Discover Vulnerabilities Now!

Vulnerabilities
---
Vendors
---
Products
---
Vulnerability Media Exposure
These listed vulnerabilities have been referenced across multiple public sources, indicating high media attention and potential significance.
See more
CVE-2026-20127 EUVD-2026-8675
CRITICAL

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. 

cisco:catalyst_sd-wan_manager
cisco:sd-wan_vsmart_controller
CVE-2026-20122 EUVD-2026-8673
MEDIUM

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This vulnerability is due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.

cisco:catalyst_sd-wan_manager
CVE-2026-20128 EUVD-2026-8676
HIGH

A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker to gain DCA user privileges on an affected system. To exploit this vulnerability, the attacker must have valid vmanage credentials on the affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An attacker could exploit this vulnerability by accessing the filesystem as a low-privileged user and reading the file that contains the DCA password from that affected system. A successful exploit could allow the attacker to access another affected system and gain DCA user privileges. Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability.

cisco:catalyst_sd-wan_manager
CVE-2026-21385 EUVD-2026-9202
HIGH

Memory corruption while using alignments for memory allocation.

qualcomm:sm7675p_firmware
qualcomm:sm8475p_firmware
qualcomm:sm8550p_firmware
qualcomm:sm8635_firmware
qualcomm:sm8635p_firmware
qualcomm:sm8650q_firmware
qualcomm:sm8750p_firmware
qualcomm:smart_audio_400_platform_firmware
qualcomm:smart_display_200_platform_firmware
qualcomm:snapdragon_4_gen_1_mobile_platform_firmware
qualcomm:snapdragon_4_gen_2_mobile_platform_firmware
qualcomm:snapdragon_429_mobile_platform_firmware
qualcomm:snapdragon_460_mobile_platform_firmware
qualcomm:snapdragon_480\+_5g_mobile_platform_firmware
qualcomm:snapdragon_480_5g_mobile_platform_firmware
qualcomm:snapdragon_6_gen_1_mobile_platform_firmware
qualcomm:snapdragon_6_gen_3_mobile_platform_firmware
qualcomm:snapdragon_6_gen_4_mobile_platform_firmware
qualcomm:snapdragon_625_mobile_platform_firmware
qualcomm:snapdragon_626_mobile_platform_firmware
qualcomm:snapdragon_660_mobile_platform_firmware
qualcomm:snapdragon_662_mobile_platform_firmware
qualcomm:snapdragon_680_4g_mobile_platform_firmware
qualcomm:snapdragon_685_4g_mobile_platform_firmware
qualcomm:snapdragon_690_5g_mobile_platform_firmware
qualcomm:snapdragon_695_5g_mobile_platform_firmware
qualcomm:snapdragon_7\+_gen_2_mobile_platform_firmware
qualcomm:snapdragon_7_gen_1_mobile_platform_firmware
qualcomm:snapdragon_778g\+_5g_mobile_platform_firmware
qualcomm:snapdragon_778g_5g_mobile_platform_firmware
qualcomm:snapdragon_782g_mobile_platform_firmware
qualcomm:snapdragon_7c\+_gen_3_compute_firmware
qualcomm:snapdragon_7s_gen_3_mobile_platform_firmware
qualcomm:snapdragon_8\+_gen_1_mobile_platform_firmware
qualcomm:snapdragon_8\+_gen_2_mobile_platform_firmware
qualcomm:snapdragon_8_elite_firmware
qualcomm:snapdragon_8_elite_gen_5_firmware
qualcomm:snapdragon_8_gen_1_mobile_platform_firmware
qualcomm:snapdragon_8_gen_2_mobile_platform_firmware
qualcomm:snapdragon_8_gen_3_mobile_platform_firmware
qualcomm:5g_fixed_wireless_access_platform_firmware
qualcomm:apq8098_firmware
qualcomm:ar8031_firmware
qualcomm:ar8035_firmware
qualcomm:c-v2x_9150_firmware
qualcomm:csra6620_firmware
qualcomm:csra6640_firmware
qualcomm:fastconnect_6200_firmware
qualcomm:fastconnect_6700_firmware
qualcomm:fastconnect_6800_firmware
qualcomm:fastconnect_6900_firmware
qualcomm:fastconnect_7800_firmware
qualcomm:flight_rb5_5g_platform_firmware
qualcomm:fsm100_platform_firmware
qualcomm:g1_gen_1_firmware
qualcomm:g2_gen_1_firmware
qualcomm:iq-615_firmware
qualcomm:iq-8275_firmware
qualcomm:iq-8300_firmware
qualcomm:iq-9075_firmware
qualcomm:iq-9100_firmware
qualcomm:lemans_au_lgit_firmware
qualcomm:lemansau_firmware
qualcomm:mdm9250_firmware
qualcomm:mdm9628_firmware
qualcomm:milos_firmware
qualcomm:monaco_iot_firmware
qualcomm:netrani_firmware
qualcomm:orne_firmware
qualcomm:palawan25_firmware
qualcomm:pandeiro_firmware
qualcomm:qam8255p_firmware
qualcomm:qam8295p_firmware
qualcomm:qamsrv1h_firmware
qualcomm:qamsrv1m_firmware
qualcomm:qca2066_firmware
qualcomm:qca6174a_firmware
qualcomm:qca6391_firmware
qualcomm:qca6564a_firmware
qualcomm:qca6564au_firmware
qualcomm:qca6574_firmware
qualcomm:qca6574a_firmware
qualcomm:qca6574au_firmware
qualcomm:qca6584au_firmware
qualcomm:qca6595_firmware
qualcomm:snapdragon_820_automotive_platform_firmware
qualcomm:snapdragon_820am_firmware
qualcomm:snapdragon_865\+_5g_mobile_platform_firmware
qualcomm:snapdragon_865_5g_mobile_platform_firmware
qualcomm:snapdragon_870_5g_mobile_platform_firmware
qualcomm:snapdragon_888\+_5g_mobile_platform_firmware
qualcomm:snapdragon_888_5g_mobile_platform_firmware
qualcomm:snapdragon_ar1\+_gen_1_platform_firmware
qualcomm:snapdragon_ar1_gen_1_platform_firmware
qualcomm:snapdragon_auto_5g_modem-rf_firmware
qualcomm:snapdragon_w5\+_gen_1_wearable_platform_firmware
qualcomm:snapdragon_x12_lte_modem_firmware
qualcomm:snapdragon_x5_lte_modem_firmware
qualcomm:snapdragon_x53_5g_modem-rf_system_firmware
qualcomm:snapdragon_x55_5g_modem-rf_system_firmware
qualcomm:snapdragon_x65_5g_modem-rf_system_firmware
qualcomm:snapdragon_xr2\+_gen_1_platform_firmware
qualcomm:snapdragon_xr2_5g_platform_firmware
qualcomm:srv1h_firmware
qualcomm:srv1m_firmware
qualcomm:sw5100_firmware
qualcomm:sw5100p_firmware
qualcomm:sw6100_firmware
qualcomm:sw6100p_firmware
qualcomm:sxr2230p_firmware
qualcomm:sxr2250p_firmware
qualcomm:sxr2330p_firmware
qualcomm:sxr2350p_firmware
qualcomm:themisto_firmware
qualcomm:video_collaboration_vc1_platform_firmware
qualcomm:video_collaboration_vc3_platform_firmware
qualcomm:video_collaboration_vc5_platform_firmware
qualcomm:vision_intelligence_100_platform_firmware
qualcomm:vision_intelligence_200_platform_firmware
qualcomm:vision_intelligence_400_platform_firmware
qualcomm:wcd9326_firmware
qualcomm:wcd9330_firmware
qualcomm:wcd9335_firmware
qualcomm:wcd9341_firmware
qualcomm:wcd9360_firmware
qualcomm:qca6595au_firmware
qualcomm:qca6678aq_firmware
qualcomm:qca6688aq_firmware
qualcomm:qca6696_firmware
qualcomm:qca6698aq_firmware
qualcomm:qca6698au_firmware
qualcomm:qca6797aq_firmware
qualcomm:qca8081_firmware
qualcomm:qca8337_firmware
qualcomm:qca8695au_firmware
qualcomm:qca9367_firmware
qualcomm:qca9377_firmware
qualcomm:qcm2290_firmware
qualcomm:qcm4325_firmware
qualcomm:qcm4490_firmware
qualcomm:qcm5430_firmware
qualcomm:qcm6125_firmware
qualcomm:qcm6490_firmware
qualcomm:qcn6024_firmware
qualcomm:qcn9011_firmware
qualcomm:qcn9012_firmware
qualcomm:qcn9024_firmware
qualcomm:qcs2290_firmware
qualcomm:qcs4290_firmware
qualcomm:qcs4490_firmware
qualcomm:qcs8550_firmware
qualcomm:qln1083bd_firmware
qualcomm:qln1086bd_firmware
qualcomm:qmp1000_firmware
qualcomm:qpa1083bd_firmware
qualcomm:qpa1086bd_firmware
qualcomm:qrb5165m_firmware
qualcomm:qrb5165n_firmware
qualcomm:qualcomm_215_mobile_platform_firmware
qualcomm:qxm1083_firmware
qualcomm:qxm1086_firmware
qualcomm:qxm1093_firmware
qualcomm:qxm1094_firmware
qualcomm:qxm1095_firmware
qualcomm:qxm1096_firmware
qualcomm:wcd9370_firmware
qualcomm:wcd9371_firmware
qualcomm:wcd9375_firmware
qualcomm:wcd9378_firmware
qualcomm:wcd9380_firmware
qualcomm:wcd9385_firmware
qualcomm:wcd9390_firmware
qualcomm:wcd9395_firmware
qualcomm:wcn3615_firmware
qualcomm:wcn3620_firmware
qualcomm:wcn3660b_firmware
qualcomm:wcn3680b_firmware
qualcomm:wcn3910_firmware
qualcomm:wcn3950_firmware
qualcomm:wcn3980_firmware
qualcomm:wcn3988_firmware
qualcomm:wcn3990_firmware
qualcomm:wcn6450_firmware
qualcomm:wcn6650_firmware
qualcomm:wcn6755_firmware
qualcomm:wcn7860_firmware
qualcomm:wcn7861_firmware
qualcomm:wcn7880_firmware
qualcomm:wcn7881_firmware
qualcomm:wsa8810_firmware
qualcomm:wsa8815_firmware
qualcomm:wsa8830_firmware
qualcomm:wsa8832_firmware
qualcomm:wsa8835_firmware
qualcomm:wsa8840_firmware
qualcomm:wsa8845_firmware
qualcomm:wsa8845h_firmware
qualcomm:robotics_rb2_platform_firmware
qualcomm:robotics_rb5_platform_firmware
qualcomm:sa4150p_firmware
qualcomm:sa4155p_firmware
qualcomm:sa6145p_firmware
qualcomm:sa6150p_firmware
qualcomm:sa6155_firmware
qualcomm:sa6155p_firmware
qualcomm:sa7255p_firmware
qualcomm:sa7775p_firmware
qualcomm:sa8145p_firmware
qualcomm:sa8150p_firmware
qualcomm:sa8155_firmware
qualcomm:sa8155p_firmware
qualcomm:sa8195p_firmware
qualcomm:sa8255p_firmware
qualcomm:sa8295p_firmware
qualcomm:sa8620p_firmware
qualcomm:sa8770p_firmware
qualcomm:sa9000p_firmware
qualcomm:sar1165p_firmware
qualcomm:sar1250p_firmware
qualcomm:sar2130p_firmware
qualcomm:sar2230p_firmware
qualcomm:sc8380xp_firmware
qualcomm:snapdragon_8_gen_1_firmware
qualcomm:sd626_firmware
qualcomm:sd662_firmware
qualcomm:sd865_5g_firmware
qualcomm:sda660_firmware
qualcomm:sdm429w_firmware
qualcomm:sdx61_firmware
qualcomm:sm6225p_firmware
qualcomm:sm6650p_firmware
qualcomm:sm7325p_firmware
qualcomm:sm7435_firmware
qualcomm:sm7550_firmware
qualcomm:sm7550p_firmware
qualcomm:sm7635p_firmware
qualcomm:sm7675_firmware
CVE-2017-7921 EUVD-2017-16892
CRITICAL

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.

hikvision:ds-2cd2032-i_firmware
hikvision:ds-2cd2112-i_firmware
hikvision:ds-2cd2132-i_firmware
hikvision:ds-2cd2212-i5_firmware
hikvision:ds-2cd2232-i5_firmware
hikvision:ds-2cd2312-i_firmware
hikvision:ds-2cd2332-i_firmware
hikvision:ds-2cd2412f-i\(w\)_firmware
hikvision:ds-2cd2432f-i\(w\)_firmware
hikvision:ds-2cd2512f-i\(s\)_firmware
hikvision:ds-2cd2532f-i\(s\)_firmware
hikvision:ds-2cd2612f-i\(s\)_firmware
hikvision:ds-2cd2632f-i\(s\)_firmware
hikvision:ds-2cd2712f-i\(s\)_firmware
hikvision:ds-2cd2732f-i\(s\)_firmware
hikvision:ds-2cd2t32-i3_firmware
hikvision:ds-2cd2t32-i5_firmware
hikvision:ds-2cd2t32-i8_firmware
hikvision:ds-2cd4012f-\(a\)_firmware
hikvision:ds-2cd4012f-\(p\)_firmware
hikvision:ds-2cd4012f-\(w\)_firmware
hikvision:ds-2cd4012fwd-\(a\)_firmware
hikvision:ds-2cd4012fwd-\(p\)_firmware
hikvision:ds-2cd4012fwd-\(w\)_firmware
hikvision:ds-2cd4024f-\(a\)_firmware
hikvision:ds-2cd4024f-\(p\)_firmware
hikvision:ds-2cd4024f-\(w\)_firmware
hikvision:ds-2cd4032fwd-\(a\)_firmware
hikvision:ds-2cd4032fwd-\(p\)_firmware
hikvision:ds-2cd4032fwd-\(w\)_firmware
hikvision:ds-2cd4112f-i\(z\)_firmware
hikvision:ds-2cd4112fwd-i\(z\)_firmware
hikvision:ds-2cd4124f-i\(z\)_firmware
hikvision:ds-2cd4132fwd-i\(z\)_firmware
hikvision:ds-2cd4212f-i\(h\)_firmware
hikvision:ds-2cd4212f-i\(s\)_firmware
hikvision:ds-2cd4212f-i\(z\)_firmware
hikvision:ds-2cd4212fwd-i\(h\)_firmware
hikvision:ds-2cd4212fwd-i\(s\)_firmware
hikvision:ds-2cd4212fwd-i\(z\)_firmware
hikvision:ds-2cd4224f-i\(h\)_firmware
hikvision:ds-2cd4224f-i\(s\)_firmware
hikvision:ds-2cd4224f-i\(z\)_firmware
hikvision:ds-2cd4232fwd-i\(h\)_firmware
hikvision:ds-2cd4232fwd-i\(s\)_firmware
hikvision:ds-2cd4232fwd-i\(z\)_firmware
hikvision:ds-2cd4312f-i\(h\)_firmware
hikvision:ds-2cd4312f-i\(s\)_firmware
hikvision:ds-2cd4312f-i\(z\)_firmware
hikvision:ds-2cd4324f-i\(h\)_firmware
hikvision:ds-2cd4324f-i\(s\)_firmware
hikvision:ds-2cd4324f-i\(z\)_firmware
hikvision:ds-2cd4332fwd-i\(h\)_firmware
hikvision:ds-2cd4332fwd-i\(s\)_firmware
hikvision:ds-2cd4332fwd-i\(z\)_firmware
hikvision:ds-2cd6412fwd_firmware
hikvision:ds-2dfx_series_firmware
hikvision:ds-2cd63xx_series_firmware
Newly recorded security issues per week
Stay up to date! New information is added to our knowledge database every day. Here you can see the history of newly added vulnerabilities that have been added to our CVE DB in recent years.
Vulnerabilities by severity (over the last 7 days)
Information about the vulnerabilities of the last 7 days can be found here. As you can see, critical vulnerabilities are also added on a daily basis. Therefore, validate your current security situation sets on a daily basis to ensure the security of your IT.
CVSS Score Distribution
The CVSS score rates security vulnerabilities from 0 to 10, based on factors like attack vectors and impacts on confidentiality, integrity, and availability.
EPSS Score Distribution
The EPSS score predicts the likelihood of a known vulnerability being exploited, complementing CVSS by assessing real-world exploitability based on threat activity and exploit availability.
Latest Vulnerability Reports
The 10 most recently published CVE reports.

  • CVE-2026-3787

    HIGH

    A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but did not respond in any way.

  • CVE-2026-3786

    MEDIUM

    A security flaw has been discovered in EasyCMS up to 1.6. The impacted element is an unknown function of the file /RbacuserAction.class.php of the component Request Parameter Handler. The manipulation of the argument _order results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

  • CVE-2026-3785

    MEDIUM

    A vulnerability was identified in EasyCMS up to 1.6. The affected element is an unknown function of the file /RbacnodeAction.class.php of the component Request Parameter Handler. The manipulation of the argument _order leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

  • CVE-2026-3771

    MEDIUM

    A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. This vulnerability affects unknown code of the file /accomodation.php. Such manipulation of the argument q leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

  • CVE-2026-3770

    MEDIUM

    A flaw has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used.

  • CVE-2026-3769

    HIGH

    A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used.

  • CVE-2026-3768

    HIGH

    A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

  • CVE-2026-3767

    MEDIUM

    A weakness has been identified in itsourcecode sanitize or validate this input 1.0. Affected is an unknown function of the file /admin/teacher-attendance.php. Executing a manipulation of the argument teacher_id can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

  • CVE-2026-3766

    LOW

    A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

  • CVE-2026-3765

    HIGH

    A vulnerability was identified in itsourcecode University Management System 1.0. This affects an unknown function of the file /att_single_view.php. Such manipulation of the argument dt leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.