Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

High Severity Vulnerabilities

Found 13196 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
Ruby Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2026-46727)
CVE-2026-46727
CWE-362
High
Oracle Database Server Uncontrolled Resource Consumption Vulnerability (CVE-2026-46834)
CVE-2026-46834
CWE-400
High
Oracle Database Server Uncontrolled Resource Consumption Vulnerability (CVE-2026-46835)
CVE-2026-46835
CWE-400
High
WebLogic CVE-2026-46848 Vulnerability (CVE-2026-46848)
CVE-2026-46848
-
High
SharePoint Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2026-47294)
CVE-2026-47294
CWE-138
High
SharePoint Improper Authorization Vulnerability (CVE-2026-47298)
CVE-2026-47298
CWE-285
High
Joomla CVE-2026-48896 Vulnerability (CVE-2026-48896)
CVE-2026-48896
-
High
Joomla Improper Authentication Vulnerability (CVE-2026-48897)
CVE-2026-48897
CWE-287
High
Joomla Use of Cache Containing Sensitive Information Vulnerability (CVE-2026-48901)
CVE-2026-48901
CWE-524
High
Apache HTTP Server Use After Free Vulnerability (CVE-2026-48913)
CVE-2026-48913
CWE-416
High
Nginx Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-49975)
CVE-2026-49975
CWE-789
High
Internet Information Services Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-49975)
CVE-2026-49975
CWE-789
High
Apache Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-49975)
CVE-2026-49975
CWE-789
High
Envoy Proxy Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-49975)
CVE-2026-49975
CWE-789
High
MongoDb Use After Free Vulnerability (CVE-2026-4148)
CVE-2026-4148
CWE-416
High
Python Uncontrolled Recursion Vulnerability (CVE-2026-4224)
CVE-2026-4224
CWE-674
High
MongoDb Double Free Vulnerability (CVE-2026-4358)
CVE-2026-4358
CWE-415
High
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2026-53435)
CVE-2026-53435
CWE-502
High
Jetty Sensitive Information in Resource Not Removed Before Reuse Vulnerability (CVE-2026-5795)
CVE-2026-5795
CWE-226
High
PostgreSQL Integer Overflow or Wraparound Vulnerability (CVE-2026-6473)
CVE-2026-6473
CWE-190
High
PostgreSQL UNIX Symbolic Link (Symlink) Following Vulnerability (CVE-2026-6475)
CVE-2026-6475
CWE-61
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-6476)
CVE-2026-6476
CWE-138
High
PostgreSQL Use of Inherently Dangerous Function Vulnerability (CVE-2026-6477)
CVE-2026-6477
CWE-242
High
PostgreSQL Uncontrolled Recursion Vulnerability (CVE-2026-6479)
CVE-2026-6479
CWE-674
High
TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2026-6553)
CVE-2026-6553
CWE-312
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-6637)
CVE-2026-6637
CWE-138
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-6638)
CVE-2026-6638
CWE-138
High
MongoDb Integer Underflow (Wrap or Wraparound) Vulnerability (CVE-2026-6914)
CVE-2026-6914
CWE-191
High
PHP Out-of-bounds Read Vulnerability (CVE-2026-7258)
CVE-2026-7258
CWE-125
High
PHP NULL Pointer Dereference Vulnerability (CVE-2026-7262)
CVE-2026-7262
CWE-476
High
PHP Improper Resource Shutdown or Release Vulnerability (CVE-2026-7263)
CVE-2026-7263
CWE-404
High
OpenSSL Out-of-bounds Write Vulnerability (CVE-2026-7383)
CVE-2026-7383
CWE-787
High
PHP Out-of-bounds Read Vulnerability (CVE-2026-7568)
CVE-2026-7568
CWE-125
High
MongoDb Out-of-bounds Write Vulnerability (CVE-2026-8053)
CVE-2026-8053
CWE-787
High
MongoDb Use After Free Vulnerability (CVE-2026-8201)
CVE-2026-8201
CWE-416
High
IBMHttpServer Heap-based Buffer Overflow Vulnerability (CVE-2026-8834)
CVE-2026-8834
CWE-122
High
IBMHttpServer Untrusted Pointer Dereference Vulnerability (CVE-2026-8835)
CVE-2026-8835
CWE-822
High
IBMHttpServer NULL Pointer Dereference Vulnerability (CVE-2026-8850)
CVE-2026-8850
CWE-476
High
IBMHttpServer Reachable Assertion Vulnerability (CVE-2026-8852)
CVE-2026-8852
CWE-617
High
IBMHttpServer Expired Pointer Dereference Vulnerability (CVE-2026-8854)
CVE-2026-8854
CWE-825
High
OpenSSL Out-of-bounds Read Vulnerability (CVE-2026-9076)
CVE-2026-9076
CWE-125
High
IBMHttpServer Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-9170)
CVE-2026-9170
CWE-94
High
MongoDb Uncontrolled Recursion Vulnerability (CVE-2026-9740)
CVE-2026-9740
CWE-674
High
MongoDb Out-of-bounds Write Vulnerability (CVE-2026-9753)
CVE-2026-9753
CWE-787
High
WordPress 0.7 Posts SQL Injection Vulnerability (0.7)
CVE-2003-1598
CWE-89
High
WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71)
-
CWE-89
High
WordPress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1 - 1.2.2)
-
CWE-89
High
WordPress Multiple Cross-Site Scripting Vulnerabilities (1.2 - 1.2.1)
-
CWE-79
High
WordPress 'wp-login.php' HTTP Response Splitting Vulnerability (1.2)
CVE-2004-1584
CWE-113
High
WordPress 1.5.1.2 Multiple Vulnerabilities (1.0 - 1.5.1.2)
CVE-2005-2110
CWE-702
High
WordPress 'cat' Parameter SQL Injection Vulnerability (1.5 - 1.5.1.1)
CVE-2005-1810
CWE-89
High
WordPress Cookie Data PHP Code Injection Vulnerability (1.5 - 1.5.1.3)
CVE-2005-2612
CWE-94
High
WordPress 'edit.php' Cross-Site Scripting Vulnerability (1.5)
-
CWE-79
High
WordPress 'post.php' Cross-Site Scripting Vulnerability (1.5)
-
CWE-79
High
WordPress 'wp-trackback.php' SQL Injection Vulnerability (1.5)
CVE-2005-1687
CWE-89
High
WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1)
-
CWE-400
High
WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2)
CVE-2006-2702
CWE-94
High
WordPress 2.0.3 Multiple Unspecified Security Vulnerabilities (2.0 - 2.0.3)
CVE-2006-4028
CWE-264
High
WordPress 2.0.4 Multiple Security Vulnerabilities (2.0.4)
CVE-2006-6017
CWE-400
High
WordPress 2.0.5 Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
CVE-2006-6808
CWE-79
High
WordPress 2.0.5 Invalid CSRF Token Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
CVE-2007-0106
CWE-79
High
WordPress Comment Post Cross-Site Scripting Vulnerability (2.0)
CVE-2006-0733
CWE-79
High
WordPress 'index.php' Cross-Site Scripting Vulnerability (1.5)
-
CWE-79
High
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)
CVE-2006-1796
CWE-79
High
WordPress 'paged' Parameter SQL Injection Vulnerability (2.0.2 - 2.0.5)
CVE-2006-3389
CWE-89
High
WordPress User-Agent SQL Injection Vulnerability (1.5.2)
CVE-2006-1012
CWE-89
High
WordPress 2.0.5 Charset Decoding SQL Injection Vulnerability (0.6.2 - 2.0.5)
CVE-2007-0107
CWE-89
High
WordPress 2.0.6 'Zend_Hash_Del_Key_Or_Index' SQL Injection Vulnerability (0.6.2 - 2.0.6)
CVE-2007-0233
CWE-89
High
WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1)
CVE-2007-1277
CWE-94
High
WordPress 2.1.1 Cross-Site Scripting Vulnerability (2.1.1)
CVE-2007-1244
CWE-79
High
WordPress 2.2 Cross-Site Scripting Vulnerability (2.2)
CVE-2007-3238
CWE-79
High
WordPress 2.3 Cross-Site Scripting Vulnerability (2.3)
CVE-2007-5710
CWE-79
High
WordPress 2.3.1 Unauthorized Post Access Vulnerability (2.3.1)
-
CWE-264
High
WordPress 'admin-ajax.php' SQL Injection Vulnerability (2.1.3)
CVE-2007-2821
CWE-89
High
WordPress Cookies Security Bypass Weakness (1.5 - 2.3.1)
CVE-2007-6013
CWE-287
High