Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2026-36912

CVE-2026-36912_CVE-2026-36912

A NULL pointer dereference in the AP4_AtomSampleTable::GetSample() function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause ...

n/a n/a n/a CVE
HIGH 7.5 CVE-2026-52190

CVE-2026-52190_CVE-2026-52190

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_4...

n/a n/a n/a CVE
HIGH 7.5 CVE-2026-38891

CVE-2026-38891_CVE-2026-38891

An improper input validation in the gazebo_ros_diff_drive.cpp component of gazebo_plugins v3.9.0 allows attackers to cause a Denial of Service (DoS...

n/a n/a n/a CVE
HIGH 8.8 CVE-2026-14394

CVE-2026-14394_CVE-2026-14394

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML pa...

Google Chrome 150.0.7871.46 CVE
HIGH 8.8 CVE-2026-14385

CVE-2026-14385_CVE-2026-14385

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a...

Google Chrome 150.0.7871.46 CVE
HIGH 7.1 CVE-2026-57678

WordPress Slider Revolution plugin 7.0.0-7.0.16 – Cross Site Scripting (XSS) vulnerability_CVE-2026-57678

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemePunch Slider Revolution allows Reflected...

ThemePunch Slider Revolution 7.0.0 CVE
HIGH 8.8 CVE-2026-56037

WordPress Themify Popup plugin <= 1.4.3 - PHP Object Injection vulnerability_CVE-2026-56037

Deserialization of Untrusted Data vulnerability in Themify Themify Popup allows Object Injection. This issue affects Themify Popup: from n/a throu...

Themify Themify Popup n/a CVE
HIGH 7.7 CVE-2026-58652

luci-app-travelmate – Arbitrary Command Execution via UCI Script Parameter_CVE-2026-58652

luci-app-travelmate (and the travelmate package) contain a privilege-escalation flaw: a LuCI/rpcd session holding the luci-app-travelmate write ACL...

openwrt luci-app-travelmate 2.4.5-r3 CVE
HIGH 8.8 CVE-2026-57766

WordPress WPIDE – File Manager & Code Editor plugin <= 3.5.6 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2026-57766

Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE – File Manager & Code Editor

XplodedThemes WPIDE – File Manager & Code Editor n/a CVE
HIGH 8.5 CVE-2026-57765

WordPress WP EasyCart plugin <= 5.9.0 - SQL Injection vulnerability_CVE-2026-57765

Contributor SQL Injection in WP EasyCart

Levelfourdevelopment WP EasyCart n/a CVE