CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 4160 of 1549 results
«« First « Prev Page 3 / 78 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-6883 GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merge request approval requirements due to improper cleanup of orphaned policy records. 2.6 0.15% 2026-05-14 2026-06-17
CVE-2026-6533 Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.15% 2026-04-30 2026-06-17
CVE-2026-3254 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to load unauthorized content into another user's browser due to improper input validation in the Mermaid sandbox. 3.5 0.15% 2026-04-22 2026-06-17
CVE-2026-4527 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to create unauthorized Jira subscriptions for a targeted user's namespace via a specially crafted link due to missing CSRF protection. 6.5 0.15% 2026-05-14 2026-06-17
CVE-2025-1754 An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed unauthenticated attackers to upload arbitrary files to public projects by sending crafted API requests, potentially leading to resource abuse and unauthorized content storage. 5.3 0.15% 2025-06-26 2026-06-17
CVE-2026-15167 DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service 7.5 0.16% 2026-07-08 2026-07-09
CVE-2026-3203 RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service 5.5 0.16% 2026-02-25 2026-06-17
CVE-2026-3202 NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service 4.7 0.16% 2026-02-25 2026-06-17
CVE-2025-5990 An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input. 7.6 0.16% 2025-06-15 2026-06-17
CVE-2026-6870 GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.16% 2026-04-30 2026-06-17
CVE-2026-6530 DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service 5.5 0.16% 2026-04-30 2026-06-17
CVE-2026-5405 RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution 7.8 0.16% 2026-04-30 2026-06-29
CVE-2026-5403 SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution 7.8 0.16% 2026-04-30 2026-06-29
CVE-2024-6299 Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with timestamps past the expiry date 4.8 0.16% 2024-06-25 2026-06-17
CVE-2026-1282 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated user to inject malicious content into project labels titles. 3.5 0.16% 2026-02-11 2026-06-17
CVE-2026-1094 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8 before 18.8.4 that could have allowed an authenticated developer to hide specially crafted file changes from the WebUI. 4.6 0.16% 2026-02-11 2026-06-17
CVE-2026-6515 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or incorrectly scoped credentials to access Virtual Registries under certain conditions. 5.4 0.16% 2026-04-22 2026-06-17
CVE-2025-11989 GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to execute unauthorized quick actions by including malicious commands in specific descriptions. 3.7 0.16% 2025-10-26 2026-06-17
CVE-2025-14594 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to view certain pipeline values by querying the API. 3.5 0.16% 2026-02-11 2026-06-17
CVE-2025-12575 GitLab has remediated an issue in GitLab EE affecting all versions from 18.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user with certain permissions to make unauthorized requests to internal network services through the GitLab server. 5.4 0.16% 2026-02-11 2026-06-17
«« First « Prev Page 3 / 78 Next »
cvelogic Threat Intelligence