Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.7 HIGH
CVE-2026-26017 — CoreDNS ACL Bypass

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Secur…

coredns | Remote | Misconfiguration
Mar 06, 2026 Mar 09, 2026
Mar 06, 2026
Mar 09, 2026
8.7 HIGH
CVE-2026-24696 — Everon api.everon.io Improper Restriction of Excessive Authentication Attempts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks b…

Remote | Authentication
Mar 06, 2026 Mar 10, 2026
Mar 06, 2026
Mar 10, 2026
8.7 HIGH
CVE-2026-20882 — Mobiliti e-mobi.hu Improper Restriction of Excessive Authentication Attempts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks b…

Remote | Authentication
Mar 06, 2026 Mar 10, 2026
Mar 06, 2026
Mar 10, 2026
7.3 HIGH
CVE-2026-20748 — Everon api.everon.io Insufficient Session Expiration

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predi…

Remote | Authentication
Mar 06, 2026 Mar 10, 2026
Mar 06, 2026
Mar 10, 2026
Showing 20 of 5884 Results