Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.3

    HIGH
    CVE-2022-4001

    An authentication bypass vulnerability could allow an attacker to access API functions without authentication.... Read more

    Affected Products :
    • Published: Jul. 31, 2024
    • Modified: Aug. 01, 2024

  • 7.5

    HIGH
    CVE-2024-41950

    Haystack is an end-to-end LLM framework that allows you to build applications powered by LLMs, Transformer models, vector search and more. Haystack clients that let their users create and run Pipelines from scratch are vulnerable to remote code executions... Read more

    Affected Products :
    • Published: Jul. 31, 2024
    • Modified: Aug. 01, 2024

  • 9.4

    CRITICAL
    CVE-2024-7205

    When the device is shared, the homepage module are before 2.19.0  in eWeLink Cloud Service allows Secondary user to take over devices as primary user via sharing unnecessary device-sensitive information.... Read more

    Affected Products : ewelink
    • Published: Jul. 31, 2024
    • Modified: Jul. 31, 2024

  • 7.2

    HIGH
    CVE-2024-6770

    The Lifetime free Drag & Drop Contact Form Builder for WordPress VForm plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping. This makes it ... Read more

    Affected Products :
    • Published: Jul. 31, 2024
    • Modified: Jul. 31, 2024

  • 6.5

    MEDIUM
    CVE-2024-7135

    The Tainacan plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_file' function in all versions up to, and including, 0.21.7. The function is also vulnerable to directory traversal. This makes it... Read more

    Affected Products : tainacan
    • Published: Jul. 31, 2024
    • Modified: Jul. 31, 2024

  • 5.3

    MEDIUM
    CVE-2024-2508

    The WP Mobile Menu plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_menu_item_icon function in all versions up to, and including, 2.8.4.4. This makes it possible for unauthenticated atta... Read more

    Affected Products :
    • Published: Jul. 31, 2024
    • Modified: Jul. 31, 2024
Showing 20 of 290006 Results