🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2016-20050 | Medium | 6.2 |
NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to c…
|
— | Apr 4, 2026 |
| CVE-2018-25247 | Medium | 6.1 |
MyBB Like Plugin 3.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts b…
|
— | Apr 4, 2026 |
| CVE-2016-20051 | Medium | 5.3 |
Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credenti…
|
— | Apr 4, 2026 |
| CVE-2016-20053 | Medium | 5.3 |
Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create admin…
|
— | Apr 4, 2026 |
| CVE-2025-14938 | Medium | 5.3 |
The Listeo Core plugin for WordPress is vulnerable to unauthenticated arbitrary media upload in all versions up to, and …
|
— | Apr 4, 2026 |
| CVE-2026-5470 | Medium | 6.3 |
A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca6…
|
— | Apr 3, 2026 |
| CVE-2026-5472 | Medium | 6.3 |
A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Th…
|
— | Apr 3, 2026 |
| CVE-2026-5474 | Medium | 6.3 |
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw…
|
— | Apr 3, 2026 |
| CVE-2026-5475 | Medium | 5.5 |
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_…
|
— | Apr 3, 2026 |
| CVE-2017-20233 | Medium | 5.4 |
Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correc…
|
— | Apr 3, 2026 |
| CVE-2026-34511 | Medium | 5.3 |
OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth flow, exposing it thr…
|
— | Apr 3, 2026 |
| CVE-2026-5484 | Medium | 5.3 |
A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the …
|
— | Apr 3, 2026 |
| CVE-2026-5330 | Medium | 6.5 |
A vulnerability was found in SourceCodester/mayuri_k Best Courier Management System 1.0. Affected by this issue is some …
|
— | Apr 2, 2026 |
| CVE-2026-34813 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the user parameter to /cgi-bin/prox…
|
— | Apr 2, 2026 |
| CVE-2026-34818 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/dns…
|
— | Apr 2, 2026 |
| CVE-2026-34814 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the group parameter to /cgi-bin/pro…
|
— | Apr 2, 2026 |
| CVE-2026-34815 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the DOMAIN parameter to /cgi-bin/sm…
|
— | Apr 2, 2026 |
| CVE-2026-34816 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the domain parameter to /manage/smt…
|
— | Apr 2, 2026 |
| CVE-2026-34817 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the ADDRESS BCC parameter to /cgi-b…
|
— | Apr 2, 2026 |
| CVE-2026-34821 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/vpn…
|
— | Apr 2, 2026 |