Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-57315 | Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.45 versions. | 8.5 | 0.35% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57314 | Unauthenticated Cross Site Scripting (XSS) in SureCart <= 4.3.2 versions. | 7.1 | 0.18% | 2026-06-26 | 2026-06-29 |
| CVE-2026-57313 | Subscriber Cross Site Scripting (XSS) in SureCart <= 4.2.2 versions. | 6.5 | 0.21% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57312 | Unauthenticated Cross Site Scripting (XSS) in Everest Forms <= 3.4.8 versions. | 7.1 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56072 | Unauthenticated Cross Site Scripting (XSS) in WoodMart <= 8.5.3 versions. | 7.1 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56071 | Unauthenticated Cross Site Scripting (XSS) in Forminator <= 1.53.1 versions. | 7.1 | 0.18% | 2026-06-25 | 2026-06-25 |
| CVE-2026-56070 | Unauthenticated SQL Injection in Advance Product Search <= 1.4.4 versions. | 9.3 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56069 | Unauthenticated Insecure Direct Object References (IDOR) in Toolset Forms <= 2.6.24 versions. | 7.5 | 0.30% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56068 | Unauthenticated SQL Injection in JetEngine <= 3.8.10.2 versions. | 9.3 | 0.24% | 2026-06-26 | 2026-06-29 |
| CVE-2026-56067 | Unauthenticated SQL Injection in JetSmartFilters <= 3.8.3 versions. | 9.3 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56066 | Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images <= 3.11.4 versions. | 5.8 | 0.35% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56064 | Subscriber SQL Injection in Tourfic <= 2.22.5 versions. | 8.5 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56063 | Unauthenticated Broken Access Control in MailChimp Block <= 1.1.15 versions. | 8.3 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56062 | Unauthenticated SQL Injection in Quotes llama <= 3.1.5 versions. | 9.3 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56061 | Unauthenticated Broken Access Control in Subscriptions for WooCommerce <= 1.9.5 versions. | 7.5 | 0.25% | 2026-06-26 | 2026-06-29 |
| CVE-2026-56060 | Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce <= 7.1.1 versions. | 7.5 | 0.30% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56059 | Subscriber Arbitrary File Upload in Travel Booking <= 2.2.5 versions. | 9.9 | 0.36% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56058 | Subscriber Arbitrary File Upload in Quform <= 2.23.0 versions. | 9.9 | 0.36% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56057 | Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions. | 9.8 | 0.43% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56055 | Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions. | 8.8 | 0.39% | 2026-06-26 | 2026-06-26 |