Latest Vulnerabilities
Latest Found
The latest vulnerability announcements
- CVE-2026-4020 - Gravity SMTP <= 2.1.4 - Unauthenticated Sensitive Information Exposure via REST API
- CVE-2026-3300 - Everest Forms Pro <= 1.9.12 - Unauthenticated Remote Code Execution via Calculation Field
- CVE-2026-30879 - baserCMS: Cross-site scripting vulnerability in blog post
- CVE-2026-30880 - baserCMS: OS command injection vulnerability in installer
- CVE-2026-30940 - baserCMS: Path Traversal in Theme File API Leads to Arbitrary File Write and RCE
- CVE-2026-32734 - baserCMS: Multiple vulnerabilities in baserCMS
- CVE-2026-4794 - Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF
- CVE-2026-5115 - Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices
- CVE-2026-21861 - baserCMS: OS Command Injection Leading to Remote Code Execution (RCE)
- CVE-2026-27697 - baserCMS: SQL injection vulnerability in blog post
CISA Advisories
The latest advisories from CISA
- CISA Adds One Known Exploited Vulnerability to Catalog
- CISA Adds One Known Exploited Vulnerability to Catalog
- PTC Windchill Product Lifecycle Management
- WAGO GmbH & Co. KG Industrial Managed Switches
- CISA Adds One Known Exploited Vulnerability to Catalog
- OpenCode Systems OC Messaging and USSD Gateway
- CISA Adds One Known Exploited Vulnerability to Catalog
- Schneider Electric EcoStruxure Foxboro DCS
- Schneider Electric Plant iT/Brewmaxx
- Pharos Controls Mosaic Show Controller
