Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
8.2 HIGH
CVE-2026-9057 — Security fix for Qlik Talend Administration Center URL access control vulnerability

A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a p…

Remote | Authorization
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
5.4 MEDIUM
CVE-2026-9056 — Security fix for Qlik Talend Administration Center cross-site scripting vulnerability

A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can store a XSS payload that can be triggered by a differ…

Remote | Cross-Site Scripting
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
8.8 HIGH
CVE-2026-7522 — Advanced Database Cleaner – Premium <= 4.1.0 - Authenticated (Subscriber+) Local File Inc…

The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.1.0 via the 'template' parameter. This makes it possible for aut…

Remote | Path Traversal
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
4.3 MEDIUM
CVE-2026-5075 — All in One SEO <= 4.9.7 - Authenticated (Contributor+) Sensitive Information Exposure via…

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal o…

Remote | Information Disclosure
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
7.5 HIGH
CVE-2026-9010 — Boost <= 2.0.3 - Unauthenticated Blind SQL Injection via Multiple Parameters

The Boost plugin for WordPress is vulnerable to time-based SQL Injection via the 'current_url' and 'user_name' parameters in versions up to, and including, 2.0.3 due to insufficient escaping on the u…

Remote | Injection
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
8.7 HIGH
CVE-2026-9003 — TONNET|E-LAN Hybrid Recording System - SQL Injection

E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

Remote | Injection
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
9.8 CRITICAL
CVE-2026-7637 — Boost <= 2.0.3 - Unauthenticated PHP Object Injection via STYXKEY-BOOST_USER_LOCATION Coo…

The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in the STYXKEY-BOOST_USER_LOCATION cookie. This mak…

Remote | Injection
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
7.4 HIGH
CVE-2026-7460 — mailcow-dockerized 2026-03b - Stored XSS in Queue Manager via unescaped

mailcow-dockerized contains a stored cross-site scripting vulnerability in the administrator Queue Manager. The Queue Manager fetches mail queue entries from /api/v1/get/mailq/all, copies server-cont…

Remote | Cross-Site Scripting
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
5.7 MEDIUM
CVE-2026-24215 — NVIDIA Triton Inference Server Resource Consumption Denial of Service

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend, where an attacker could cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to …

Remote | Denial of Service
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
8.0 HIGH
CVE-2026-24214 — NVIDIA Triton Inference Server DALI Integer Overflow Vulnerability

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution,…

Remote | Injection
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
8.0 HIGH
CVE-2026-24213 — NVIDIA Triton Inference Server Out-of-Bounds Read Vulnerability

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code executio…

Remote | Memory Corruption
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
7.5 HIGH
CVE-2026-24210 — NVIDIA Triton Inference Server Integer Overflow Denial of Service

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to denial of service.

Remote | Denial of Service
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
7.5 HIGH
CVE-2026-24209 — NVIDIA Triton Inference Server Path Traversal Denial of Service Vulnerability

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service.

Remote | Path Traversal
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
5.3 MEDIUM
CVE-2026-24208 — NVIDIA Triton Inference Server Path Traversal Denial of Service

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service.

Remote | Path Traversal
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
9.8 CRITICAL
CVE-2026-24207 — NVIDIA Triton Inference Server Authentication Bypass

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of …

Remote | Authentication
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
7.3 HIGH
CVE-2026-24206 — NVIDIA Triton Inference Server Authentication Bypass Vulnerability

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, deni…

Remote | Authentication
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
7.5 HIGH
CVE-2026-24163 — NVIDIA TRT-LLM RPC Deserialization Vulnerability

NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execut…

| Injection
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
5.5 MEDIUM
CVE-2026-24160 — NVIDIA TRT-LLM Null Pointer Dereference Denial of Service

NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead …

| Denial of Service
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
6.3 MEDIUM
CVE-2026-24142 — NVIDIA TRT-LLM Deserialization RCE and Tampering Vulnerability

NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and i…

| Injection
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
7.5 HIGH
CVE-2025-33255 — NVIDIA TRT-LLM MPI Server Deserialization Vulnerability

NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code executio…

| Injection
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
Showing 20 of 6416 Results