CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 141160 of 7273 results
«« First « Prev Page 8 / 364 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-54846 Unauthenticated Broken Access Control in Syncee Premium Dropshipping &amp; Wholesale <= 1.0.27 versions. 7.5 0.28% 2026-06-26 2026-06-26
CVE-2026-54840 Unauthenticated Broken Access Control in Newsletters <= 4.13 versions. 7.3 0.21% 2026-06-26 2026-06-26
CVE-2026-54839 Unauthenticated Sensitive Data Exposure in Trinity Backup &#8211; Backup, Migrate, Restore, Clone &amp; Schedule Backups <= 2.0.9 versions. 7.5 0.28% 2026-06-26 2026-06-26
CVE-2026-54837 Unauthenticated Broken Access Control in Intranet &amp; Private Site &#8211; All-In-One Intranet <= 1.8.1 versions. 7.5 0.28% 2026-06-26 2026-06-26
CVE-2026-54835 Unauthenticated Broken Access Control in Five Star Restaurant Menu <= 2.5.2 versions. 7.5 0.24% 2026-06-26 2026-06-29
CVE-2026-54834 Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone <= 2.3.2 versions. 7.5 0.29% 2026-06-26 2026-06-26
CVE-2026-54833 Unauthenticated Backdoor in Enable CORS <= 2.0.3 versions. 7.4 0.24% 2026-06-26 2026-06-26
CVE-2026-54832 Unauthenticated Broken Access Control in Gutenverse Companion <= 2.5.0 versions. 7.5 0.24% 2026-06-26 2026-06-26
CVE-2026-54831 Unauthenticated SQL Injection in GeoDirectory <= 2.8.162 versions. 9.3 0.28% 2026-06-26 2026-06-26
CVE-2026-54827 Unauthenticated SQL Injection in Real Estate 7 <= 3.5.9 versions. 9.3 0.28% 2026-06-26 2026-06-26
CVE-2026-54826 Subscriber Insecure Direct Object References (IDOR) in SupportCandy <= 3.4.6 versions. 7.6 0.29% 2026-06-26 2026-06-29
CVE-2026-54825 Unauthenticated SQL Injection in wpDataTables <= 7.4 versions. 9.3 0.28% 2026-06-26 2026-06-26
CVE-2026-54824 Unauthenticated Sensitive Data Exposure in Ads by WPQuads <= 3.0.3 versions. 7.5 0.29% 2026-06-26 2026-06-26
CVE-2026-54820 Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions. 9.3 0.28% 2026-06-26 2026-06-26
CVE-2025-68064 Contributor Local File Inclusion in Goya Core < 1.0.9.4 versions. 7.5 0.32% 2026-06-26 2026-06-26
CVE-2025-68063 Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey <= 4.4.3 versions. 7.5 0.32% 2026-06-26 2026-06-26
CVE-2025-68052 Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions. 8.8 0.14% 2026-06-26 2026-06-26
CVE-2026-57700 Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files. This issue affects OMGF Pro: from n/a through 5.2.6. 10.0 0.37% 2026-06-25 2026-06-29
CVE-2026-56071 Unauthenticated Cross Site Scripting (XSS) in Forminator <= 1.53.1 versions. 7.1 0.18% 2026-06-25 2026-06-25
CVE-2026-56054 Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions. 7.7 0.45% 2026-06-25 2026-06-25
«« First « Prev Page 8 / 364 Next »
cvelogic Threat Intelligence