🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-3404 | Medium | 5.0 |
A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/…
|
— | Mar 2, 2026 |
| CVE-2026-28557 | Medium | 6.5 |
wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wp…
|
— | Feb 28, 2026 |
| CVE-2026-28558 | Medium | 6.4 |
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows authenticated subscribers to upload…
|
— | Feb 28, 2026 |
| CVE-2026-28560 | Medium | 5.5 |
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows script injection via forum URL data…
|
— | Feb 28, 2026 |
| CVE-2026-28561 | Medium | 5.5 |
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows administrators to inject persistent…
|
— | Feb 28, 2026 |
| CVE-2026-28556 | Medium | 5.4 |
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to move, merge,…
|
— | Feb 28, 2026 |
| CVE-2026-28559 | Medium | 5.3 |
wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve priva…
|
— | Feb 28, 2026 |
| CVE-2026-28338 | Medium | 6.8 |
PMD is an extensible multilanguage static code analyzer. Prior to version 7.22.0, PMD's `vbhtml` and `yahtml` report for…
|
⚡ Exploit | Feb 27, 2026 |
| CVE-2025-9907 | Medium | 6.7 |
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerabi…
|
— | Feb 27, 2026 |
| CVE-2025-9908 | Medium | 6.7 |
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerabilit…
|
— | Feb 27, 2026 |
| CVE-2025-9909 | Medium | 6.7 |
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows …
|
— | Feb 27, 2026 |
| CVE-2026-27653 | Medium | 6.7 |
The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permission…
|
— | Feb 27, 2026 |
| CVE-2024-10938 | Medium | 6.5 |
The OVRI Payment plugin for WordPress contains malicious .htaccess files in version 1.7.0. The files contain directives …
|
— | Feb 27, 2026 |
| CVE-2026-1626 | Medium | 6.5 |
An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or ma…
|
— | Feb 27, 2026 |
| CVE-2026-1627 | Medium | 6.5 |
An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromis…
|
— | Feb 27, 2026 |
| CVE-2026-20733 | Medium | 6.5 |
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
|
— | Feb 27, 2026 |
| CVE-2026-22878 | Medium | 6.5 |
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
|
— | Feb 27, 2026 |
| CVE-2026-22890 | Medium | 6.5 |
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
|
— | Feb 27, 2026 |
| CVE-2026-24488 | Medium | 6.5 |
OpenEMR is a free and open source electronic health records and medical practice management application. In versions up …
|
— | Feb 27, 2026 |
| CVE-2026-25774 | Medium | 6.5 |
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
|
— | Feb 27, 2026 |