CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 2140 of 1528 results
«« First « Prev Page 2 / 77 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2025-13946 MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service 5.5 0.12% 2025-12-03 2026-06-17
CVE-2026-6869 WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.12% 2026-04-30 2026-06-17
CVE-2026-6529 iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.12% 2026-04-30 2026-06-17
CVE-2026-6527 ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.12% 2026-04-30 2026-06-17
CVE-2025-13945 HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service 5.5 0.13% 2025-12-03 2026-06-17
CVE-2026-5407 SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.14% 2026-04-30 2026-06-17
CVE-2026-6535 Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.14% 2026-04-30 2026-06-17
CVE-2026-6528 TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service 5.5 0.14% 2026-04-30 2026-06-17
CVE-2026-6521 OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.14% 2026-04-30 2026-06-17
CVE-2026-5409 Monero protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.14% 2026-04-30 2026-06-17
CVE-2026-5408 BT-DHT protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.14% 2026-04-30 2026-06-17
CVE-2026-6883 GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merge request approval requirements due to improper cleanup of orphaned policy records. 2.6 0.15% 2026-05-14 2026-06-17
CVE-2026-6533 Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.15% 2026-04-30 2026-06-17
CVE-2026-3254 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to load unauthorized content into another user's browser due to improper input validation in the Mermaid sandbox. 3.5 0.15% 2026-04-22 2026-06-17
CVE-2026-4527 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to create unauthorized Jira subscriptions for a targeted user's namespace via a specially crafted link due to missing CSRF protection. 6.5 0.15% 2026-05-14 2026-06-17
CVE-2025-1754 An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed unauthenticated attackers to upload arbitrary files to public projects by sending crafted API requests, potentially leading to resource abuse and unauthorized content storage. 5.3 0.15% 2025-06-26 2026-06-17
CVE-2026-3203 RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service 5.5 0.16% 2026-02-25 2026-06-17
CVE-2026-3202 NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service 4.7 0.16% 2026-02-25 2026-06-17
CVE-2025-5990 An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input. 7.6 0.16% 2025-06-15 2026-06-17
CVE-2026-6870 GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.16% 2026-04-30 2026-06-17
«« First « Prev Page 2 / 77 Next »
cvelogic Threat Intelligence