Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-49084 | Unauthenticated SQL Injection in JetEngine < 3.8.9.1 versions. | 9.3 | 0.29% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49080 | Unauthenticated SQL Injection in wpDataTables <= 7.3.6 versions. | 9.3 | 0.31% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49079 | Unauthenticated SQL Injection in JetSearch <= 3.5.17 versions. | 9.3 | 0.35% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49076 | Unauthenticated SQL Injection in JetEngine <= 3.8.9.1 versions. | 9.3 | 0.38% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49075 | Contributor PHP Object Injection in JetEngine <= 3.8.9.1 versions. | 9.8 | 0.39% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49058 | Unauthenticated Privilege Escalation in LoginPress Pro <= 6.2.2 versions. | 9.8 | 0.33% | 2026-06-17 | 2026-06-17 |
| CVE-2026-48875 | Unauthenticated SQL Injection in JetSmartFilters <= 3.8.1 versions. | 9.3 | 0.37% | 2026-06-17 | 2026-06-17 |
| CVE-2026-42380 | Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions. | 9.8 | 0.51% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40783 | Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.37 versions. | 9.9 | 0.54% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40749 | Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40748 | Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40747 | Subscriber Arbitrary File Upload in Ecommerce Zone <= 0.9.7 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40746 | Subscriber Arbitrary File Upload in Restaurant Zone <= 0.7.8 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40725 | Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions. | 9.8 | 0.38% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39596 | Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions. | 9.3 | 0.37% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39589 | Subscriber Arbitrary File Upload in Webenvo <= 0.0.6 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39529 | Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions. | 9.8 | 0.38% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39438 | Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions. | 9.3 | 0.37% | 2026-06-17 | 2026-06-17 |
| CVE-2026-27429 | Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions. | 9.8 | 0.56% | 2026-06-17 | 2026-06-17 |
| CVE-2026-27395 | Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions. | 9.8 | 0.34% | 2026-06-17 | 2026-06-17 |