | 2026-02-27 |
| CVE-2022-0239 | 9.8 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interactionXXEVendor advisory ref | stanford | 2022-01-17 |
| CVE-2019-5481 | 9.8 v3.1 | CRITICAL | 0.0302 | — | NetworkNo privilegesNo user interactionDouble Free | fedoraproject, opensuse, oracle, haxx, netapp, debian | 2019-09-16 |
| CVE-2026-1115 | 9.6 v3.1 | CRITICAL | 0.0005 | — | NetworkNo privilegesXSSVendor advisory ref | lollms | 2026-04-10 |
| CVE-2026-40088 | 9.6 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesOS Command InjectionVendor advisory ref | praison | 2026-04-09 |
| CVE-2026-30884 | 9.6 v3.1 | CRITICAL | 0.0002 | — | NetworkNo user interactionAuthorization Bypass (IDOR)Vendor advisory ref | — | 2026-03-18 |
| CVE-2026-37338 | 9.4 v3.1 | CRITICAL | — | — | NetworkNo privilegesNo user interactionSQL Injection | — | 2026-04-16 |
| CVE-2026-40173 | 9.4 v3.1 | CRITICAL | 0.0010 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | — | 2026-04-15 |
| CVE-2026-33707 | 9.4 v3.1 | CRITICAL | 0.0008 | — | NetworkNo privilegesNo user interactionVendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-27304 | 9.3 v3.1 | CRITICAL | 0.0004 | — | No privilegesNo user interactionImproper Input ValidationVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-39382 | 9.3 v4.0 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionOS Command InjectionVendor advisory ref | — | 2026-04-07 |
| CVE-2026-37347 | 9.1 v3.1 | CRITICAL | — | — | NetworkNo privilegesNo user interactionSQL Injection | — | 2026-04-16 |
| CVE-2026-6270 | 9.1 v3.1 | CRITICAL | — | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-31908 | 9.1 v3.1 | CRITICAL | 0.0003 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-14 |
| CVE-2026-39958 | 9.1 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-09 |
| CVE-2026-5194 | 9.1 v3.1 | CRITICAL | 0.0004 | — | NetworkNo privilegesNo user interaction | wolfssl | 2026-04-09 |
| CVE-2026-35580 | 9.1 v3.1 | CRITICAL | 0.0002 | — | NetworkNo user interactionCommand InjectionVendor advisory ref | nsa | 2026-04-07 |
| CVE-2026-29133 | 9.1 v3.1 | CRITICAL | 0.0009 | — | NetworkNo privilegesNo user interactionImproper Input Validation | seppmail | 2026-04-02 |
| CVE-2026-29143 | 9.1 v3.1 | CRITICAL | 0.0010 | — | NetworkNo privilegesNo user interactionImproper Input Validation | seppmail | 2026-04-02 |
| CVE-2026-33615 | 9.1 v3.1 | CRITICAL | 0.0010 | — | NetworkNo privilegesNo user interactionSQL InjectionVendor advisory ref | mbconnectline | 2026-04-02 |
| CVE-2026-34520 | 9.1 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionVendor advisory ref | aiohttp | 2026-04-01 |
| CVE-2026-25534 | 9.1 v3.1 | CRITICAL | 0.0005 | — | NetworkNo user interactionSSRFVendor advisory ref | — | 2026-03-17 |
| CVE-2026-29000 | 9.1 v3.1 | CRITICAL | 0.0006 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-03-04 |
| CVE-2026-40322 | 9.0 v3.1 | CRITICAL | — | — | NetworkXSSCode InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2023-3634 | 8.8 v3.1 | HIGH | 0.0029 | — | NetworkNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2025-14868 | 8.8 v3.1 | HIGH | 0.0002 | — | NetworkNo privilegesPath TraversalVendor advisory ref | — | 2026-04-16 |
| CVE-2026-1620 | 8.8 v3.1 | HIGH | 0.0008 | — | NetworkNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-3614 | 8.8 v3.1 | HIGH | 0.0002 | — | NetworkNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40308 | 8.8 v4.0 | HIGH | — | — | NetworkNo privilegesNo user interactionAuthorization Bypass (IDOR)Vendor advisory ref | — | 2026-04-16 |
| CVE-2026-6303 | 8.8 v3.1 | HIGH | 0.0008 | — | NetworkNo privilegesUse After FreeVendor advisory ref | — | 2026-04-15 |
| CVE-2026-6306 | 8.8 v3.1 | HIGH | 0.0007 | — | NetworkNo privilegesHeap OverflowVendor advisory ref | — | 2026-04-15 |
| CVE-2026-6318 | 8.8 v3.1 | HIGH | 0.0008 | — | NetworkNo privilegesUse After FreeVendor advisory ref | — | 2026-04-15 |
| CVE-2026-35063 | 8.8 v3.1 | HIGH | 0.0004 | — | NetworkNo user interactionMissing Authorization | openplcproject | 2026-04-09 |
| CVE-2026-27140 | 8.8 v3.1 | HIGH | 0.0002 | — | NetworkNo privilegesIncorrect AuthorizationVendor advisory ref | golang | 2026-04-08 |
| CVE-2026-5883 | 8.8 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesUse After FreeVendor advisory ref | 2026-04-08 | |
| CVE-2026-35610 | 8.8 v3.1 | HIGH | 0.0004 | — | NetworkNo user interactionImproper AuthorizationVendor advisory ref | polarlearn | 2026-04-07 |
| CVE-2019-25671 | 8.8 v3.1 | HIGH | 0.0041 | — | NetworkNo user interactionPath TraversalVendor advisory ref | — | 2026-04-05 |
| CVE-2019-25673 | 8.8 v3.1 | HIGH | 0.0007 | — | NetworkNo user interactionUnrestricted UploadVendor advisory ref | — | 2026-04-05 |
| CVE-2026-21765 | 8.8 v3.1 | HIGH | 0.0001 | — | No user interactionIncorrect Permissions | hcltech | 2026-04-02 |
| CVE-2026-32989 | 8.8 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesCSRFUnrestricted Upload | precurio | 2026-03-20 |
| CVE-2026-30917 | 8.8 v4.0 | HIGH | 0.0006 | — | NetworkNo privilegesNo user interactionXSSVendor advisory ref | — | 2026-03-10 |
| CVE-2026-40262 | 8.7 v3.1 | HIGH | — | — | NetworkXSSUnrestricted UploadVendor advisory ref | — | 2026-04-17 |
| CVE-2026-2336 | 8.7 v4.0 | HIGH | — | — | NetworkNo user interaction | — | 2026-04-16 |
| CVE-2026-33082 | 8.7 v4.0 | HIGH | — | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-33083 | 8.7 v4.0 | HIGH | — | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-33084 | 8.7 v4.0 | HIGH | — | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-33121 | 8.7 v4.0 | HIGH | — | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-35469 | 8.7 v4.0 | HIGH | — | — | NetworkNo privilegesNo user interactionResource ExhaustionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-39313 | 8.7 v4.0 | HIGH | — | — | NetworkNo privilegesNo user interactionResource ExhaustionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40246 | 8.7 v4.0 | HIGH | — | — | NetworkNo privilegesNo user interactionImproper AuthorizationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40247 | 8.7 v4.0 | HIGH | — | — | NetworkNo privilegesNo user interactionImproper AuthorizationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40248 | 8.7 v4.0 | HIGH | — | — | NetworkNo privilegesNo user interactionImproper AuthorizationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40900 | 8.7 v4.0 | HIGH | — | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-34735 | 8.7 v4.0 | HIGH | 0.0007 | — | NetworkNo user interactionUnrestricted UploadVendor advisory ref | — | 2026-04-02 |
| CVE-2026-32268 | 8.7 v4.0 | HIGH | 0.0002 | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-03-18 |
| CVE-2026-32129 | 8.7 v4.0 | HIGH | 0.0002 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-03-12 |
| CVE-2026-31812 | 8.7 v4.0 | HIGH | 0.0018 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-03-10 |
| CVE-2026-22734 | 8.6 v3.1 | HIGH | — | — | NetworkNo privilegesNo user interaction | — | 2026-04-17 |
| CVE-2026-33122 | 8.6 v4.0 | HIGH | — | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-33207 | 8.6 v4.0 | HIGH | — | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-27305 | 8.6 v3.1 | HIGH | 0.0012 | — | NetworkNo privilegesNo user interactionPath TraversalVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-34622 | 8.6 v3.1 | HIGH | 0.0012 | — | No privilegesVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-22742 | 8.6 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interactionSSRF | vmware | 2026-03-27 |
| CVE-2026-20039 | 8.6 v3.1 | HIGH | 0.0018 | — | NetworkNo privilegesNo user interactionVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-20101 | 8.6 v3.1 | HIGH | 0.0015 | — | NetworkNo privilegesNo user interactionVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-20103 | 8.6 v3.1 | HIGH | 0.0007 | — | NetworkNo privilegesNo user interactionResource ExhaustionVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-40318 | 8.5 v3.1 | HIGH | — | — | NetworkNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40744 | 8.5 v3.1 | HIGH | 0.0002 | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-15 |
| CVE-2026-5173 | 8.5 v3.1 | HIGH | 0.0002 | — | NetworkNo user interactionVendor advisory ref | gitlab | 2026-04-08 |
| CVE-2026-32261 | 8.5 v4.0 | HIGH | 0.0001 | — | NetworkNo user interactionVendor advisory ref | — | 2026-03-16 |
| CVE-2026-27306 | 8.4 v3.1 | HIGH | 0.0004 | — | No user interactionImproper Input ValidationVendor advisory ref | adobe | 2026-04-14 |
| CVE-2019-25656 | 8.4 v3.1 | HIGH | 0.0002 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-04-05 |
| CVE-2018-25251 | 8.4 v3.1 | HIGH | 0.0002 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-04-04 |
| CVE-2018-25255 | 8.4 v3.1 | HIGH | 0.0002 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-04-04 |
| CVE-2019-25603 | 8.4 v3.1 | HIGH | 0.0002 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25604 | 8.4 v3.1 | HIGH | 0.0002 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25607 | 8.4 v3.1 | HIGH | 0.0002 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25608 | 8.4 v3.1 | HIGH | 0.0002 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25609 | 8.4 v3.1 | HIGH | 0.0002 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25611 | 8.4 v3.1 | HIGH | 0.0002 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25615 | 8.4 v3.1 | HIGH | 0.0002 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2026-40899 | 8.3 v4.0 | HIGH | — | — | NetworkNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-6442 | 8.3 v3.1 | HIGH | — | — | NetworkNo privileges | — | 2026-04-16 |
| CVE-2026-30461 | 8.3 v3.1 | HIGH | 0.0005 | — | NetworkNo user interactionCommand Injection | — | 2026-04-15 |
| CVE-2026-3324 | 8.2 v3.1 | HIGH | — | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40104 | 8.2 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interactionResource ExhaustionVendor advisory ref | — | 2026-04-15 |
| CVE-2026-34725 | 8.2 v3.1 | HIGH | 0.0002 | — | XSSCode InjectionVendor advisory ref | — | 2026-04-02 |
| CVE-2026-34042 | 8.2 v3.1 | HIGH | 0.0006 | — | NetworkNo privilegesMissing AuthorizationVendor advisory ref | — | 2026-03-31 |
| CVE-2026-32616 | 8.2 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesInjectionVendor advisory ref | — | 2026-03-16 |
| CVE-2026-32138 | 8.2 v3.1 | HIGH | 0.0007 | — | NetworkNo privilegesNo user interactionHard-coded CredentialsVendor advisory ref | — | 2026-03-12 |
| CVE-2026-3605 | 8.1 v3.1 | HIGH | — | — | NetworkNo user interaction | — | 2026-04-17 |
| CVE-2026-40259 | 8.1 v3.1 | HIGH | — | — | NetworkNo user interactionImproper AuthorizationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-41113 | 8.1 v3.1 | HIGH | — | — | NetworkNo privilegesNo user interactionOS Command InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-5785 | 8.1 v3.1 | HIGH | — | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2025-54550 | 8.1 v3.1 | HIGH | 0.0003 | — | NetworkNo user interactionCode InjectionVendor advisory ref | — | 2026-04-15 |
| CVE-2026-40393 | 8.1 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interactionOut-of-bounds Write | mesa3d | 2026-04-12 |
| CVE-2026-35604 | 8.1 v3.1 | HIGH | 0.0007 | — | NetworkNo user interactionIncorrect AuthorizationVendor advisory ref | filebrowser | 2026-04-07 |
| CVE-2026-35607 | 8.1 v3.1 | HIGH | 0.0009 | — | NetworkNo privilegesNo user interactionPrivilege ManagementVendor advisory ref | filebrowser | 2026-04-07 |
| CVE-2026-4636 | 8.1 v3.1 | HIGH | 0.0003 | — | NetworkNo user interaction | redhat | 2026-04-02 |
| CVE-2022-22576 | 8.1 v3.1 | HIGH | 0.0034 | — | NetworkNo user interactionImproper AuthenticationMissing Authentication | brocade, haxx, splunk, netapp, debian | 2022-05-26 |
| CVE-2026-22619 | 7.8 v3.1 | HIGH | 0.0001 | — | No user interactionUncontrolled Search Path | — | 2026-04-16 |
| CVE-2026-27238 | 7.8 v3.1 | HIGH | 0.0003 | — | No privilegesHeap OverflowVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-27283 | 7.8 v3.1 | HIGH | 0.0003 | — | No privilegesUse After FreeVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-27284 | 7.8 v3.1 | HIGH | 0.0003 | — | No privilegesOut-of-bounds ReadVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-27291 | 7.8 v3.1 | HIGH | 0.0003 | — | No privilegesOut-of-bounds WriteVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-34627 | 7.8 v3.1 | HIGH | 0.0003 | — | No privilegesHeap OverflowVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-34628 | 7.8 v3.1 | HIGH | 0.0003 | — | No privilegesHeap OverflowVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-34629 | 7.8 v3.1 | HIGH | 0.0003 | — | No privilegesHeap OverflowVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-33793 | 7.8 v3.1 | HIGH | 0.0001 | — | No user interaction | juniper | 2026-04-09 |
| CVE-2026-35625 | 7.8 v3.1 | HIGH | 0.0004 | — | No user interactionVendor advisory ref | openclaw | 2026-04-09 |
| CVE-2016-20056 | 7.8 v3.1 | HIGH | 0.0001 | — | No user interactionVendor advisory ref | — | 2026-04-04 |
| CVE-2016-20060 | 7.8 v3.1 | HIGH | 0.0001 | — | No user interactionVendor advisory ref | — | 2026-04-04 |
| CVE-2016-20061 | 7.8 v3.1 | HIGH | 0.0001 | — | No user interactionVendor advisory ref | — | 2026-04-04 |
| CVE-2026-34990 | 7.8 v3.1 | HIGH | 0.0001 | — | No user interactionImproper AuthenticationVendor advisory ref | openprinting | 2026-04-03 |
| CVE-2019-25612 | 7.8 v3.1 | HIGH | 0.0001 | — | No privilegesOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2025-61662 | 7.8 v3.1 | HIGH | 0.0001 | — | No user interactionUse After Free | gnu | 2025-11-18 |
| CVE-2026-34619 | 7.7 v3.1 | HIGH | 0.0006 | — | NetworkNo user interactionPath TraversalVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-20014 | 7.7 v3.1 | HIGH | 0.0018 | — | NetworkNo user interactionMemory LeakVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-20049 | 7.7 v3.1 | HIGH | 0.0018 | — | NetworkNo user interactionVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-20105 | 7.7 v3.1 | HIGH | 0.0010 | — | NetworkNo user interactionMemory LeakVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-4525 | 7.5 v3.1 | HIGH | — | — | NetworkNo user interaction | — | 2026-04-17 |
| CVE-2026-5807 | 7.5 v3.1 | HIGH | — | — | NetworkNo privilegesNo user interactionResource Exhaustion | — | 2026-04-17 |
| CVE-2024-2374 | 7.5 v3.1 | HIGH | 0.0001 | — | NetworkNo privilegesNo user interactionXXEVendor advisory ref | — | 2026-04-16 |
| CVE-2026-30656 | 7.5 v3.1 | HIGH | — | — | NetworkNo privilegesNo user interactionNULL Pointer Deref | — | 2026-04-16 |
| CVE-2026-3489 | 7.5 v3.1 | HIGH | 0.0006 | — | NetworkNo privilegesNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-3599 | 7.5 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40170 | 7.5 v3.1 | HIGH | — | — | NetworkNo privilegesNo user interactionStack OverflowVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40245 | 7.5 v3.1 | HIGH | 0.0010 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40901 | 7.5 v4.0 | HIGH | — | — | NetworkNo user interactionInsecure DeserializationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-5050 | 7.5 v3.1 | HIGH | 0.0001 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2025-67841 | 7.5 v3.1 | HIGH | 0.0002 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-15 |
| CVE-2026-30778 | 7.5 v3.1 | HIGH | 0.0002 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-15 |
| CVE-2026-5088 | 7.5 v3.1 | HIGH | 0.0002 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-15 |
| CVE-2026-6308 | 7.5 v3.1 | HIGH | 0.0008 | — | NetworkNo privilegesOut-of-bounds ReadVendor advisory ref | — | 2026-04-15 |
| CVE-2026-6319 | 7.5 v3.1 | HIGH | 0.0008 | — | NetworkNo privilegesUse After FreeVendor advisory ref | — | 2026-04-15 |
| CVE-2026-27282 | 7.5 v3.1 | HIGH | 0.0021 | — | NetworkNo privilegesNo user interactionImproper Input ValidationVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-5756 | 7.5 v3.1 | HIGH | 0.0003 | — | NetworkNo privilegesNo user interaction | — | 2026-04-14 |
| CVE-2026-33710 | 7.5 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interactionVendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-6067 | 7.5 v3.1 | HIGH | 0.0007 | — | NetworkNo privilegesNo user interactionOut-of-bounds Write | nasm | 2026-04-10 |
| CVE-2026-6069 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interactionOut-of-bounds Write | nasm | 2026-04-10 |
| CVE-2026-35556 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interaction | openplcproject | 2026-04-09 |
| CVE-2026-32280 | 7.5 v3.1 | HIGH | 0.0002 | — | NetworkNo privilegesNo user interactionResource ExhaustionVendor advisory ref | golang | 2026-04-08 |
| CVE-2026-32281 | 7.5 v3.1 | HIGH | 0.0002 | — | NetworkNo privilegesNo user interactionVendor advisory ref | golang | 2026-04-08 |
| CVE-2026-32283 | 7.5 v3.1 | HIGH | 0.0002 | — | NetworkNo privilegesNo user interactionResource ExhaustionVendor advisory ref | golang | 2026-04-08 |
| CVE-2026-24146 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interaction | nvidia | 2026-04-07 |
| CVE-2026-24173 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interactionInteger Overflow | nvidia | 2026-04-07 |
| CVE-2026-24174 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interaction | nvidia | 2026-04-07 |
| CVE-2026-24175 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interaction | nvidia | 2026-04-07 |
| CVE-2026-35605 | 7.5 v3.1 | HIGH | 0.0007 | — | NetworkNo privilegesNo user interactionPath TraversalVendor advisory ref | filebrowser | 2026-04-07 |
| CVE-2026-35606 | 7.5 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | filebrowser | 2026-04-07 |
| CVE-2018-25241 | 7.5 v3.1 | HIGH | 0.0006 | — | NetworkNo privilegesNo user interactionMissing AuthenticationVendor advisory ref | — | 2026-04-04 |
| CVE-2018-25245 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-04 |
| CVE-2018-25246 | 7.5 v3.1 | HIGH | 0.0006 | — | NetworkNo privilegesNo user interactionMissing AuthenticationVendor advisory ref | — | 2026-04-04 |
| CVE-2026-34980 | 7.5 v3.1 | HIGH | 0.0004 | — | No privilegesNo user interactionImproper Input ValidationVendor advisory ref | openprinting | 2026-04-03 |
| CVE-2026-29131 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interactionLDAP Injection | seppmail | 2026-04-02 |
| CVE-2026-29132 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interactionMissing Authentication | seppmail | 2026-04-02 |
| CVE-2026-29134 | 7.5 v3.1 | HIGH | 0.0008 | — | NetworkNo privilegesNo user interaction | seppmail | 2026-04-02 |
| CVE-2026-29135 | 7.5 v3.1 | HIGH | 0.0010 | — | NetworkNo privilegesNo user interactionImproper Input Validation | seppmail | 2026-04-02 |
| CVE-2026-29138 | 7.5 v3.1 | HIGH | 0.0006 | — | NetworkNo privilegesNo user interactionLDAP Injection | seppmail | 2026-04-02 |
| CVE-2026-33614 | 7.5 v3.1 | HIGH | 0.0006 | — | NetworkNo privilegesNo user interactionSQL InjectionVendor advisory ref | mbconnectline | 2026-04-02 |
| CVE-2026-33616 | 7.5 v3.1 | HIGH | 0.0006 | — | NetworkNo privilegesNo user interactionSQL InjectionVendor advisory ref | mbconnectline | 2026-04-02 |
| CVE-2026-34601 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interactionXML InjectionVendor advisory ref | — | 2026-04-02 |
| CVE-2026-34785 | 7.5 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | rack | 2026-04-02 |
| CVE-2026-34829 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interactionResource Exhaustion (DoS)Resource ExhaustionVendor advisory ref | rack | 2026-04-02 |
| CVE-2026-4634 | 7.5 v3.1 | HIGH | 0.0009 | — | NetworkNo privilegesNo user interaction | redhat | 2026-04-02 |
| CVE-2026-5121 | 7.5 v3.1 | HIGH | 0.0009 | — | NetworkNo privilegesNo user interactionInteger OverflowVendor advisory ref | libarchive, redhat | 2026-03-30 |
| CVE-2026-22743 | 7.5 v3.1 | HIGH | 0.0006 | — | NetworkNo privilegesNo user interactionSQL Injection | vmware | 2026-03-27 |
| CVE-2026-22744 | 7.5 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interaction | vmware | 2026-03-27 |
| CVE-2026-4867 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interactionVendor advisory ref | pillarjs | 2026-03-26 |
| CVE-2026-4926 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interactionResource Exhaustion (DoS)Vendor advisory ref | pillarjs | 2026-03-26 |
| CVE-2019-25560 | 7.5 v3.1 | HIGH | 0.0005 | — | NetworkNo privilegesNo user interactionVendor advisory ref | lyricvideocreator | 2026-03-21 |
| CVE-2026-32873 | 7.5 v3.1 | HIGH | 0.0002 | — | NetworkNo privilegesNo user interactionVendor advisory ref | vshakitskiy | 2026-03-20 |
| CVE-2026-4424 | 7.5 v3.1 | HIGH | 0.0017 | — | NetworkNo privilegesNo user interactionOut-of-bounds Read | — | 2026-03-19 |
| CVE-2026-4111 | 7.5 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interaction | — | 2026-03-13 |
| CVE-2025-70873 | 7.5 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interaction | sqlite | 2026-03-12 |
| CVE-2026-28356 | 7.5 v3.1 | HIGH | 0.0082 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-03-12 |
| CVE-2025-61594 | 7.5 v3.1 | HIGH | 0.0001 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | ruby-lang | 2025-12-30 |
| CVE-2022-27781 | 7.5 v3.1 | HIGH | 0.0008 | — | NetworkNo privilegesNo user interactionResource Exhaustion (DoS) | splunk, netapp, debian, haxx | 2022-06-02 |
| CVE-2022-27782 | 7.5 v3.1 | HIGH | 0.0047 | — | NetworkNo privilegesNo user interaction | splunk, debian, haxx | 2022-06-02 |
| CVE-2021-22946 | 7.5 v3.1 | HIGH | 0.0008 | — | NetworkNo privilegesNo user interactionVendor advisory ref | fedoraproject, siemens, oracle, haxx, splunk, netapp, apple, debian | 2021-09-29 |
| CVE-2021-23840 | 7.5 v3.1 | HIGH | 0.0062 | — | NetworkNo privilegesNo user interactionInteger OverflowVendor advisory ref | openssl, nodejs, mcafee, oracle, debian, fujitsu, tenable | 2021-02-16 |
| CVE-2020-8285 | 7.5 v3.1 | HIGH | 0.0074 | — | NetworkNo privilegesNo user interactionUncontrolled RecursionOut-of-bounds WriteVendor advisory ref | fedoraproject, siemens, splunk, oracle, haxx, fujitsu, netapp, apple, debian | 2020-12-14 |
| CVE-2016-8747 | 7.5 v3.1 | HIGH | 0.0315 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | apache, netapp | 2017-03-14 |
| CVE-2026-33804 | 7.4 v3.1 | HIGH | — | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-41015 | 7.4 v3.1 | HIGH | 0.0001 | — | No privilegesNo user interactionOS Command InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-41035 | 7.4 v3.1 | HIGH | 0.0001 | — | NetworkNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-33797 | 7.4 v3.1 | HIGH | 0.0003 | — | No privilegesNo user interactionImproper Input Validation | juniper | 2026-04-09 |
| CVE-2026-4282 | 7.4 v3.1 | HIGH | 0.0004 | — | NetworkNo privilegesNo user interaction | redhat | 2026-04-02 |
| CVE-2026-2378 | 7.4 v3.1 | HIGH | 0.0003 | — | NetworkNo privilegesVendor advisory ref | thebrowser | 2026-03-20 |
| CVE-2021-3712 | 7.4 v3.1 | HIGH | 0.0041 | — | NetworkNo privilegesNo user interactionOut-of-bounds ReadVendor advisory ref | openssl, mcafee, oracle, debian, netapp, siemens, tenable | 2021-08-24 |
| CVE-2026-23772 | 7.3 v3.1 | HIGH | 0.0001 | — | No user interactionPrivilege Management | — | 2026-04-16 |
| CVE-2026-37336 | 7.3 v3.1 | HIGH | — | — | NetworkNo privilegesNo user interactionSQL Injection | — | 2026-04-16 |
| CVE-2026-37337 | 7.3 v3.1 | HIGH | — | — | NetworkNo privilegesNo user interactionSQL Injection | — | 2026-04-16 |
| CVE-2026-41082 | 7.3 v3.1 | HIGH | — | — | No privilegesNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-35574 | 7.3 v3.1 | HIGH | 0.0003 | — | NetworkXSSVendor advisory ref | churchcrm | 2026-04-07 |
| CVE-2026-3872 | 7.3 v3.1 | HIGH | 0.0003 | — | Network | redhat | 2026-04-02 |
| CVE-2026-5231 | 7.2 v3.1 | HIGH | — | — | NetworkNo privilegesNo user interactionXSSVendor advisory ref | — | 2026-04-17 |
| CVE-2026-3876 | 7.2 v3.1 | HIGH | 0.0002 | — | NetworkNo privilegesNo user interactionXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2026-6361 | 7.2 v3.1 | HIGH | 0.0001 | — | NetworkNo privilegesNo user interactionHeap OverflowVendor advisory ref | — | 2026-04-15 |
| CVE-2026-29002 | 7.2 v3.1 | HIGH | 0.0004 | — | NetworkNo user interactionAuthorization Bypass (IDOR)Vendor advisory ref | couchcms | 2026-04-10 |
| CVE-2026-35581 | 7.2 v3.1 | HIGH | 0.0008 | — | NetworkNo user interactionOS Command InjectionVendor advisory ref | nsa | 2026-04-07 |
| CVE-2026-35585 | 7.2 v3.1 | HIGH | 0.0109 | — | NetworkNo user interactionOS Command InjectionVendor advisory ref | filebrowser | 2026-04-07 |
| CVE-2026-33613 | 7.2 v3.1 | HIGH | 0.0015 | — | NetworkNo user interactionOS Command InjectionVendor advisory ref | mbconnectline | 2026-04-02 |
| CVE-2025-6586 | 7.2 v3.1 | HIGH | 0.0023 | — | NetworkNo user interactionUnrestricted UploadVendor advisory ref | metagauss | 2025-07-04 |
| CVE-2025-54502 | 7.1 v4.0 | HIGH | — | — | No user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-30459 | 7.1 v3.1 | HIGH | — | — | NetworkNo privileges | — | 2026-04-16 |
| CVE-2026-6409 | 7.1 v4.0 | HIGH | — | — | NetworkNo privilegesImproper Input ValidationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-33702 | 7.1 v3.1 | HIGH | 0.0004 | — | NetworkNo user interactionAuthorization Bypass (IDOR)Vendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-33704 | 7.1 v3.1 | HIGH | 0.0024 | — | NetworkNo user interactionUnrestricted UploadVendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-33706 | 7.1 v3.1 | HIGH | 0.0003 | — | NetworkNo user interactionPrivilege ManagementVendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-39972 | 7.1 v4.0 | HIGH | 0.0009 | — | NetworkNo user interactionVendor advisory ref | — | 2026-04-09 |
| CVE-2026-27144 | 7.1 v3.1 | HIGH | 0.0001 | — | No user interactionVendor advisory ref | golang | 2026-04-08 |
| CVE-2026-22682 | 7.1 v3.1 | HIGH | 0.0001 | — | No user interactionIncorrect AuthorizationVendor advisory ref | — | 2026-04-07 |
| CVE-2026-32720 | 7.1 v4.0 | HIGH | 0.0006 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-03-16 |
| CVE-2026-31827 | 7.1 v4.0 | HIGH | 0.0005 | — | NetworkNo user interactionRace ConditionVendor advisory ref | — | 2026-03-10 |
| CVE-2026-40260 | 6.9 v4.0 | MEDIUM | — | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-17 |
| CVE-2026-40249 | 6.9 v4.0 | MEDIUM | — | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-32265 | 6.9 v4.0 | MEDIUM | 0.0002 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | — | 2026-03-18 |
| CVE-2026-3497 | 6.9 v4.0 | MEDIUM | 0.0003 | — | NetworkNo privilegesNo user interaction | — | 2026-03-12 |
| CVE-2026-40253 | 6.8 v3.1 | MEDIUM | — | — | No privilegesNo user interactionOut-of-bounds ReadVendor advisory ref | — | 2026-04-16 |
| CVE-2026-21003 | 6.8 v3.1 | MEDIUM | 0.0004 | — | No privilegesNo user interaction | samsung | 2026-04-13 |
| CVE-2026-40191 | 6.8 v4.0 | MEDIUM | 0.0001 | — | No user interactionIncorrect AuthorizationVendor advisory ref | — | 2026-04-10 |
| CVE-2026-35586 | 6.8 v3.1 | MEDIUM | 0.0002 | — | NetworkNo user interactionIncorrect AuthorizationVendor advisory ref | pyload-ng_project | 2026-04-07 |
| CVE-2026-20050 | 6.8 v3.1 | MEDIUM | 0.0015 | — | NetworkNo privilegesNo user interactionVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-33791 | 6.7 v3.1 | MEDIUM | 0.0006 | — | No user interactionOS Command Injection | juniper | 2026-04-09 |
| CVE-2025-43937 | 6.6 v3.1 | MEDIUM | — | — | — | 2026-04-16 | |
| CVE-2026-3488 | 6.5 v3.1 | MEDIUM | — | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-17 |
| CVE-2026-4666 | 6.5 v3.1 | MEDIUM | — | — | NetworkNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-17 |
| CVE-2026-4817 | 6.5 v3.1 | MEDIUM | — | — | NetworkNo user interactionSQL Injection | — | 2026-04-17 |
| CVE-2026-6080 | 6.5 v3.1 | MEDIUM | — | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-17 |
| CVE-2026-22616 | 6.5 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interaction | — | 2026-04-16 |
| CVE-2026-3773 | 6.5 v3.1 | MEDIUM | 0.0001 | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-3861 | 6.5 v3.1 | MEDIUM | 0.0001 | — | NetworkNo privileges | — | 2026-04-16 |
| CVE-2026-40734 | 6.5 v3.1 | MEDIUM | 0.0003 | — | NetworkXSSVendor advisory ref | — | 2026-04-15 |
| CVE-2026-6364 | 6.5 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privilegesOut-of-bounds ReadVendor advisory ref | — | 2026-04-15 |
| CVE-2026-30480 | 6.5 v3.1 | MEDIUM | 0.0002 | — | NetworkNo user interaction | — | 2026-04-14 |
| CVE-2026-38533 | 6.5 v3.1 | MEDIUM | 0.0003 | — | NetworkNo user interactionImproper AuthorizationVendor advisory ref | — | 2026-04-14 |
| CVE-2026-33703 | 6.5 v3.1 | MEDIUM | 0.0004 | — | NetworkNo user interactionAuthorization Bypass (IDOR)Vendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-33708 | 6.5 v3.1 | MEDIUM | 0.0003 | — | NetworkNo user interactionMissing AuthorizationVendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-33736 | 6.5 v3.1 | MEDIUM | 0.0003 | — | NetworkNo user interactionAuthorization Bypass (IDOR)Vendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-6068 | 6.5 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionUse After Free | nasm | 2026-04-10 |
| CVE-2026-35627 | 6.5 v3.1 | MEDIUM | 0.0010 | — | NetworkNo privilegesNo user interactionVendor advisory ref | openclaw | 2026-04-09 |
| CVE-2026-35636 | 6.5 v3.1 | MEDIUM | 0.0003 | — | NetworkNo user interactionVendor advisory ref | openclaw | 2026-04-09 |
| CVE-2026-40107 | 6.5 v3.1 | MEDIUM | 0.0006 | — | NetworkNo privilegesSSRFVendor advisory ref | b3log | 2026-04-09 |
| CVE-2026-35492 | 6.5 v3.1 | MEDIUM | 0.0001 | — | NetworkNo user interactionPath TraversalVendor advisory ref | — | 2026-04-07 |
| CVE-2026-35584 | 6.5 v3.1 | MEDIUM | 0.0007 | — | NetworkNo privilegesNo user interactionMissing AuthenticationAuthorization Bypass (IDOR)Vendor advisory ref | freescout | 2026-04-07 |
| CVE-2026-34978 | 6.5 v3.1 | MEDIUM | 0.0008 | — | NetworkNo privilegesNo user interactionPath TraversalVendor advisory ref | openprinting | 2026-04-03 |
| CVE-2026-34531 | 6.5 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionImproper AuthenticationVendor advisory ref | miguelgrinberg | 2026-04-01 |
| CVE-2019-25600 | 6.5 v3.1 | MEDIUM | 0.0005 | — | NetworkNo privilegesOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25610 | 6.5 v3.1 | MEDIUM | 0.0027 | — | NetworkNo user interactionPath TraversalVendor advisory ref | — | 2026-03-22 |
| CVE-2026-30870 | 6.5 v3.1 | MEDIUM | 0.0004 | — | NetworkNo user interactionImproper AuthorizationVendor advisory ref | — | 2026-03-10 |
| CVE-2021-22922 | 6.5 v3.1 | MEDIUM | 0.0015 | — | NetworkNo privilegesVendor advisory ref | fedoraproject, oracle, haxx, splunk, netapp, siemens | 2021-08-05 |
| CVE-2017-1000100 | 6.5 v3.1 | MEDIUM | 0.0096 | — | NetworkNo privilegesInformation Exposure | haxx | 2017-10-05 |
| CVE-2017-1000101 | 6.5 v3.1 | MEDIUM | 0.0062 | — | NetworkNo privilegesMemory Corruption | haxx | 2017-10-05 |
| CVE-2026-5162 | 6.4 v3.1 | MEDIUM | — | — | NetworkNo user interactionXSSVendor advisory ref | — | 2026-04-17 |
| CVE-2025-13364 | 6.4 v3.1 | MEDIUM | 0.0001 | — | NetworkNo user interactionXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2026-1572 | 6.4 v3.1 | MEDIUM | 0.0002 | — | NetworkNo user interactionXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2026-2840 | 6.4 v3.1 | MEDIUM | — | — | NetworkNo user interactionXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2026-3875 | 6.4 v3.1 | MEDIUM | 0.0001 | — | NetworkNo user interactionXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2026-32282 | 6.4 v3.1 | MEDIUM | 0.0001 | — | No user interactionVendor advisory ref | golang | 2026-04-08 |
| CVE-2026-40118 | 6.3 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privileges | — | 2026-04-16 |
| CVE-2026-6362 | 6.3 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privilegesUse After FreeVendor advisory ref | — | 2026-04-15 |
| CVE-2026-34626 | 6.3 v3.1 | MEDIUM | 0.0003 | — | No privilegesVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-39977 | 6.3 v3.1 | MEDIUM | 0.0006 | — | No privilegesPath TraversalVendor advisory ref | flatpak | 2026-04-09 |
| CVE-2026-41030 | 6.2 v3.1 | MEDIUM | 0.0000 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2019-25659 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-04-05 |
| CVE-2019-25661 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-04-05 |
| CVE-2018-25238 | 6.2 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionImproper Memory AccessVendor advisory ref | — | 2026-04-04 |
| CVE-2018-25239 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-04-04 |
| CVE-2018-25240 | 6.2 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionImproper Memory AccessVendor advisory ref | — | 2026-04-04 |
| CVE-2018-25242 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-04-04 |
| CVE-2018-25243 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-04-04 |
| CVE-2018-25244 | 6.2 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-04-04 |
| CVE-2019-25590 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25591 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25592 | 6.2 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionImproper Memory AccessVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25594 | 6.2 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25595 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25598 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25599 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25601 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25616 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionUnrestricted UploadVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25617 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25618 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25544 | 6.2 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionVendor advisory ref | pidgin | 2026-03-21 |
| CVE-2019-25545 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | lizardsystems | 2026-03-21 |
| CVE-2019-25548 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | bluestacks | 2026-03-21 |
| CVE-2019-25549 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | verypdf | 2026-03-21 |
| CVE-2019-25550 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | verypdf | 2026-03-21 |
| CVE-2019-25558 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | pixarra | 2026-03-21 |
| CVE-2019-25561 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | jetaudio | 2026-03-21 |
| CVE-2019-25565 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | magiciso | 2026-03-21 |
| CVE-2019-25566 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | acutesystems | 2026-03-21 |
| CVE-2019-25567 | 6.2 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionOut-of-bounds WriteVendor advisory ref | valentina-db | 2026-03-21 |
| CVE-2024-10242 | 6.1 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privilegesXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2025-6024 | 6.1 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privilegesXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2026-3355 | 6.1 v3.1 | MEDIUM | 0.0002 | — | NetworkNo privilegesXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40255 | 6.1 v3.1 | MEDIUM | — | — | NetworkNo privilegesVendor advisory ref | — | 2026-04-16 |
| CVE-2026-5754 | 6.1 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privileges | — | 2026-04-14 |
| CVE-2026-31262 | 6.1 v3.1 | MEDIUM | 0.0006 | — | NetworkNo privilegesInformation Exposure | altenar | 2026-04-10 |
| CVE-2025-63238 | 6.1 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privilegesXSSVendor advisory ref | limesurvey | 2026-04-09 |
| CVE-2025-70797 | 6.1 v3.1 | MEDIUM | 0.0006 | — | NetworkNo privilegesXSS | limesurvey | 2026-04-09 |
| CVE-2026-32289 | 6.1 v3.1 | MEDIUM | 0.0001 | — | NetworkNo privilegesXSSVendor advisory ref | golang | 2026-04-08 |
| CVE-2026-29136 | 6.1 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privilegesXSS | seppmail | 2026-04-02 |
| CVE-2026-3635 | 6.1 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | fastify | 2026-03-23 |
| CVE-2026-31382 | 6.1 v3.1 | MEDIUM | 0.0001 | — | NetworkNo privilegesXSS | gainsight | 2026-03-20 |
| CVE-2026-32986 | 6.1 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privilegesXSS | textpattern | 2026-03-20 |
| CVE-2026-20102 | 6.1 v3.1 | MEDIUM | 0.0002 | — | NetworkNo privilegesXSSVendor advisory ref | cisco | 2026-03-04 |
| CVE-2025-12624 | 6.0 v3.1 | MEDIUM | 0.0003 | — | NetworkNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-22615 | 6.0 v3.1 | MEDIUM | 0.0003 | — | NetworkImproper Input Validation | — | 2026-04-16 |
| CVE-2026-20008 | 6.0 v3.1 | MEDIUM | 0.0003 | — | No user interactionOS Command InjectionVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-40265 | 5.9 v3.1 | MEDIUM | — | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-17 |
| CVE-2025-54510 | 5.9 v4.0 | MEDIUM | — | — | No user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-22618 | 5.9 v3.1 | MEDIUM | 0.0001 | — | NetworkNo privileges | — | 2026-04-16 |
| CVE-2026-6414 | 5.9 v3.1 | MEDIUM | — | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-34830 | 5.9 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionVendor advisory ref | rack | 2026-04-02 |
| CVE-2026-4923 | 5.9 v3.1 | MEDIUM | 0.0005 | — | NetworkNo privilegesNo user interactionVendor advisory ref | pillarjs | 2026-03-26 |
| CVE-2021-22947 | 5.9 v3.1 | MEDIUM | 0.0025 | — | NetworkNo privilegesNo user interactionVendor advisory ref | fedoraproject, splunk, oracle, haxx, apple, netapp, siemens, debian | 2021-09-29 |
| CVE-2026-25704 | 5.8 v4.0 | MEDIUM | 0.0001 | — | No user interactionRace Condition (TOCTOU) | — | 2026-03-30 |
| CVE-2026-20013 | 5.8 v3.1 | MEDIUM | 0.0013 | — | NetworkNo privilegesNo user interactionMemory LeakVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-20015 | 5.8 v3.1 | MEDIUM | 0.0011 | — | NetworkNo privilegesNo user interactionMemory LeakVendor advisory ref | cisco | 2026-03-04 |
| CVE-2025-15621 | 5.7 v4.0 | MEDIUM | — | — | Weak Credential Protection | — | 2026-04-16 |
| CVE-2026-22617 | 5.7 v3.1 | MEDIUM | 0.0001 | — | Network | — | 2026-04-16 |
| CVE-2026-39901 | 5.7 v3.1 | MEDIUM | 0.0003 | — | NetworkImproper AuthorizationVendor advisory ref | — | 2026-04-08 |
| CVE-2022-27774 | 5.7 v3.1 | MEDIUM | 0.0031 | — | NetworkWeak Credential Protection | brocade, haxx, splunk, netapp, debian | 2022-06-02 |
| CVE-2023-20585 | 5.6 v4.0 | MEDIUM | — | — | No user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-27285 | 5.5 v3.1 | MEDIUM | 0.0002 | — | No privilegesHeap OverflowVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-27286 | 5.5 v3.1 | MEDIUM | 0.0002 | — | No privilegesHeap OverflowVendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-21013 | 5.5 v3.1 | MEDIUM | 0.0001 | — | No user interaction | samsung | 2026-04-13 |
| CVE-2026-29043 | 5.5 v3.1 | MEDIUM | 0.0004 | — | No privilegesHeap OverflowVendor advisory ref | hdfgroup | 2026-04-10 |
| CVE-2026-33776 | 5.5 v3.1 | MEDIUM | 0.0001 | — | No user interactionMissing Authorization | juniper | 2026-04-09 |
| CVE-2026-32288 | 5.5 v3.1 | MEDIUM | 0.0001 | — | No privilegesResource ExhaustionVendor advisory ref | golang | 2026-04-08 |
| CVE-2019-25658 | 5.5 v3.1 | MEDIUM | 0.0002 | — | No privilegesOut-of-bounds WriteVendor advisory ref | — | 2026-04-05 |
| CVE-2019-25593 | 5.5 v3.1 | MEDIUM | 0.0001 | — | No privilegesVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25602 | 5.5 v3.1 | MEDIUM | 0.0002 | — | No privilegesImproper Memory AccessVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25606 | 5.5 v3.1 | MEDIUM | 0.0002 | — | No privilegesOut-of-bounds WriteVendor advisory ref | — | 2026-03-22 |
| CVE-2019-25554 | 5.5 v3.1 | MEDIUM | 0.0002 | — | No privilegesOut-of-bounds WriteVendor advisory ref | tomabo | 2026-03-21 |
| CVE-2019-25559 | 5.5 v3.1 | MEDIUM | 0.0002 | — | No privilegesImproper Memory AccessVendor advisory ref | nsasoft | 2026-03-21 |
| CVE-2024-4867 | 5.4 v3.1 | MEDIUM | 0.0003 | — | NetworkXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2026-3369 | 5.4 v3.1 | MEDIUM | 0.0003 | — | NetworkXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2026-33889 | 5.4 v3.1 | MEDIUM | 0.0003 | — | NetworkXSSVendor advisory ref | — | 2026-04-15 |
| CVE-2026-40740 | 5.4 v3.1 | MEDIUM | 0.0002 | — | NetworkNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-15 |
| CVE-2026-4332 | 5.4 v3.1 | MEDIUM | 0.0002 | — | NetworkXSSVendor advisory ref | gitlab | 2026-04-08 |
| CVE-2026-31153 | 5.4 v3.1 | MEDIUM | 0.0003 | — | NetworkXSS | — | 2026-04-06 |
| CVE-2024-11831 | 5.4 v3.1 | MEDIUM | 0.0110 | — | NetworkXSS | — | 2025-02-10 |
| CVE-2026-40922 | 5.3 v4.0 | MEDIUM | — | — | NetworkNo user interactionXSSVendor advisory ref | — | 2026-04-17 |
| CVE-2026-5052 | 5.3 v3.1 | MEDIUM | — | — | NetworkNo privilegesNo user interactionSSRF | — | 2026-04-17 |
| CVE-2026-5234 | 5.3 v3.1 | MEDIUM | — | — | NetworkNo privilegesNo user interactionAuthorization Bypass (IDOR)Vendor advisory ref | — | 2026-04-17 |
| CVE-2026-5427 | 5.3 v3.1 | MEDIUM | — | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-17 |
| CVE-2026-5502 | 5.3 v3.1 | MEDIUM | — | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-17 |
| CVE-2026-0718 | 5.3 v3.1 | MEDIUM | 0.0001 | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-24749 | 5.3 v3.1 | MEDIUM | — | — | NetworkNo privilegesNo user interactionIncorrect AuthorizationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-3581 | 5.3 v3.1 | MEDIUM | 0.0001 | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-3595 | 5.3 v3.1 | MEDIUM | 0.0006 | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-4160 | 5.3 v3.1 | MEDIUM | — | — | NetworkNo privilegesNo user interactionAuthorization Bypass (IDOR)Vendor advisory ref | — | 2026-04-16 |
| CVE-2026-6410 | 5.3 v3.1 | MEDIUM | — | — | NetworkNo privilegesNo user interactionPath TraversalVendor advisory ref | — | 2026-04-16 |
| CVE-2026-39857 | 5.3 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | — | 2026-04-15 |
| CVE-2026-40763 | 5.3 v3.1 | MEDIUM | 0.0002 | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-15 |
| CVE-2026-40778 | 5.3 v3.1 | MEDIUM | 0.0002 | — | NetworkNo privilegesNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-15 |
| CVE-2026-33705 | 5.3 v3.1 | MEDIUM | 0.0005 | — | NetworkNo privilegesNo user interactionVendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-33737 | 5.3 v3.1 | MEDIUM | 0.0003 | — | NetworkNo user interactionXXEVendor advisory ref | chamilo | 2026-04-10 |
| CVE-2026-40087 | 5.3 v3.1 | MEDIUM | 0.0005 | — | NetworkNo privilegesNo user interactionVendor advisory ref | langchain | 2026-04-09 |
| CVE-2026-5890 | 5.3 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesRace ConditionVendor advisory ref | 2026-04-08 | |
| CVE-2026-35583 | 5.3 v3.1 | MEDIUM | 0.0005 | — | NetworkNo privilegesNo user interactionPath TraversalVendor advisory ref | nsa | 2026-04-07 |
| CVE-2026-35592 | 5.3 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privilegesPath TraversalVendor advisory ref | pyload-ng_project | 2026-04-07 |
| CVE-2026-34979 | 5.3 v3.1 | MEDIUM | 0.0005 | — | NetworkNo privilegesNo user interactionHeap OverflowVendor advisory ref | openprinting | 2026-04-03 |
| CVE-2026-29137 | 5.3 v3.1 | MEDIUM | 0.0010 | — | NetworkNo privilegesNo user interactionImproper Input Validation | seppmail | 2026-04-02 |
| CVE-2026-29140 | 5.3 v3.1 | MEDIUM | 0.0003 | — | NetworkNo privilegesNo user interaction | seppmail | 2026-04-02 |
| CVE-2026-29141 | 5.3 v3.1 | MEDIUM | 0.0010 | — | NetworkNo privilegesNo user interactionImproper Input Validation | seppmail | 2026-04-02 |
| CVE-2026-29142 | 5.3 v3.1 | MEDIUM | 0.0002 | — | NetworkNo privilegesNo user interaction | seppmail | 2026-04-02 |
| CVE-2026-29144 | 5.3 v3.1 | MEDIUM | 0.0010 | — | NetworkNo privilegesNo user interactionImproper Input Validation | seppmail | 2026-04-02 |
| CVE-2026-33617 | 5.3 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionVendor advisory ref | mbconnectline | 2026-04-02 |
| CVE-2026-34230 | 5.3 v3.1 | MEDIUM | 0.0005 | — | NetworkNo privilegesNo user interactionResource Exhaustion (DoS)Vendor advisory ref | rack | 2026-04-02 |
| CVE-2026-34763 | 5.3 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionVendor advisory ref | rack | 2026-04-02 |
| CVE-2026-34786 | 5.3 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionVendor advisory ref | rack | 2026-04-02 |
| CVE-2026-34826 | 5.3 v3.1 | MEDIUM | 0.0005 | — | NetworkNo privilegesNo user interactionResource Exhaustion (DoS)Resource ExhaustionVendor advisory ref | rack | 2026-04-02 |
| CVE-2026-4325 | 5.3 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privileges | redhat | 2026-04-02 |
| CVE-2026-34518 | 5.3 v3.1 | MEDIUM | 0.0005 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | aiohttp | 2026-04-01 |
| CVE-2026-34519 | 5.3 v3.1 | MEDIUM | 0.0006 | — | NetworkNo privilegesNo user interactionVendor advisory ref | aiohttp | 2026-04-01 |
| CVE-2026-34525 | 5.3 v3.1 | MEDIUM | 0.0010 | — | NetworkNo privilegesNo user interactionImproper Input ValidationVendor advisory ref | aiohttp | 2026-04-01 |
| CVE-2026-31381 | 5.3 v3.1 | MEDIUM | 0.0001 | — | NetworkNo privilegesNo user interaction | gainsight | 2026-03-20 |
| CVE-2026-32100 | 5.3 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | — | 2026-03-12 |
| CVE-2026-32142 | 5.3 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | — | 2026-03-12 |
| CVE-2026-20009 | 5.3 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-20106 | 5.3 v3.1 | MEDIUM | 0.0006 | — | NetworkNo privilegesNo user interactionMemory LeakVendor advisory ref | cisco | 2026-03-04 |
| CVE-2024-35512 | 5.3 v3.1 | MEDIUM | 0.0014 | — | NetworkNo privilegesNo user interaction | — | 2024-05-29 |
| CVE-2021-22925 | 5.3 v3.1 | MEDIUM | 0.0042 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | fedoraproject, siemens, oracle, haxx, splunk, netapp, apple | 2021-08-05 |
| CVE-2025-36579 | 5.1 v3.1 | MEDIUM | — | — | No privilegesNo user interaction | — | 2026-04-16 |
| CVE-2026-35634 | 5.1 v3.1 | MEDIUM | 0.0003 | — | No privilegesNo user interactionVendor advisory ref | openclaw | 2026-04-09 |
| CVE-2026-41034 | 5.0 v3.1 | MEDIUM | 0.0001 | — | NetworkNo user interactionOut-of-bounds ReadVendor advisory ref | — | 2026-04-16 |
| CVE-2026-3848 | 5.0 v3.1 | MEDIUM | 0.0002 | — | NetworkNo user interactionVendor advisory ref | gitlab | 2026-03-11 |
| CVE-2026-3330 | 4.9 v3.1 | MEDIUM | — | — | NetworkNo user interactionSQL InjectionVendor advisory ref | — | 2026-04-17 |
| CVE-2026-4853 | 4.9 v3.1 | MEDIUM | — | — | NetworkNo user interactionPath TraversalVendor advisory ref | — | 2026-04-17 |
| CVE-2026-34164 | 4.9 v3.1 | MEDIUM | — | — | NetworkNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2026-33472 | 4.8 v3.1 | MEDIUM | — | — | NetworkVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40175 | 4.8 v3.1 | MEDIUM | 0.0053 | — | NetworkNo privilegesNo user interactionSSRFVendor advisory ref | — | 2026-04-10 |
| CVE-2026-35623 | 4.8 v3.1 | MEDIUM | 0.0006 | — | NetworkNo privilegesNo user interactionVendor advisory ref | openclaw | 2026-04-09 |
| CVE-2026-24147 | 4.8 v3.1 | MEDIUM | 0.0007 | — | NetworkNo privilegesNo user interactionPath Traversal | nvidia | 2026-04-07 |
| CVE-2026-34831 | 4.8 v3.1 | MEDIUM | 0.0004 | — | NetworkNo privilegesNo user interactionVendor advisory ref | rack | 2026-04-02 |
| CVE-2026-37346 | 4.7 v3.1 | MEDIUM | — | — | NetworkNo user interactionSQL Injection | — | 2026-04-16 |
| CVE-2025-69893 | 4.6 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionVendor advisory ref | — | 2026-04-14 |
| CVE-2026-32953 | 4.6 v3.1 | MEDIUM | 0.0001 | — | No privilegesNo user interactionVendor advisory ref | tillitis | 2026-03-20 |
| CVE-2025-43935 | 4.4 v3.1 | MEDIUM | — | — | No user interaction | — | 2026-04-16 |
| CVE-2026-3551 | 4.4 v3.1 | MEDIUM | 0.0002 | — | NetworkNo user interactionXSS | — | 2026-04-16 |
| CVE-2026-3995 | 4.4 v3.1 | MEDIUM | 0.0002 | — | NetworkNo user interactionXSSVendor advisory ref | — | 2026-04-16 |
| CVE-2026-35206 | 4.4 v3.1 | MEDIUM | 0.0002 | — | No privilegesPath TraversalVendor advisory ref | helm | 2026-04-09 |
| CVE-2025-22870 | 4.4 v3.1 | MEDIUM | 0.0003 | — | No user interactionVendor advisory ref | — | 2025-03-12 |
| CVE-2023-5872 | 4.3 v3.1 | MEDIUM | 0.0010 | — | NetworkNo user interactionVendor advisory ref | — | 2026-04-16 |
| CVE-2024-58343 | 4.3 v3.1 | MEDIUM | — | — | NetworkNo user interaction | — | 2026-04-16 |
| CVE-2026-40729 | 4.3 v3.1 | MEDIUM | 0.0002 | — | NetworkNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-15 |
| CVE-2026-40786 | 4.3 v3.1 | MEDIUM | 0.0002 | — | NetworkNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-15 |
| CVE-2026-33118 | 4.3 v3.1 | MEDIUM | 0.0006 | — | NetworkNo privilegesVendor advisory ref | microsoft | 2026-04-10 |
| CVE-2026-33290 | 4.3 v3.1 | MEDIUM | 0.0003 | — | NetworkNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-03-24 |
| CVE-2026-20021 | 4.3 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionMemory LeakVendor advisory ref | cisco | 2026-03-04 |
| CVE-2026-35617 | 4.2 v3.1 | MEDIUM | 0.0005 | — | NetworkNo user interactionVendor advisory ref | openclaw | 2026-04-09 |
| CVE-2025-43883 | 4.1 v3.1 | MEDIUM | — | — | No user interaction | — | 2026-04-16 |
| CVE-2026-39314 | 4.0 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionVendor advisory ref | openprinting | 2026-04-07 |
| CVE-2026-39316 | 4.0 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionUse After FreeVendor advisory ref | openprinting | 2026-04-07 |
| CVE-2026-21767 | 4.0 v3.1 | MEDIUM | 0.0002 | — | No privilegesNo user interactionMissing Authentication | hcltech | 2026-04-02 |
| CVE-2026-40263 | 3.7 v3.1 | LOW | — | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2026-04-17 |
| CVE-2026-26961 | 3.7 v3.1 | LOW | 0.0004 | — | NetworkNo privilegesNo user interactionVendor advisory ref | rack | 2026-04-02 |
| CVE-2024-10106 | 3.7 v3.1 | LOW | 0.0029 | — | NetworkNo privilegesNo user interactionVendor advisory ref | — | 2025-01-09 |
| CVE-2020-8284 | 3.7 v3.1 | LOW | 0.0010 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | fedoraproject, siemens, splunk, oracle, haxx, fujitsu, netapp, apple, debian | 2020-12-14 |
| CVE-2020-1968 | 3.7 v3.1 | LOW | 0.0104 | — | NetworkNo privilegesNo user interaction | openssl, canonical, oracle, fujitsu, debian | 2020-09-09 |
| CVE-2024-8010 | 3.5 v3.1 | LOW | 0.0001 | — | No user interactionXXEVendor advisory ref | — | 2026-04-16 |
| CVE-2026-4519 | 3.3 v3.1 | LOW | 0.0003 | — | No privilegesImproper Input ValidationVendor advisory ref | python | 2026-03-20 |
| CVE-2026-3155 | 3.1 v3.1 | LOW | 0.0003 | — | NetworkNo user interactionMissing AuthorizationVendor advisory ref | — | 2026-04-16 |
| CVE-2026-40109 | 3.1 v3.1 | LOW | 0.0001 | — | NetworkNo user interactionImproper AuthenticationVendor advisory ref | — | 2026-04-09 |
| CVE-2021-22898 | 3.1 v3.1 | LOW | 0.0013 | — | NetworkNo privilegesInformation ExposureVendor advisory ref | fedoraproject, oracle, haxx, splunk, siemens, debian | 2021-06-11 |
| CVE-2026-41080 | 2.9 v3.1 | LOW | — | — | No privilegesNo user interaction | — | 2026-04-16 |
| CVE-2026-21014 | 2.8 v3.1 | LOW | 0.0001 | — | samsung | 2026-04-13 | |
| CVE-2026-34781 | 2.8 v3.1 | LOW | 0.0001 | — | NULL Pointer DerefVendor advisory ref | electronjs | 2026-04-07 |
| CVE-2026-4916 | 2.7 v3.1 | LOW | 0.0001 | — | NetworkNo user interactionMissing AuthorizationVendor advisory ref | gitlab | 2026-04-08 |
| CVE-2026-27307 | 2.4 v3.1 | LOW | 0.0002 | — | No user interactionResource Exhaustion (DoS)Vendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-27308 | 2.4 v3.1 | LOW | 0.0002 | — | No user interactionResource Exhaustion (DoS)Vendor advisory ref | adobe | 2026-04-14 |
| CVE-2026-32266 | 2.4 v4.0 | LOW | 0.0002 | — | NetworkNo privilegesNo user interactionInformation ExposureVendor advisory ref | — | 2026-03-18 |
| CVE-2017-7407 | 2.4 v3.1 | LOW | 0.0028 | — | No privilegesNo user interactionMemory CorruptionVendor advisory ref | haxx | 2017-04-03 |
| CVE-2026-33168 | 2.3 v4.0 | LOW | 0.0002 | — | NetworkNo privilegesXSSVendor advisory ref | — | 2026-03-23 |
| CVE-2026-34851 | 2.2 v3.1 | LOW | 0.0001 | — | Race ConditionVendor advisory ref | huawei | 2026-04-13 |
| CVE-2026-34850 | 1.9 v3.1 | LOW | 0.0001 | — | No user interactionRace ConditionVendor advisory ref | huawei | 2026-04-13 |
| CVE-2026-27820 | 1.7 v4.0 | LOW | — | — | NetworkNo privilegesNo user interactionBuffer OverflowVendor advisory ref | — | 2026-04-16 |
| CVE-2026-31987 | — | — | — | — | Vendor advisory ref | — | 2026-04-16 |
| CVE-2026-37100 | — | — | — | — | — | 2026-04-16 | |
| CVE-2026-37339 | — | — | — | — | — | 2026-04-16 | |
| CVE-2026-37340 | — | — | — | — | — | 2026-04-16 | |
| CVE-2026-37341 | — | — | — | — | — | 2026-04-16 | |
| CVE-2026-37342 | — | — | — | — | — | 2026-04-16 | |
| CVE-2026-37343 | — | — | — | — | — | 2026-04-16 | |
| CVE-2026-37344 | — | — | — | — | — | 2026-04-16 | |
| CVE-2026-5426 | — | — | — | — | Insecure Deserialization | — | 2026-04-16 |
| CVE-2026-5968 | — | — | — | — | — | 2026-04-16 | |
| CVE-2026-32732 | 0.0 v4.0 | NONE | 0.0006 | — | NetworkNo privilegesXSSVendor advisory ref | — | 2026-03-16 |
| CVE-2012-3442 | — | — | 0.0044 | — | XSSVendor advisory ref | djangoproject | 2012-07-31 |
| CVE-2008-3909 | — | — | 0.0036 | — | CSRFVendor advisory ref | djangoproject | 2008-09-04 |
| CVE-2006-0749 | — | — | 0.3637 | — | EPSS highVendor advisory ref | mozilla | 2006-04-14 |