CVE-2025-9497
5.5 MEDIUM 5.5Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0.
CVE Vulnerability Database
Complete database of CVE vulnerabilities. Track critical security threats, exploits and patches. Updated daily from NVD NIST.
CVE-2026-4994
5.1 MEDIUM 5.1A vulnerability was found in wandb OpenUI up to 1.0/3.5-turb. Affected is the function generic_exception_handler of the file backend/openui/server.py of the component APIStatusError Handler. The manipulation of the argument key …
wandb
Details
CVE-2026-4993
1.9 LOW 1.9A vulnerability has been found in wandb OpenUI up to 0.0.0.0/1.0. This impacts an unknown function of the file backend/openui/config.py. The manipulation of the argument LITELLM_MASTER_KEY leads to hard-coded credentials. …
wandb
Details
CVE-2026-2442
5.3 MEDIUM 5.3The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences ('CRLF Injection') in all versions up to, and including, …
WordPress
Details
CVE-2026-23399
NONEIn the Linux kernel, the following vulnerability has been resolved: nf_tables: nft_dynset: fix possible stateful expression memleak in error path If cloning the second stateful expression in the element via …
Linux
Details
CVE-2026-1307
6.5 MEDIUM 6.5The Ninja Forms - The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.14.1 via …
WordPress
Details
CVE-2025-15445
5.4 MEDIUM 5.4The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install …
WordPress
Details
CVE-2025-12886
7.2 HIGH 7.2The Oxygen Theme theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.8 via the laborator_calc_route AJAX action. This makes it possible for …
WordPress
Details
CVE-2026-4987
7.5 HIGH 7.5The SureForms – Contact Form, Payment Form & Other Custom Form Builder plugin for WordPress is vulnerable to Payment Amount Bypass in all versions up to, and including, 2.5.2. This …
WordPress
Details
CVE-2026-1679
7.8 HIGH 7.8The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow `eswifi->buf`, corrupting kernel memory (CWE-120). Exploit requires local code that can …
Zephyrproject
Details
Statistics
Total
37620
Critical
3360
High
12540