CVE Find is a real-time vulnerability database indexing 361 514 security flaws (CVE) from MITRE, NVD, CISA KEV, CWE and CAPEC. 1907 new CVEs were published in the last 7 days.
Data aggregated from: MITRE Corporation (CVE, CWE, CAPEC), National Vulnerability Database – NIST (NVD), CISA Known Exploited Vulnerabilities (KEV), FIRST (EPSS).
With CVE Find, explore the world's largest database of vulnerabilities.
361 514 vulnerabilities
Last update : 2026-06-28 19h15 +00:00
Common Vulnerabilities and Exposures (CVE), is a list of publicly disclosed computer security flaws.
0
Created 7 days ago
0
Updated 7 days ago
0
Created 30 days ago
0
Updated 30 days ago
Free CVE Email Notifications
Get free real-time alerts on new vulnerabilities with CVE Find.Stay protected and informed instantly !
The last 10 High CVE
Total 361 514 CVE in Datadase| CVE ID | Published | Description | Score | Severity | |
|---|---|---|---|---|---|
CVE-2026-58053 |
2026-06-28 02h16 +00:00 |
Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options... Improper Privilege Management |
9.9 |
Critical |
|
CVE-2026-58049 |
2026-06-28 02h16 +00:00 |
FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes at t... Overflow |
8.6 |
High |
|
CVE-2026-10643 |
2026-06-27 22h59 +00:00 |
Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinfo()... Overflow |
8.7 |
High |
|
CVE-2026-12415 |
2026-06-27 05h16 +00:00 |
The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing ca... Improper Privilege Management |
9.8 |
Critical |
|
CVE-2026-28701 |
2026-06-26 22h40 +00:00 |
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated rem... Directory Traversal |
9.3 |
Critical |
|
CVE-2026-55069 |
2026-06-26 22h16 +00:00 |
Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability e... |
8.7 |
High |
|
CVE-2026-53576 |
2026-06-26 22h16 +00:00 |
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authe... Code Injection |
10 |
Critical |
|
CVE-2026-49869 |
2026-06-26 22h16 +00:00 |
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, Authentic... OS Command InjectionAuthorization problemsServer-Side Request Forgery - SSRF |
10 |
Critical |
|
CVE-2026-54353 |
2026-06-26 21h16 +00:00 |
Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with automation p... Server-Side Request Forgery - SSRF |
8.5 |
High |
|
CVE-2026-54352 |
2026-06-26 21h16 +00:00 |
Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at packag... Directory Traversal |
9.6 |
Critical |
Distribution by CVSS scores
CVE created per quarter since 1999
Frequently asked questions about CVE Find
CVE Find is a cybersecurity vulnerability search engine that aggregates and indexes CVE (Common Vulnerabilities and Exposures), CWE, CAPEC and CPE data from MITRE, NVD and CISA. It allows you to search, filter and monitor security flaws via configurable real-time alerts.
A CVE (Common Vulnerability and Exposure) is a unique identifier assigned to a publicly disclosed computer security flaw. Each CVE is managed by MITRE Corporation and referenced in the NIST National Vulnerability Database (NVD) with a CVSS score evaluating its severity from 0 to 10.
CVSS (Common Vulnerability Scoring System) is an international standard that evaluates the severity of a vulnerability on a scale of 0 to 10. A score of 9 to 10 is rated Critical, 7 to 8.9 High, 4 to 6.9 Medium, and 0.1 to 3.9 Low.
CISA KEV (Known Exploited Vulnerabilities) is a catalog maintained by the US Cybersecurity Agency (CISA) listing CVE vulnerabilities actively exploited in real cyberattacks. US federal organizations are required to remediate them within a mandated deadline.
CVE Find offers a free alert system: create an account, then configure alerts by keyword, by vendor/product (CPE), by CWE category, by CVSS score or based on the CISA KEV list. Notifications are sent by email as soon as a new CVE matches your criteria.
