Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-9374 — yangzongzhuan RuoYi-Vue Common Upload Endpoint upload FileUploadUtils.upload unrestricted…

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a mani…

ruoyi-vue | Remote | Misconfiguration
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
6.3 MEDIUM
CVE-2026-9373 — JeecgBoot OpenAPI Endpoint call improper authentication

A vulnerability has been found in JeecgBoot 3.9.1. This issue affects some unknown processing of the file /openapi/call/ of the component OpenAPI Endpoint. Such manipulation leads to improper authent…

jeecgboot | Remote | Authentication
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
7.5 HIGH
CVE-2026-9372 — ItzCrazyKns Vane Model Provider API route.ts server-side request forgery

A flaw has been found in ItzCrazyKns Vane up to 1.12.1. This vulnerability affects unknown code of the file src/app/api/providers/route.ts of the component Model Provider API. This manipulation of th…

vane | Remote | Server-Side Request Forgery
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
Showing 20 of 7523 Results