Search Vulnerabilities

Kiota: Code Generation Literal Injection

Apr 22, 2026

CVE-2026-40911

WWBN AVideo YPTSocket WebSocket Broadcast Relay Leads to Unauthenticated Cross-User JavaScript Execution via Client-Side eval() Sinks

CVE-2026-6745

Bagisto Custom Scripts cross site scripting

CVE-2026-40602

hass-cli: Handling of user-supplied Jinja2 templates

CVE-2026-6743

WebSystems WebTOTUM Calendar cross site scripting

CVE-2026-32613

Spinnaker vulnerable to RCE via expression parsing due to unrestricted context handling

CVE-2026-6652

Pagekit CMS StringStorage Template PhpEngine.php evaluate eval injection

CVE-2026-39918

Vvveb < 1.0.8.1 Code Injection via Installation Endpoint

CVE-2026-6651

erponline.xyz ERP Online Inventory Edit Item cross site scripting

CVE-2026-6648

Qibo CMS Internal Message cross site scripting

CVE-2026-6633

Yifang CMS Extended Management L_rbac_admin.php store cross site scripting

CVE-2026-6624

BichitroGan ISP Billing Software Pool List add cross site scripting

CVE-2026-6623

BichitroGan ISP Billing Software Profile users-view cross site scripting

CVE-2026-6622

BichitroGan ISP Billing Software Customer edit cross site scripting

CVE-2026-6621

1024bit extend-deep index.js prototype pollution

CVE-2026-6619

langgenius dify ImagePreview image-preview.tsx openInNewTab cross site scripting

CVE-2026-41282

ProjectDiscovery Nuclei 3 before 3

CVE-2026-6603

modelscope agentscope _python.py execute_shell_command code injection

CVE-2026-6600

langflow-ai langflow Frontend React Component Rendering edit-message.tsx cross site scripting

CVE-2026-6594

brikcss merge prototype pollution

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-41134

Kiota: Code Generation Literal Injection

Apr 22, 2026

CVE-2026-40911

WWBN AVideo YPTSocket WebSocket Broadcast Relay Leads to Unauthenticated Cross-User JavaScript Execution via Client-Side eval() Sinks

CVE-2026-6745

Bagisto Custom Scripts cross site scripting

CVE-2026-40602

hass-cli: Handling of user-supplied Jinja2 templates

CVE-2026-6743

WebSystems WebTOTUM Calendar cross site scripting

CVE-2026-32613

Spinnaker vulnerable to RCE via expression parsing due to unrestricted context handling

CVE-2026-6652

Pagekit CMS StringStorage Template PhpEngine.php evaluate eval injection

CVE-2026-39918

Vvveb < 1.0.8.1 Code Injection via Installation Endpoint

CVE-2026-6651

erponline.xyz ERP Online Inventory Edit Item cross site scripting

CVE-2026-6648

Qibo CMS Internal Message cross site scripting

CVE-2026-6633

Yifang CMS Extended Management L_rbac_admin.php store cross site scripting

CVE-2026-6624

BichitroGan ISP Billing Software Pool List add cross site scripting

CVE-2026-6623

BichitroGan ISP Billing Software Profile users-view cross site scripting

CVE-2026-6622

BichitroGan ISP Billing Software Customer edit cross site scripting

CVE-2026-6621

1024bit extend-deep index.js prototype pollution

CVE-2026-6619

langgenius dify ImagePreview image-preview.tsx openInNewTab cross site scripting

CVE-2026-41282

ProjectDiscovery Nuclei 3 before 3

CVE-2026-6603

modelscope agentscope _python.py execute_shell_command code injection

CVE-2026-6600

langflow-ai langflow Frontend React Component Rendering edit-message.tsx cross site scripting

CVE-2026-6594

brikcss merge prototype pollution