Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.4 MEDIUM
CVE-2021-47925 — CMDBuild 3.3.2 Multiple Stored Cross-Site Scripting

CMDBuild 3.3.2 contains multiple stored cross-site scripting vulnerabilities that allow authenticated attackers to inject arbitrary web script or HTML via crafted input in card creation and file uplo…

Remote | Cross-Site Scripting
May 10, 2026 May 12, 2026
May 10, 2026
May 12, 2026
6.4 MEDIUM
CVE-2021-47924 — WordPress Plugin Ultimate Product Catalogue 5.8.2 Stored XSS via price

Ultimate Product Catalogue 5.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the price parameter. Attackers can submit…

ultimate_product_catalog | Remote | Cross-Site Scripting
May 10, 2026 May 28, 2026
May 10, 2026
May 28, 2026
9.8 CRITICAL
CVE-2021-47923 — OpenCart 3.0.3.8 Session Fixation via OCSESSID Cookie

OpenCart 3.0.3.8 contains a session fixation vulnerability that allows attackers to hijack user sessions by injecting arbitrary values into the OCSESSID cookie. Attackers can set malicious OCSESSID c…

opencart | Remote | Authentication
May 10, 2026 May 12, 2026
May 10, 2026
May 12, 2026
6.4 MEDIUM
CVE-2021-47922 — WordPress Plugin Slider by Soliloquy 2.6.2 Stored XSS

Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. Attackers can add JavaScrip…

Remote | Cross-Site Scripting
May 10, 2026 May 12, 2026
May 10, 2026
May 12, 2026
6.4 MEDIUM
CVE-2021-47910 — WordPress Plugin AccessPress Social Icons 1.8.2 Stored XSS

AccessPress Social Icons 1.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering JavaScript payloads into the 'icon titl…

accesspress_social_icons | Remote | Cross-Site Scripting
May 10, 2026 May 12, 2026
May 10, 2026
May 12, 2026
6.4 MEDIUM
CVE-2021-47907 — Rocket LMS 1.1 Persistent Cross-Site Scripting via Support Tickets

Rocket LMS 1.1 contains a persistent cross-site scripting vulnerability in the support ticket module that allows authenticated users to inject malicious script code through the title parameter. Attac…

rocket_lms | Remote | Cross-Site Scripting
May 10, 2026 May 12, 2026
May 10, 2026
May 12, 2026
5.5 MEDIUM
CVE-2026-8244 — Industrial Application Software IAS Canias ERP Login RMI improper authentication

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVe…

canias_erp | Remote | Authentication
May 10, 2026 May 18, 2026
May 10, 2026
May 18, 2026
6.9 MEDIUM
CVE-2026-8243 — Industrial Application Software IAS Canias ERP JNLP Deployment Endpoint hard-coded key

A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to…

canias_erp | Remote | Cryptography
May 10, 2026 May 18, 2026
May 10, 2026
May 18, 2026
3.7 LOW
CVE-2026-8242 — Industrial Application Software IAS Canias ERP Login RMI doAction response discrepancy

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results…

canias_erp | Remote | Information Disclosure
May 10, 2026 May 11, 2026
May 10, 2026
May 11, 2026
5.5 MEDIUM
CVE-2026-8241 — Industrial Application Software IAS Canias ERP RMI iasGetServerInfoEvent improper authori…

A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component RMI Interface. Such manipulation lea…

canias_erp | Remote | Authorization
May 10, 2026 May 11, 2026
May 10, 2026
May 11, 2026
Showing 20 of 6950 Results