Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2026-23858

    Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Cross-Site Scripting

  • 7.6

    HIGH
    CVE-2026-23805

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yoren Chang Media Search Enhanced media-search-enhanced allows SQL Injection.This issue affects Media Search Enhanced: from n/a through <= 0.9.1.... Read more

    Affected Products :
    • Published: Feb. 19, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2026-22766

    Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2026-22765

    Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2026-22384

    Deserialization of Untrusted Data vulnerability in leafcolor Applay - Shortcodes applay-shortcodes allows Object Injection.This issue affects Applay - Shortcodes: from n/a through <= 3.7.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2026-22354

    Deserialization of Untrusted Data vulnerability in Dotstore Woocommerce Category Banner Management banner-management-for-woocommerce allows Object Injection.This issue affects Woocommerce Category Banner Management: from n/a through <= 2.5.1.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2026-1768

    A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Authorization

  • 9.3

    CRITICAL
    CVE-2025-69366

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Emerce Core emerce-core allows Blind SQL Injection.This issue affects Emerce Core: from n/a through <= 1.8.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-69365

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Uroan Core uroan-core allows Blind SQL Injection.This issue affects Uroan Core: from n/a through <= 1.4.4.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-69337

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Wolmart Core wolmart-core allows Blind SQL Injection.This issue affects Wolmart Core: from n/a through <= 1.9.6.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-69329

    Deserialization of Untrusted Data vulnerability in Jthemes Prestige prestige allows Object Injection.This issue affects Prestige: from n/a through < 1.4.1.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-69328

    Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Object Injection.This issue affects Booking and Rental Manager: from n/a through <= 2.5.9.... Read more

    Affected Products : booking_\&_rental_manager
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 5.3

    MEDIUM
    CVE-2025-69325

    Path Traversal: '.../...//' vulnerability in primersoftware Primer MyData for Woocommerce primer-mydata allows Path Traversal.This issue affects Primer MyData for Woocommerce: from n/a through <= 4.2.8.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Path Traversal

  • 9.3

    CRITICAL
    CVE-2025-69310

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Woodly Core woodly-core allows Blind SQL Injection.This issue affects Woodly Core: from n/a through <= 1.4.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-69309

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Saasplate Core saasplate-core allows Blind SQL Injection.This issue affects Saasplate Core: from n/a through <= 1.2.8.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-69308

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Nestbyte Core nestbyte-core allows Blind SQL Injection.This issue affects Nestbyte Core: from n/a through <= 1.2.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-69307

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Medinik Core medinik-core allows Blind SQL Injection.This issue affects Medinik Core: from n/a through <= 1.3.6.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-69306

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Electio Core electio-core allows Blind SQL Injection.This issue affects Electio Core: from n/a through <= 1.4.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-69305

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Crete Core crete-core allows Blind SQL Injection.This issue affects Crete Core: from n/a through <= 1.4.3.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-69304

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Allmart allmart-core allows Blind SQL Injection.This issue affects Allmart: from n/a through <= 1.1.... Read more

    Affected Products :
    • Published: Feb. 20, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection
Showing 20 of 4808 Results