Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.8 HIGH
CVE-2026-31069 — BillaBear SQL Injection Vulnerability

BillaBear (all versions prior to Jan 2026) contains a SQL Injection vulnerability in the EventRepository. User-controlled input from metric filter names and aggregation properties is directly interpo…

Remote | Injection
May 19, 2026 May 20, 2026
May 19, 2026
May 20, 2026
9.8 CRITICAL
CVE-2026-30118 — Scalar Astro SSRF

scalar/astro v0.1.13 was discovered to contain a Server-Side Request Forgery (SSRF) in the scalar_url query parameter of the Scalar Proxy endpoint. This vulnerability allows unauthenticated attackers…

Remote | Server-Side Request Forgery
May 19, 2026 May 20, 2026
May 19, 2026
May 20, 2026
9.8 CRITICAL
CVE-2026-30117 — Scalar Astro Arbitrary File Upload Vulnerability

scalar/astro v0.1.13 was discovered to contain an arbitrary file upload vulnerability in the the scalar_url query parameter of the Scalar Proxy endpoint. This vulnerability allows attackers to execut…

Remote | Injection
May 19, 2026 May 20, 2026
May 19, 2026
May 20, 2026
Showing 20 of 7583 Results