Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.2 HIGH
CVE-2025-46607 — Dell PowerProtect Data Domain DD OS Improper Authentication Vulnerability

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with r…

powerprotect_data_domain data_domain_operating_system | Remote | Authentication
Apr 17, 2026 May 05, 2026
Apr 17, 2026
May 05, 2026
7.2 HIGH
CVE-2025-46606 — Dell PowerProtect Data Domain DD OS Authentication Bypass

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper restriction of excessive authentication attempts vulnerability.…

powerprotect_data_domain data_domain_operating_system | Remote | Authentication
Apr 17, 2026 May 08, 2026
Apr 17, 2026
May 08, 2026
7.2 HIGH
CVE-2025-46605 — Dell PowerProtect Data Domain Session Fixation Vulnerability

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain a session fixation vulnerability. A high privileged attacker with remote ac…

powerprotect_data_domain data_domain_operating_system | Remote | Authentication
Apr 17, 2026 May 08, 2026
Apr 17, 2026
May 08, 2026
8.3 HIGH
CVE-2026-6483 — Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. …

wl-wn530h4_firmware | Remote | Injection
Apr 17, 2026 Apr 22, 2026
Apr 17, 2026
Apr 22, 2026
6.9 MEDIUM
CVE-2026-5131 — Server-Side Request Forgery in GREENmod

GREENmod uses named pipes for communication between plugins, the web portal, and the system service, but the access control lists for these pipes are configured incorrectly. This allows an attacker t…

Remote | Server-Side Request Forgery
Apr 17, 2026 Apr 17, 2026
Apr 17, 2026
Apr 17, 2026
6.7 MEDIUM
CVE-2026-35153 — Dell PowerProtect Data Domain Argument Injection Vulnerability

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralizat…

powerprotect_data_domain data_domain_operating_system powerprotect_dp_series_appliance | Injection
Apr 17, 2026 May 08, 2026
Apr 17, 2026
May 08, 2026
6.7 MEDIUM
CVE-2026-35074 — Dell PowerProtect Data Domain OS Command Injection

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralizat…

powerprotect_data_domain data_domain_operating_system powerprotect_dp_series_appliance | Injection
Apr 17, 2026 May 08, 2026
Apr 17, 2026
May 08, 2026
6.7 MEDIUM
CVE-2026-35073 — Dell PowerProtect Data Domain OS Command Injection Vulnerability

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralizat…

powerprotect_data_domain data_domain_operating_system | Injection
Apr 17, 2026 May 08, 2026
Apr 17, 2026
May 08, 2026
6.7 MEDIUM
CVE-2026-35072 — Dell PowerProtect Data Domain OS Command Injection

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralizat…

powerprotect_data_domain data_domain_operating_system powerprotect_dp_series_appliance | Injection
Apr 17, 2026 May 08, 2026
Apr 17, 2026
May 08, 2026
Showing 20 of 6229 Results