This page offers a live ATOM feed of the latest CVEs and Vulnerabilities from cvefeed.io. HIGH or CRITICAL
- CVE-2025-13374 - Kalrav AI Agent <= 2.3.3 - Unauthenticated Arbitrary File Upload via kalrav_upload_file AJAX Action
- CVE-2026-24412 - iccDEV has Heap Buffer Overflow in icCurvesFromXml()
- CVE-2026-24406 - iccDEV has Heap Buffer Overflow in CIccTagNamedColor2::SetSize()
- CVE-2026-24399 - ChatterMate has Stored Cross-Site Scripting (XSS) via Chatbot Input Execution
- CVE-2026-24136 - Saleor has an Insecure Direct Object Reference (IDOR) in GraphQL API
- CVE-2025-70983 - SpringBlade Authentication Privilege Escalation Vulnerability
- CVE-2026-24423 - SmarterTools SmarterMail < Build 9511 Unauthenticated RCE via ConnectToHub API
- CVE-2025-67229 - ToDesktop Builder SSL/TLS Certificate Validation Bypass
- CVE-2022-25369 - Dynamicweb Unauthenticated Remote Command Execution
- CVE-2021-47904 - PhreeBooks 5.2.3 - Remote Code Execution
- CVE-2021-47903 - LiteSpeed Web Server Enterprise 5.4.11 - Command Injection
- CVE-2021-47898 - Epson USB Display 1.6.0.0 Unquoted Service Path Vulnerability
- CVE-2021-47896 - PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path
- CVE-2021-47889 - Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path
- CVE-2021-47881 - dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow
- CVE-2025-66719 - Free5gc Unauthorized Access Token Generation Vulnerability
- CVE-2026-24572 - WordPress Nelio Content plugin <= 4.1.0 - SQL Injection vulnerability
- CVE-2026-0994 - Denial of Service in Python Protobuf
- CVE-2025-4320 - Information Disclosure in Birebirsoft's Sufirmam