| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2725 | Improper Authorization in Gerrit allowing Code Review Bypass via "Submitted Together" | Gerrit | Gerrit | - | - | 2026-05-13 05:32:49 | Deep Dive |
| CVE-2025-14033 | ilGhera Support System for WooCommerce <= 1.3.0 - Missing Authorization to Unauthenticated Sensitive Information Exposure | ghera74 | ilGhera Support System for WooCommerce | Medium | 5.3 | 2026-05-13 05:29:37 | Deep Dive |
| CVE-2026-6965 | Tutor LMS <= 3.9.9 - Insecure Direct Object Reference to Authenticated (Instructor+) Arbitrary Post Deletion via 'course' GET Parameter | themeum | Tutor LMS – eLearning and online course solution | Medium | 5.3 | 2026-05-13 05:29:37 | Deep Dive |
| CVE-2026-6929 | JoomSport <= 5.7.7 - Unauthenticated SQL Injection via 'sortf' Parameter | beardev | JoomSport – for Sports: Team & League, Football, Hockey & more | High | 7.5 | 2026-05-13 05:29:36 | Deep Dive |
| CVE-2026-32661 | Canon GUARDIANWALL MailSuite和Canon GUARDIANWALL Mail Security Cloud 安全漏洞 | Canon Marketing Japan Inc. | GUARDIANWALL MailSuite (On-premises version) | - | - | 2026-05-13 05:15:15 | Deep Dive |
| CVE-2026-21024 | SAMSUNG System Support Service 安全漏洞 | Samsung Mobile | Samsung System Support Service | - | - | 2026-05-13 04:56:27 | Deep Dive |
| CVE-2026-21022 | SAMSUNG SMR 安全漏洞 | Samsung Mobile | Samsung Mobile Devices | - | - | 2026-05-13 04:56:26 | Deep Dive |
| CVE-2026-21021 | SAMSUNG Mobile devices 安全漏洞 | Samsung Mobile | Samsung Mobile Devices | - | - | 2026-05-13 04:56:24 | Deep Dive |
| CVE-2026-21020 | SAMSUNG SMR 安全漏洞 | Samsung Mobile | Samsung Mobile Devices | - | - | 2026-05-13 04:56:23 | Deep Dive |
| CVE-2026-21019 | SAMSUNG Mobile devices 安全漏洞 | Samsung Mobile | Samsung Mobile Devices | - | - | 2026-05-13 04:56:22 | Deep Dive |
| CVE-2026-21018 | SAMSUNG Mobile devices 缓冲区错误漏洞 | Samsung Mobile | Samsung Mobile Devices | - | - | 2026-05-13 04:56:21 | Deep Dive |
| CVE-2026-21016 | SAMSUNG Mobile devices 安全漏洞 | Samsung Mobile | Samsung Mobile Devices | - | - | 2026-05-13 04:56:20 | Deep Dive |
| CVE-2026-21015 | SAMSUNG Mobile devices 安全漏洞 | Samsung Mobile | Samsung Mobile Devices | - | - | 2026-05-13 04:56:18 | Deep Dive |
| CVE-2026-7051 | Blog2Social: Social Media Auto Post & Scheduler <= 8.9.0 - Missing Authorization to Authenticated (Subscriber+) Delete Arbitrary B2S Post Records via 'postId' Parameter | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 5.4 | 2026-05-13 04:26:42 | Deep Dive |
| CVE-2025-9989 | Broadstreet <= 1.53.1 - Authenticated (Admin+) Stored Cross-Site Scripting | broadstreetads | Broadstreet | Medium | 4.4 | 2026-05-13 04:26:42 | Deep Dive |
| CVE-2026-6828 | Fluent Forms <= 6.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'permission_message' Shortcode Attribute | techjewel | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | Medium | 6.4 | 2026-05-13 04:26:41 | Deep Dive |
| CVE-2025-9987 | Broadstreet <= 1.53.1 - Authenticated (Subscriber+) Information Disclosure | broadstreetads | Broadstreet | Medium | 5.3 | 2026-05-13 04:26:41 | Deep Dive |
| CVE-2026-7619 | Charitable <= 1.8.10.4 - Authenticated (Custom+) SQL Injection via 's' Search Parameter | smub | Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More | Medium | 6.5 | 2026-05-13 04:26:40 | Deep Dive |
| CVE-2026-6962 | Cost of Goods: Product Cost & Profit Calculator for WooCommerce <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpcodefactory | Cost of Goods: Product Cost & Profit Calculator for WooCommerce | Medium | 6.4 | 2026-05-13 04:26:40 | Deep Dive |
| CVE-2026-7635🧪 | coreActivity: Activity Logging for WordPress <= 3.0 - Unauthenticated PHP Object Injection via 'user_agent' Log Meta Field | gdragon | coreActivity: Activity Logging for WordPress | High | 8.1 | 2026-05-13 04:26:39 | Deep Dive |