Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
3.1 LOW
CVE-2026-4874 — Org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: keycloak: server-side …

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `client_session_host` parameter during refresh token requests. This occurs w…

jboss_enterprise_application_platform single_sign-on jboss_enterprise_application_platform_expansion_pack build_of_keycloak | Remote | Server-Side Request Forgery
Mar 26, 2026 Apr 01, 2026
Mar 26, 2026
Apr 01, 2026
9.8 CRITICAL
CVE-2026-4850 — code-projects Simple Laundry System Parameter checkregisitem.php sql injection

A security flaw has been discovered in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /checkregisitem.php of the component Parameter Handler. The manipulation of…

simple_laundry_system | Remote | Injection
Mar 26, 2026 Apr 03, 2026
Mar 26, 2026
Apr 03, 2026
6.1 MEDIUM
CVE-2026-4849 — code-projects Simple Laundry System Parameter modify.php cross site scripting

A vulnerability was identified in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file /modify.php of the component Parameter Handler. The manipulation of the argumen…

simple_laundry_system | Remote | Cross-Site Scripting
Mar 26, 2026 Apr 03, 2026
Mar 26, 2026
Apr 03, 2026
Showing 20 of 5983 Results