Search

Expected end of text, found ':' (at char 25), (line:1, col:26)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (328860 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-32150 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2022-24911 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2022-24380 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2022-22147 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2022-21130 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2021-3926 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2020-8460 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2020-8459 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2020-8458 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2020-8457 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2020-8456 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2020-8455 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2020-8454 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2020-8453 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2020-8452 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2026-1330 2026-01-22 7.5 High
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2026-1331 2026-01-22 9.8 Critical
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
CVE-2026-24332 2026-01-22 4.3 Medium
Discord through 2026-01-16 allows gathering information about whether a user's client state is Invisible (and not actually offline) because the response to a WebSocket API request includes the user in the presences array (with "status": "offline"), whereas offline users are omitted from the presences array. This is arguably inconsistent with the UI description of Invisible as "You will appear offline."
CVE-2020-8451 2026-01-22 N/A
The reserved CVE was never used.
CVE-2026-0920 2026-01-22 9.8 Critical
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajax_register_handle' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'lakit_bkrole' parameter during registration and gain administrator access to the site.