CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 101120 of 1206 results
«« First « Prev Page 6 / 61 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-52703 Unauthenticated Path Traversal in FastDup <= 2.7.2 versions. 9.6 0.44% 2026-06-15 2026-06-17
CVE-2026-52693 Unauthenticated SQL Injection in eCommerce Product Catalog <= 3.5.5 versions. 9.3 0.30% 2026-06-15 2026-06-17
CVE-2026-49781 Unauthenticated PHP Object Injection in OttoKit <= 1.1.27 versions. 9.8 0.38% 2026-06-15 2026-06-17
CVE-2026-49776 Unauthenticated SQL Injection in GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites <= 2.32.6 versions. 9.3 0.29% 2026-06-15 2026-06-17
CVE-2026-49770 Unauthenticated PHP Object Injection in WP Travel Engine <= 6.7.12 versions. 9.8 0.38% 2026-06-15 2026-06-17
CVE-2026-49769 Unauthenticated PHP Object Injection in wpForo Forum <= 3.1.0 versions. 9.8 0.38% 2026-06-15 2026-06-17
CVE-2026-49768 Unauthenticated PHP Object Injection in Happyforms <= 1.26.13 versions. 9.8 0.38% 2026-06-15 2026-06-17
CVE-2026-49766 Subscriber Arbitrary File Deletion in WP User Manager <= 2.9.16 versions. 9.9 0.51% 2026-06-15 2026-06-17
CVE-2026-49765 Unauthenticated PHP Object Injection in Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.8 versions. 9.8 0.38% 2026-06-15 2026-06-17
CVE-2026-49764 Unauthenticated Broken Authentication in RegistrationMagic <= 6.0.8.6 versions. 9.8 0.40% 2026-06-15 2026-06-17
CVE-2026-49763 Unauthenticated PHP Object Injection in Integration for Contact Form 7 HubSpot <= 1.3.7 versions. 9.8 0.38% 2026-06-15 2026-07-08
CVE-2026-49109 Unauthenticated PHP Object Injection in Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.4.3 versions. 9.8 0.38% 2026-06-15 2026-06-17
CVE-2026-49106 Unauthenticated PHP Object Injection in Integration for Contact Form 7 and Constant Contact <= 1.1.6 versions. 9.8 0.38% 2026-06-15 2026-06-17
CVE-2026-49105 Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.1.4 versions. 9.8 0.48% 2026-06-15 2026-06-17
CVE-2026-49104 Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.2.1 versions. 9.8 0.48% 2026-06-15 2026-06-17
CVE-2026-49085 Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.1.4 versions. 9.8 0.48% 2026-06-15 2026-06-17
CVE-2026-49067 Unauthenticated SQL Injection in Advanced 301 and 302 Redirect <= 1.6.9 versions. 9.3 0.30% 2026-06-15 2026-06-17
CVE-2026-48886 Unauthenticated SQL Injection in JS Help Desk <= 3.0.9 versions. 9.3 0.28% 2026-06-15 2026-06-17
CVE-2026-48881 Unauthenticated Broken Access Control in TrueBooker <= 1.1.9 versions. 9.1 0.28% 2026-06-15 2026-06-17
CVE-2026-48836 Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions. 10.0 0.57% 2026-06-15 2026-06-17
«« First « Prev Page 6 / 61 Next »
cvelogic Threat Intelligence