Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2026-48836
CRITICAL CVSS 10.0
Find Similar
Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions.
An unauthenticated remote code execution (RCE) vulnerability exists in applications that use the Replicator node package manager (npm) version 1.0.5 to deserialize untrusted user input and execute the
CVE-2026-25548
CRITICAL CVSS 9.1
Find Similar
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A critical Remote Code Execution (RCE) vulnerability exists in InvoicePlane 1.7.0 through a chained
Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products.
CVE-2024-27115
CRITICAL CVSS 10.0
Find Similar
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability, an attacker can upload executable files that are moved to a publi
CVE-2025-67084
CRITICAL CVSS 9.9
Find Similar
File upload vulnerability in InvoicePlane through 1.6.3 allows authenticated attackers to upload arbitrary PHP files into attachments, which can later be executed remotely, leading to Remote Code Exec
A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionality, potentially le
CVE-2024-40711
CRITICAL CVSS 9.8 KEV
Find Similar
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
CVE-2026-44963
CRITICAL CVSS 9.4
Find Similar
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
CVE-2026-1470
CRITICAL CVSS 9.9
Find Similar
n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluat
CVE-2026-40783
CRITICAL CVSS 9.9
Find Similar
Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.37 versions.
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user
It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface.
Unauthenticated Cross Site Scripting (XSS) in Simple Membership <= 4.7.2 versions.
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be avail
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
CVE-2026-8931
CRITICAL CVSS 9.4
Find Similar
A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3.
An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to
CVE-2024-40110
CRITICAL CVSS 9.8
Find Similar
Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code Execution (RCE) vulnerability via the productimage parameter at /farm/product.php.
Page 1+ Next →