Latest CVE Vulnerabilities

4.8 MEDIUM

CVE-2026-21291 — Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

8.7 HIGH

CVE-2026-21290 — Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-p…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

7.5 HIGH

CVE-2026-21289 — Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature …

Remote | Authorization

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.3 MEDIUM

CVE-2026-21286 — Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature …

Remote | Authorization

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

4.3 MEDIUM

CVE-2026-21285 — Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature …

Remote | Authorization

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

8.1 HIGH

CVE-2026-21284 — Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.3 MEDIUM

CVE-2026-21282 — Adobe Commerce | Improper Input Validation (CWE-20)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-…

Remote | Denial of Service

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

6.1 MEDIUM

CVE-2026-2324 — LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.7 - Cross-Site Req…

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.7. This is due to missin…

Remote | Cross-Site Request Forgery

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

6.5 MEDIUM

CVE-2026-1781 — MC4WP: Mailchimp for WordPress <= 4.11.1 - Missing Authorization to Unauthenticated Arbit…

The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 4.11.1. This is due to the plugin trusting the `_mc4wp_action` POS…

Remote | Authorization

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

6.1 MEDIUM

CVE-2025-12473 — RTMKit <= 1.6.8 - Reflected Cross-Site Scripting via 'themebuilder' Parameter

The RTMKit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'themebuilder' parameter in all versions up to, and including, 1.6.8 due to insufficient input sanitization and…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.4 MEDIUM

CVE-2026-27266 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.4 MEDIUM

CVE-2026-27265 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.4 MEDIUM

CVE-2026-27264 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.4 MEDIUM

CVE-2026-27263 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.4 MEDIUM

CVE-2026-27262 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable …

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.4 MEDIUM

CVE-2026-27261 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.4 MEDIUM

CVE-2026-27260 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.4 MEDIUM

CVE-2026-27259 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.4 MEDIUM

CVE-2026-27257 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

5.4 MEDIUM

CVE-2026-27256 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…

Remote | Cross-Site Scripting

Mar 11, 2026 Mar 11, 2026

Mar 11, 2026

Latest CVE Feed

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable

Browse by Apps

Latest CVE Feed

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable

Cookie Preferences