Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
10.0 HIGH
CVE-2026-9476 — Totolink A8000RU Web Management cstecgi.cgi setPasswordCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interfa…

a8000ru_firmware | Remote | Injection
May 25, 2026 May 26, 2026
May 25, 2026
May 26, 2026
10.0 HIGH
CVE-2026-9475 — Totolink A8000RU Web Management cstecgi.cgi setIpQosRules os command injection

A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipu…

a8000ru_firmware | Remote | Injection
May 25, 2026 May 26, 2026
May 25, 2026
May 26, 2026
7.5 HIGH
CVE-2026-9474 — yashpokharna2555 StudentManagementSystem studentdel.php confirm_logged_in sql injection

A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. Affected by this issue is the function confirm_logged_in of the file /studentdel.…

studentmanagementsystem | Remote | Injection
May 25, 2026 May 26, 2026
May 25, 2026
May 26, 2026
6.5 MEDIUM
CVE-2026-9473 — c-rick jimeng-mcp api.ts generateVideo path traversal

A vulnerability has been found in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the function getFileContent/uploadCoverFile/generateImage/generateVideo of the file src/api.ts. The manip…

jimeng-mcp | Remote | Path Traversal
May 25, 2026 May 26, 2026
May 25, 2026
May 26, 2026
6.5 MEDIUM
CVE-2026-9472 — dazeb markdown-downloader index.ts create_subdirectory path traversal

A flaw has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af817623af55e3384df5a6a. Affected is the function download_markdown/list_downloaded_files/create_subdirectory of the file src…

markdown-downloader | Remote | Path Traversal
May 25, 2026 May 26, 2026
May 25, 2026
May 26, 2026
4.0 MEDIUM
CVE-2026-9471 — yashpokharna2555 StudentManagementSystem student.php cross site scripting

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation…

studentmanagementsystem | Remote | Cross-Site Scripting
May 25, 2026 May 26, 2026
May 25, 2026
May 26, 2026
6.6 MEDIUM
CVE-2026-27768 — Microsoft SharePoint SQL Injection

SQL Injection affecting the Access Manager role.

security_center | Injection
May 25, 2026 May 26, 2026
May 25, 2026
May 26, 2026
Showing 20 of 7787 Results