Export limit exceeded: 358229 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 28), (line:1, col:29)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (358229 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-34901 2026-06-15 9.8 Critical
Unauthenticated Privilege Escalation in iControlWP <= 5.5.3 versions.
CVE-2026-34900 2026-06-15 7.1 High
Unauthenticated Cross Site Scripting (XSS) in GiveWP <= 4.14.2 versions.
CVE-2026-34898 2026-06-15 7.5 High
Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce <= 1.5.3 versions.
CVE-2026-34892 2026-06-15 6.5 Medium
Subscriber Broken Access Control in Rank Math SEO <= 1.0.271 versions.
CVE-2026-34891 2026-06-15 7.5 High
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce <= 2.2.5 versions.
CVE-2026-34886 2026-06-15 7.5 High
Unauthenticated Broken Access Control in Simple Membership <= 4.7.1 versions.
CVE-2026-27407 2026-06-15 7.2 High
Editor Privilege Escalation in AI Engine <= 3.4.9 versions.
CVE-2026-27333 2026-06-15 8.1 High
Unauthenticated Deserialization of untrusted data in Paid Videochat Turnkey Site <= 7.3.23 versions.
CVE-2026-27089 2026-06-15 7.5 High
Unauthenticated Bypass Vulnerability in WpTravelly <= 2.1.7 versions.
CVE-2026-27053 2026-06-15 9.8 Critical
Unauthenticated PHP Object Injection in Broadcast Live Video < 7.1.3 versions.
CVE-2026-25440 2026-06-15 5.3 Medium
Unauthenticated Broken Access Control in Essential Addons for Elementor < 6.6.0 versions.
CVE-2026-25425 2026-06-15 7.5 High
Unauthenticated Broken Access Control in User Registration <= 5.1.2 versions.
CVE-2026-24637 2026-06-15 8.5 High
Contributor SQL Injection in PowerPress Podcasting <= 11.15.10 versions.
CVE-2026-23970 2026-06-15 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Redirection for Contact Form 7 <= 3.2.8 versions.
CVE-2026-9691 2026-06-15 9.8 Critical
Unauthenticated PHP Object Injection in Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 versions.
CVE-2025-69332 2026-06-15 6.5 Medium
Subscriber Broken Access Control in Bookify <= 1.1.1 versions.
CVE-2025-68872 2026-06-15 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Eli&#039;s WordCents adSense Widget with Analytics <= 1.3.03.27 versions.
CVE-2025-68851 2026-06-15 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Okay Toolkit <= 2.3 versions.
CVE-2025-68840 2026-06-15 7.1 High
Unauthenticated Cross Site Scripting (XSS) in iRobots.txt SEO <= 1.1.2 versions.
CVE-2025-68049 2026-06-15 6.3 Medium
Subscriber Broken Access Control in bunny.net <= 2.3.6 versions.