Where
-Infinity
0

Trending

Last week
Last month
Last year

Sourcecodester Indian Invoicing SystemSourceCodester Indian Invoicing System Invoice Template Render Database-Backed add_order.php cross site scripting

Risk 21
Severity
3.5
First published (updated )
CVE-2026-9414

Spip SPIPaction/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability.

Risk 19
Severity
3.5
First published (updated )
CVE-2026-48832

Besen Besen BS20 EV Charging StationBesen BS20 EV Charging Station BLE/WiFi authentication replay

Risk 17
Severity
3.1
First published (updated )
CVE-2026-9398

Besen BS20 EV Charging StationBesen BS20 EV Charging Station Firmware Version Check ui layer

Risk 20
Severity
3.7
First published (updated )
CVE-2026-9396

Besen BS20 EV Charging StationBesen BS20 EV Charging Station BLE/UDP insufficiently protected credentials

Risk 19
Severity
3.5
First published (updated )
CVE-2026-9395
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Besen Besen BS20 EV Charging StationBesen BS20 EV Charging Station Bluetooth Low Energy weak password

Risk 17
Severity
3.1
First published (updated )
CVE-2026-9394

Sourcecodester SUP Online ShoppingSourceCodester SUP Online Shopping productedit.php cross site scripting

Risk 13
Severity
2.4
EPSS
0.03%
First published (updated )
CVE-2026-9377

Jeecg JeecgBootJeecgBoot OpenAPI Endpoint call improper authentication

Risk 15
Severity
3.7
EPSS
0.06%
First published (updated )
CVE-2026-9373

maven/com.ulisesbocchio/jasypt-spring-bootulisesbocchio jasypt-spring-boot Password Hash SimpleGCMConfig.java getSecretKeySaltGenerator hash predictable salt

Risk 15
Severity
3.7
EPSS
0.02%
First published (updated )
CVE-2026-9370

vBulletin vBulletinvBulletin Login cross site scripting

Risk 15
Severity
3.5
EPSS
0.03%
First published (updated )
CVE-2026-9357
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

QuantumNous new-apiQuantumNous new-api Midjourney Image Relay Endpoint relay-router.go GetByOnlyMJId authorization

Risk 15
Severity
3.7
EPSS
0.03%
First published (updated )
CVE-2026-9306

Typebot TypebotTypeBot: Cross-Typebot Result Data Access via Missing typebotId Filter

Risk 17
Severity
3.1
First published (updated )
CVE-2026-39967

Dell PowerFlex ManagerDell PowerFlex Manager, version(s) <=4.6.2, contain(s) a Use of a Broken or Risky Cryptographic Algo…

Risk 25
Severity
3.6
First published (updated )
CVE-2025-46371

STERLack of traffic encryption in STER

Risk 23
Severity
2.3
First published (updated )
CVE-2026-25608

nuget/Magick.NET-Q8-x86The PasskeyEncipherImage method is vulnerable to information disclosure via AES-CTR nonce reuse. Ima…

Risk 20
Severity
3.7
First published (updated )
Advisory
GHSA-qv2q-c278-pch5
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Concrete CMS Concrete CMSConcrete CMS 9.5.0 and below is vulnerable to Stored XSS via external-link page cvName

Risk 15
Severity
2
EPSS
0.04%
First published (updated )
CVE-2026-8139

Concrete CMS Concrete CMSConcrete CMS 9.5.0 is vulnerable to SSRF via RSS Displayer Block

Risk 10
Severity
2.1
EPSS
0.04%
First published (updated )
CVE-2026-7890

nuget/Magick.NET-Q8-x86Integer Overflow, Divide by Zero

Risk 17
Severity
3.3
First published (updated )
Advisory
GHSA-vf33-6r7x-66xx

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/delete

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8409

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/bulk/delete

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8410
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/delete

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8411

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cache

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8412

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/design

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8413

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicate

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8414

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/express/association/reorder

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8415
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file addFavoriteFolder($id)

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8416

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file removeFavoriteFolder($id)

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8427

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star()

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8432

Concrete CMS Concrete CMSConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan()

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8433

Concrete CMS Concrete CMS 9Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescanMultiple()

Risk 11
Severity
2.3
EPSS
0.02%
First published (updated )
CVE-2026-8434
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203