Latest CVE Feed

CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable

Score

Vulnerability

Published

4.3 MEDIUM

CVE-2026-10114 — Open5GS Shared NF-profile nnrf-handler.c handle_scp_info out-of-bounds write

A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function handle_scp_info in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. This man…

open5gs | Remote | Memory Corruption

May 30, 2026 Jun 02, 2026

May 30, 2026

Jun 02, 2026

7.5 HIGH

CVE-2026-9757 — GEO my WP <= 4.5.5 - Unauthenticated SQL Injection via 'swlatlng' / 'nelatlng' Parameters

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $_SERVER['QUERY…

geo_my_wordpress | Remote | Injection

May 30, 2026 Jun 01, 2026

May 30, 2026

Jun 01, 2026

8.8 HIGH

CVE-2026-7465 — Spectra Gutenberg Blocks <= 2.19.25 - Authenticated (Contributor+) Remote Code Execution …

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible f…

spectra | Remote | Injection

May 30, 2026 Jun 01, 2026

May 30, 2026

Jun 01, 2026

7.5 HIGH

CVE-2026-7459 — Simple History – Track, Log, and Audit WordPress Changes <= 5.26.0 - Authenticated (Subsc…

The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated (Subscriber+) account takeover in all versions up to, and including, 5.26.0 via the ev…

Remote | Authentication

May 30, 2026 Jun 01, 2026

May 30, 2026

Jun 01, 2026

Showing 20 of 7224 Results

Browse by Apps

Latest CVE Feed

Cookie Preferences