Simple\ CVEs and Security Vulnerabilities

Export limit exceeded: 344958 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 31), (line:1, col:32)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (344958 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-21520	1 Microsoft	1 Copilot Studio	2026-04-16	7.5 High
Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector
CVE-2026-21524	1 Microsoft	1 Azure Data Explorer	2026-04-16	7.4 High
Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network.
CVE-2026-24305	1 Microsoft	2 Entra Id, Microsoft Entra Id	2026-04-16	9.3 Critical
Azure Entra ID Elevation of Privilege Vulnerability
CVE-2026-24307	1 Microsoft	1 365 Copilot	2026-04-16	9.3 Critical
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-21227	1 Microsoft	1 Azure Logic Apps	2026-04-16	8.2 High
Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-21521	1 Microsoft	1 365 Word Copilot	2026-04-16	7.4 High
Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-24521	1 Wordpress	1 Wordpress	2026-04-16	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Timur Kamaev Kama Thumbnail kama-thumbnail allows Cross Site Request Forgery.This issue affects Kama Thumbnail: from n/a through <= 3.5.1.
CVE-2026-24522	2 Mythemeshop, Wordpress	2 Wp Subscribe, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in MyThemeShop WP Subscribe wp-subscribe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscribe: from n/a through <= 1.2.16.
CVE-2026-24526	3 Steve Truman, Woocommerce, Wordpress	3 Email Inquiry & Cart Options For Woocommerce, Woocommerce, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steve Truman Email Inquiry & Cart Options for WooCommerce woocommerce-email-inquiry-cart-options allows DOM-Based XSS.This issue affects Email Inquiry & Cart Options for WooCommerce: from n/a through <= 3.4.3.
CVE-2026-24528	2 Pixelgrade, Wordpress	2 Nova Blocks, Wordpress	2026-04-16	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixelgrade Nova Blocks nova-blocks allows DOM-Based XSS.This issue affects Nova Blocks: from n/a through <= 2.1.9.
CVE-2026-24530	1 Wordpress	1 Wordpress	2026-04-16	5.3 Medium
Missing Authorization vulnerability in sheepfish WebP Conversion webp-conversion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebP Conversion: from n/a through <= 2.2.
CVE-2026-24531	1 Wordpress	1 Wordpress	2026-04-16	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 2.3.
CVE-2026-24532	1 Wordpress	1 Wordpress	2026-04-16	8.8 High
Missing Authorization vulnerability in SiteLock SiteLock Security – WP Hardening, Login Security & Malware Scans sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security – WP Hardening, Login Security & Malware Scans: from n/a through <= 5.0.2.
CVE-2026-24535	2 Webdevstudios, Wordpress	2 Automatic Featured Images From Videos, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through <= 1.2.7.
CVE-2026-24549	2 Paolo, Wordpress	2 Geodirectory, Wordpress	2026-04-16	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Paolo GeoDirectory geodirectory allows Cross Site Request Forgery.This issue affects GeoDirectory: from n/a through <= 2.8.149.
CVE-2026-24565	1 Wordpress	1 Wordpress	2026-04-16	6.5 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in bPlugins B Accordion b-accordion allows Retrieve Embedded Sensitive Data.This issue affects B Accordion: from n/a through <= 2.0.2.
CVE-2026-24566	2 Inet, Wordpress	2 Inet Webkit, Wordpress	2026-04-16	6.5 Medium
Missing Authorization vulnerability in iNET iNET Webkit inet-webkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iNET Webkit: from n/a through <= 1.2.4.
CVE-2026-24568	2 Wordpress, Wptravelengine	2 Wordpress, Wp Travel Engine	2026-04-16	5.3 Medium
Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through <= 11.1.0.
CVE-2026-24569	2 Sully, Wordpress	2 Media Library File Size, Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in Sully Media Library File Size media-library-file-size allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Library File Size: from n/a through <= 1.6.7.
CVE-2026-24571	1 Wordpress	1 Wordpress	2026-04-16	4.3 Medium
Missing Authorization vulnerability in boxnow BOX NOW Delivery box-now-delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BOX NOW Delivery: from n/a through <= 3.0.2.

« first previous Page 39 of 17248. next last »