Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
4.3 MEDIUM
CVE-2026-4843 — GSheet For Woo Importer <= 2.3.1 - Missing Authorization to Authenticated (Subscriber+) P…

The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the process_ajax_restore_action() function in all versions up to, and …

Remote | Authorization
May 21, 2026 May 21, 2026
May 21, 2026
May 21, 2026
8.8 HIGH
CVE-2026-47114 — IINA < 1.4.3 Command Execution via iina://open URL Scheme

IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv_-prefixed query parameters through the…

Remote | Injection
May 21, 2026 May 21, 2026
May 21, 2026
May 21, 2026
7.5 HIGH
CVE-2026-46473 — Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.

Remote | Cryptography
May 21, 2026 May 22, 2026
May 21, 2026
May 22, 2026
Showing 20 of 7483 Results