CVE Find is a real-time vulnerability database indexing 363 922 security flaws (CVE) from MITRE, NVD, CISA KEV, CWE and CAPEC. 1325 new CVEs were published in the last 7 days.
Data aggregated from: MITRE Corporation (CVE, CWE, CAPEC), National Vulnerability Database – NIST (NVD), CISA Known Exploited Vulnerabilities (KEV), FIRST (EPSS).
| CVE ID | Published | Description | Score | Severity | |
|---|---|---|---|---|---|
CVE-2026-59702 |
2026-07-08 16h16 +00:00 |
repomix contains a server-side request forgery vulnerability in the POST /api/pack endpoint that all... Server-Side Request Forgery - SSRF |
9.3 |
Critical |
|
CVE-2026-9074 |
2026-07-08 15h24 +00:00 |
IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticate... SQL Injection |
9.1 |
Critical |
|
CVE-2026-24698 |
2026-07-08 15h16 +00:00 |
An OS command injection vulnerability exists in the save_syslog_to_file() function of the "httpd" bi... OS Command Injection |
8.8 |
High |
|
CVE-2026-15067 |
2026-07-08 15h16 +00:00 |
Snowflake Terraform Provider versions prior to 2.18.0 contain several security vulnerabilities, incl... SQL Injection |
8.8 |
High |
|
CVE-2026-15062 |
2026-07-08 15h16 +00:00 |
SQL injection vulnerabilities in the Snowflake Snowpark Python SDK (snowpark-python) versions prior ... SQL Injection |
9.6 |
Critical |
|
CVE-2026-58480 |
2026-07-08 14h17 +00:00 |
Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file ... File Inclusion |
9.8 |
Critical |
|
CVE-2026-56086 |
2026-07-08 14h17 +00:00 |
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through... Authorization problems |
8.8 |
High |
|
CVE-2026-54061 |
2026-07-08 14h17 +00:00 |
Dgraph is an open source distributed GraphQL database. Prior to version 25.3.5, Dgraph Alpha exposes... Authorization problems |
9.1 |
Critical |
|
CVE-2026-8307 |
2026-07-08 13h16 +00:00 |
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability i... SQL Injection |
9.8 |
Critical |
|
CVE-2026-41042 |
2026-07-08 12h17 +00:00 |
Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API, which exe... |
9.1 |
Critical |