Critical-severity advisories
60 alerts in this category.
CVEs and security advisories rated CRITICAL — exploitation is trivial or already observed in the wild and impact is severe. These are the alerts that get prioritized first in any sane vulnerability-management program.
Critical Vulnerability: CVE-2013-5017 — symantec — web_gateway
SNMPConfig.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote attackers to execute arbitrary commands via unspecified vectors.
symantecCVE-2013-5017Critical Vulnerability: CVE-2014-1524 — mozilla, canonical — firefox, seamonkey
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether obje
mozilla, canonicalCVE-2014-1524Critical Vulnerability: CVE-2014-1532 — mozilla, fedoraproject — firefox, seamonkey
Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonke
mozilla, fedoraprojectCVE-2014-1532Critical Vulnerability: CVE-2014-2323 — lighttpd, debian — lighttpd, debian_linux
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.
lighttpd, debianCVE-2014-2323Critical Vulnerability: CVE-2014-1511 — mozilla, canonical — firefox, seamonkey
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
mozilla, canonicalCVE-2014-1511Critical Vulnerability: CVE-2014-1514 — mozilla, debian — firefox, seamonkey
vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a c
mozilla, debianCVE-2014-1514Critical Vulnerability: CVE-2014-1493 — mozilla, canonical — firefox, seamonkey
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to ca
mozilla, canonicalCVE-2014-1493Critical Vulnerability: CVE-2014-1510 — mozilla, canonical — firefox, seamonkey
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code
mozilla, canonicalCVE-2014-1510Critical Vulnerability: CVE-2014-1508 — mozilla, redhat — firefox, seamonkey
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive
mozilla, redhatCVE-2014-1508Critical Vulnerability: CVE-2026-34408
An issue was discovered in Gambio 4.9.2.0 (patched in 2024-02 v1.0.0 for GX4 v4.0.0.0 to v4.9.2.0). The password reset function can be bypassed to set arbitrary passwords for arbitrary accounts if the
CVE-2026-34408Critical Vulnerability: CVE-2026-42027 — apache — opennlp
Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The ExtensionLoader.instantiateExtension(Cl
apacheCVE-2026-42027Critical Vulnerability: CVE-2026-42233 — n8n — n8n
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the Oracle Database node's select operation allowed user-controlled input passed into the
n8nCVE-2026-42233Critical Vulnerability: CVE-2026-7411
In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel HTTP API allows an unauthenticated remote attacker to perform a path traversal atta
CVE-2026-7411Critical Vulnerability: CVE-2023-54342
Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the
CVE-2023-54342Critical Vulnerability: CVE-2026-40682 — apache — opennlp
XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor c
apacheCVE-2026-40682Critical Vulnerability: CVE-2026-41930
Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin cont
CVE-2026-41930Critical Vulnerability: CVE-2026-7854 — dlink — di-8100_firmware, di-8100
A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function url_rule_asp of the file /url_rule.asp of the component POST Parameter Handler.
dlinkCVE-2026-7854Critical Vulnerability: CVE-2026-42235 — n8n — n8n
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an unauthenticated attacker could register a malicious MCP OAuth client with a crafted client_name.
n8nCVE-2026-42235Critical Vulnerability: CVE-2026-26332 — vm2_project — vm2
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, SuppressedError allows attackers to escape the sandbox and run arbitrary code. This issue has been patched in version 3.11.0.
vm2_projectCVE-2026-26332Critical Vulnerability: CVE-2026-42796
Arelle before 2.39.10 contains an unauthenticated remote code execution vulnerability in the /rest/configure REST endpoint that accepts a plugins query parameter and forwards it to the plugin manager
CVE-2026-42796Critical Vulnerability: CVE-2026-7823
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results
CVE-2026-7823Critical Vulnerability: CVE-2026-7853 — dlink — di-8100_firmware, di-8100
A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /auto_reboot.asp of the component HTTP Handler. This manipulation of the argument enable/time
dlinkCVE-2026-7853Critical Vulnerability: CVE-2025-13618
The Mentoring plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.2.8. This is due to the plugin not properly restricting the roles that users can regist
CVE-2025-13618Critical Vulnerability: CVE-2023-54344
Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface.
CVE-2023-54344Critical Vulnerability: CVE-2026-42238 — nginxui — nginx_ui
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, nginx-ui exposes a backup restore endpoint (POST /api/restore) that is completely unauthenticated during the first 10
nginxuiCVE-2026-42238Critical Vulnerability: CVE-2026-25293 — qualcomm — qca7005_firmware, qca7005
Buffer overflow due to incorrect authorization in PLC FW
qualcommCVE-2026-25293Critical Vulnerability: CVE-2026-5722
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or re
CVE-2026-5722Critical Vulnerability: CVE-2025-14320
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allow
CVE-2025-14320Critical Vulnerability: CVE-2026-7747
A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Pe
CVE-2026-7747Critical Vulnerability: CVE-2026-42375 — dlink — dir-600l_firmware, dir-600l
D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static
dlinkCVE-2026-42375Critical Vulnerability: CVE-2026-5294
The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.2.2. This is due to a nopriv AJAX route allowing attacker-controlled model/function dispat
CVE-2026-5294Critical Vulnerability: CVE-2026-38429
OpenCMS v20 and before is vulnerable to XML External Entity (XXE) in the Admin Import DB feature due to insecure XML parsing of user supplied .zip files containing a manifest.xml.
CVE-2026-38429Critical Vulnerability: CVE-2026-42373 — dlink — dir-605l_firmware, dir-605l
D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the st
dlinkCVE-2026-42373Critical Vulnerability: CVE-2026-42374 — dlink — dir-600l_firmware, dir-600l
D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static
dlinkCVE-2026-42374Critical Vulnerability: CVE-2026-7834
A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation leads to stack-base
CVE-2026-7834Critical Vulnerability: CVE-2026-40797
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder LLC WebinarIgnition allows Blind SQL Injection. This issue affects WebinarIgnition: f
CVE-2026-40797Critical Vulnerability: CVE-2025-70067
Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file
CVE-2025-70067Critical Vulnerability: CVE-2026-36760
An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files wi
CVE-2026-36760Critical Vulnerability: CVE-2026-42364 — geovision — gv-lpc2011_firmware, gv-lpc2011
An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An
geovisionCVE-2026-42364Critical Vulnerability: CVE-2026-42473
Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from the filesystem in the FileHandler object.
CVE-2026-42473Critical Vulnerability: CVE-2026-36767
A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request.
CVE-2026-36767Critical Vulnerability: CVE-2026-7719
A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The m
CVE-2026-7719Critical Vulnerability: CVE-2026-7546
A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. The impacted element is the function find_host_ip of the component lighttpd. Such manipulation of the argument Hos
CVE-2026-7546Critical Vulnerability: CVE-2025-71284 — synway — smg_gateway_management_software
Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter is split and int
synwayCVE-2025-71284Critical Vulnerability: CVE-2026-7161 — geovision — gv-ip_device_utility
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An atta
geovisionCVE-2026-7161Critical Vulnerability: CVE-2026-42482 — hashcat — hashcat
A stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in src/rp_cpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code vi
hashcatCVE-2026-42482Critical Vulnerability: CVE-2026-4882
The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'URAF_AJAX::method_upload' function in all versions up to,
CVE-2026-4882Critical Vulnerability: CVE-2026-33446 — absolute — secure_access
CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwr
absoluteCVE-2026-33446Critical Vulnerability: CVE-2026-42779 — apache — mina
The fix for CVE-2026-41635 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one
apacheCVE-2026-42779Critical Vulnerability: CVE-2026-7458
The User Verification by PickPlugins plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.46. This is due to the use of a loose PHP comparison operator
CVE-2026-7458Critical Vulnerability: CVE-2026-42369
GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible
CVE-2026-42369Critical Vulnerability: CVE-2026-7372 — geovision — gv-vms_firmware, gv-vms
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can
geovisionCVE-2026-7372Critical Vulnerability: CVE-2026-42484 — hashcat — hashcat
A heap-based buffer overflow in hex_to_binary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash fil
hashcatCVE-2026-42484Critical Vulnerability: CVE-2026-42368 — geovision — gv-lpc2011_firmware, gv-lpc2011
A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacke
geovisionCVE-2026-42368Critical Vulnerability: CVE-2026-42483 — hashcat — hashcat
A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issu
hashcatCVE-2026-42483Critical Vulnerability: CVE-2026-7567
The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybe_login_temporary_user() func
CVE-2026-7567Critical Vulnerability: CVE-2026-7538
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of
CVE-2026-7538Critical Vulnerability: CVE-2026-42778 — apache — mina
The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was inco
apacheCVE-2026-42778Critical Vulnerability: CVE-2025-14543 — rti — connext_professional
Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Libraries) allows Serialized Data External Linking.This issue affects Connext Professional: from 7.4.0
rtiCVE-2025-14543Critical Vulnerability: CVE-2022-50993
Weaver (Fanwei) E-office versions prior to 10.0_20221201 contain an unauthenticated arbitrary file upload vulnerability in the OfficeServer.php endpoint that allows remote attackers to upload maliciou
CVE-2022-50993
Get alerts that match YOUR environment
This page shows everything in the category. Vulnios narrows it down to alerts that affect your actual asset inventory — only the CVEs you need to act on.
Start a free scan