CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-5963 Digiwin|EasyFlow .NET - SQL Injection 20.04.2026 9.3
CVE-2026-5964 Digiwin|EasyFlow .NET - SQL Injection 20.04.2026 9.3
CVE-2026-6644 A command injection vulnerability was found in the PPTP VPN Clients on the ADM 20.04.2026 9.4
CVE-2026-32956 20.04.2026 9.3
CVE-2026-41242 protobufjs has an arbitrary code execution issue 18.04.2026 9.4
CVE-2026-40492 SAIL has heap buffer overflow in XWD decoder — bits_per_pixel vs pixmap_depth type confusion in byte-swap 18.04.2026 9.8
CVE-2026-40493 SAIL has heap buffer overflow in PSD decoder — bpp mismatch in LAB 16-bit mode 18.04.2026 9.8
CVE-2026-40494 SAIL has heap buffer overflow in TGA RLE decoder — raw packet path missing bounds check 18.04.2026 9.8
CVE-2026-40317 NovumOS has Privilege Escalation in the Syscall Interface 18.04.2026 9.4
CVE-2026-40572 NovumOS has Arbitrary Memory Mapping via Syscall 15 (MemoryMapRange) 18.04.2026 9
CVE-2026-40484 ChurchCRM: Authenticated Remote Code Execution via Unrestricted PHP File Write in Database Restore Function 17.04.2026 9.1
CVE-2026-40324 Hot Chocolate's Utf8GraphQLParser has Stack Overflow via Deeply Nested GraphQL Documents 17.04.2026 9.1
CVE-2026-40582 ChurchCRM: Authentication Bypass in `/api/public/user/login` Allows Bypass of 2FA and Account Lockout 17.04.2026 9.1
CVE-2026-40477 Improper restriction of the scope of accessible objects in Thymeleaf expressions 17.04.2026 9.1
CVE-2026-40478 Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf 17.04.2026 9.1
CVE-2026-40258 Gramps Web API has Zip Slip Path Traversal in Media Archive Import 17.04.2026 9.1
CVE-2026-40351 FastGPT: NoSQL Injection in loginByPassword leads to Authentication Bypass 17.04.2026 9.8
CVE-2026-23500 Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration 18.04.2026 9.4
CVE-2026-32105 xrdp: RDP MAC signature (dataSignature) never verified on receive — integrity bypass in non-TLS mode 17.04.2026 9.3
CVE-2026-35546 Anviz Products Missing Authentication for Critical Function 17.04.2026 9.8
CVE-2026-40342 Firebird: Path Traversal + Arbitrary File Write Leads to Remote Code Execution 17.04.2026 10
CVE-2026-40525 OpenViking Authentication Bypass via VikingBot OpenAPI 17.04.2026 9.1
CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements 17.04.2026 9.3
CVE-2025-15623 Sparx Pro Cloud Server reveals sensitive information to an unauthenticated user 17.04.2026 9.3
CVE-2025-15624 Plaintext Storage of a Password in Sparx Pro Cloud Server. 17.04.2026 9.3
CVE-2025-15625 Unauthenticated execution of arbitrary SQL queries in Sparx Pro Cloud Server 17.04.2026 9.5
CVE-2026-6443 Accordion and Accordion Slider 1.4.6 - Injected Backdoor 17.04.2026 9.8
CVE-2026-40322 SiYuan: Mermaid `javascript:` Link Injection Leads to Stored XSS and Electron RCE 17.04.2026 9.1
CVE-2026-6270 @fastify/middie vulnerable to middleware authentication bypass in child plugin scopes 16.04.2026 9.1
CVE-2026-31843 16.04.2026 10
CVE-2026-3596 Riaxe Product Customizer <= 2.1.2 - Missing Authorization to Unauthenticated Arbitrary Options Update to Privilege Escalation via 'install-imprint' AJAX Action 16.04.2026 9.8
CVE-2026-6348 Simopro Technology|WinMatrix - Missing Authentication 16.04.2026 9.3
CVE-2026-6349 HGiga|iSherlock - OS Command Injection 16.04.2026 10
CVE-2026-6350 Openfind|MailGates/MailAudit - Stack-based Buffer Overflow 16.04.2026 9.3
CVE-2026-40504 Creolabs Gravity < 0.9.6 Heap Buffer Overflow via gravity_vm_exec 16.04.2026 9.3
CVE-2026-40959 16.04.2026 9.3
CVE-2026-4880 Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication 16.04.2026 9.8
CVE-2026-6388 Argocd-image-updater: argocd image updater: cross-namespace privilege escalation via insufficient namespace validation 16.04.2026 9.1
CVE-2026-40173 Dgraph: Unauthenticated pprof endpoint leaks admin auth token 16.04.2026 9.4
CVE-2025-41118 Sensitive COS `SecretKey` exposed in plaintext via configuration API due to missing type protection 15.04.2026 9.1
CVE-2026-5189 Nexus Repository 3 - Hardcoded Credential in Internal Database Component 16.04.2026 9.2
CVE-2025-15610 15.04.2026 9.3
CVE-2026-20147 Cisco Identity Services Engine Remote Code Execution Vulnerability 16.04.2026 9.9
CVE-2026-20180 Cisco Identity Services Engine Multiple Remote Code Execution Vulnerability 16.04.2026 9.9
CVE-2026-20184 Cisco Webex Meetings Certificate Validation Vulnerability 16.04.2026 9.8
CVE-2026-20186 Cisco Identity Services Engine Multiple Authenticated Remote Code Execution Vulnerability 16.04.2026 9.9
CVE-2026-5387 AVEVA Pipeline Simulation Missing Authorization 15.04.2026 9.3
CVE-2026-33805 @fastify/reply-from vulnerable to connection header abuse enabling stripping of proxy-added headers 15.04.2026 9
CVE-2026-33807 @fastify/express vulnerable to middleware path doubling causing authentication bypass in child plugin scopes 15.04.2026 9.1
CVE-2026-33808 @fastify/express vulnerable to middleware authentication bypass via URL normalization gaps (duplicate slashes and semicolons) 15.04.2026 9.1
CVE-2025-14813 GOSTCTR implementation unable to process more than 255 blocks correctly 15.04.2026 9.3
CVE-2026-5598 Non-constant time comparisons risk private key leakage in FrodoKEM. 15.04.2026 10
CVE-2026-3461 Visa Acceptance Solutions <= 2.1.0 - Unauthenticated Authentication Bypass via Billing Email 15.04.2026 9.8
CVE-2026-1555 WebStack <= 1.2024 - Unauthenticated Arbitrary File Upload 15.04.2026 9.8
CVE-2026-39842 OpenRemote is Vulnerable to Expression Injection 16.04.2026 10
CVE-2026-39399 NuGet Gallery: Arbitrary Blob Overwrite via Nuspec Confusion and URI Fragment Truncation 15.04.2026 9.6
CVE-2026-34457 OAuth2 Proxy: Health Check User-Agent Matching Bypasses Authentication in auth_request Mode 15.04.2026 9.1
CVE-2026-35031 Jellyfin: Potential RCE via subtitle upload path traversal + .strm chain 16.04.2026 10
CVE-2026-35033 Jellyfin: Potential SSRF + Arbitrary file read via stream argument injection 15.04.2026 9.3
CVE-2026-27304 ColdFusion | Improper Input Validation (CWE-20) 15.04.2026 9.3
CVE-2026-27243 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79) 14.04.2026 9.3
CVE-2026-27245 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79) 14.04.2026 9.3
CVE-2026-27246 Adobe Connect | Cross-site Scripting (DOM-based XSS) (CWE-79) 14.04.2026 9.3
CVE-2026-27303 Adobe Connect | Deserialization of Untrusted Data (CWE-502) 15.04.2026 9.6
CVE-2026-34615 Adobe Connect | Deserialization of Untrusted Data (CWE-502) 15.04.2026 9.3
CVE-2026-26149 Microsoft Power Apps Security Feature Bypass 17.04.2026 9
CVE-2026-33824 Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability 17.04.2026 9.8
CVE-2026-39808 15.04.2026 9.1
CVE-2026-39813 15.04.2026 9.1
CVE-2025-63939 14.04.2026 9.8
CVE-2025-65135 14.04.2026 9.8
CVE-2026-38526 14.04.2026 9.9
CVE-2025-8095 Recoverable obfuscation using the OECH1 prefix encoding in OpenEdge 15.04.2026 9.1
CVE-2026-2449 14.04.2026 9
CVE-2026-40288 PraisonAI: Critical RCE via `type: job` workflow YAML 14.04.2026 9.8
CVE-2026-40289 PraisonAI Browser Server allows unauthenticated WebSocket clients to hijack connected extension sessions 14.04.2026 9.1
CVE-2026-40313 PraisonAI: ArtiPACKED Vulnerability via GitHub Actions Credential Persistence 14.04.2026 9.1
CVE-2026-6264 Critical Security fix for the Talend JobServer and Talend Runtime 16.04.2026 9.8
CVE-2026-4365 LearnPress <= 4.3.2.8 - Missing Authorization to Unauthenticated Arbitrary Quiz Answer Deletion 14.04.2026 9.1
CVE-2026-27681 SQL Injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse 14.04.2026 9.9
CVE-2026-22562 14.04.2026 9.8
CVE-2026-22563 14.04.2026 9.8
CVE-2026-22564 14.04.2026 9.8
CVE-2026-40042 Pachno 1.0.6 Wiki TextParser XML External Entity Injection 14.04.2026 9.3
CVE-2026-40044 Pachno 1.0.6 FileCache Deserialization Remote Code Execution 13.04.2026 9.3
CVE-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure 14.04.2026 9.1
CVE-2026-6195 Totolink A7100RU CGI cstecgi.cgi setPasswordCfg os command injection 13.04.2026 9.3
CVE-2026-23891 Decidim has a Cross-site scripting (XSS) vulnerability via user name field 14.04.2026 9.3

Latest Updates

CVE Title Updated Score
CVE-2026-41282 20.04.2026 4
CVE-2026-5963 Digiwin|EasyFlow .NET - SQL Injection 20.04.2026
CVE-2026-5964 Digiwin|EasyFlow .NET - SQL Injection 20.04.2026
CVE-2026-5966 TeamT5|ThreatSonar Anti-Ransomware - Arbitrary File Deletion 20.04.2026
CVE-2026-6615 TransformerOptimus SuperAGI Multipart Upload resources.py upload path traversal 20.04.2026
CVE-2026-6616 TransformerOptimus SuperAGI WebScraperTool webpage_extractor.py extract_with_lxml server-side request forgery 20.04.2026
CVE-2026-6617 langgenius dify ApiToolManageService api_tools_manage_service.py get_api_tool_provider_remote_schema server-side request forgery 20.04.2026
CVE-2024-7083 Email Encoder < 2.3.4 - Admin+ Stored XSS 20.04.2026
CVE-2026-6611 liangliangyy DjangoBlog File Upload Endpoint settings.py hard-coded key 20.04.2026
CVE-2026-6612 TransformerOptimus SuperAGI Agent Execution Endpoint agent_execution.py update_agent_execution authorization 20.04.2026
CVE-2026-6613 TransformerOptimus SuperAGI agent.py get_schedule_data authorization 20.04.2026
CVE-2026-6614 TransformerOptimus SuperAGI project.py get_projects_organisation authorization 20.04.2026
CVE-2026-6643 A stack-based buffer overflow vulnerability in the VPN Clients on the ADM 20.04.2026
CVE-2026-6644 A command injection vulnerability was found in the PPTP VPN Clients on the ADM 20.04.2026
CVE-2026-6608 lm-sys fastchat Arena Side-by-Side View add_text control flow 20.04.2026
CVE-2026-6609 liangliangyy DjangoBlog views.py form_valid improper authorization 20.04.2026
CVE-2026-6610 liangliangyy DjangoBlog Setting settings.py hard-coded credentials 20.04.2026
CVE-2026-6603 modelscope agentscope _python.py execute_shell_command code injection 20.04.2026
CVE-2026-6604 modelscope agentscope Cloud Metadata Endpoint _openai_tools.py openai_audio_to_text server-side request forgery 20.04.2026
CVE-2026-6605 modelscope agentscope Internal Service _common.py _get_bytes_from_web_url server-side request forgery 20.04.2026
CVE-2026-6606 modelscope agentscope _agent_base.py _process_audio_block server-side request forgery 20.04.2026
CVE-2026-6607 lm-sys fastchat Worker API Endpoint api_generate resource consumption 20.04.2026
CVE-2026-32955 20.04.2026 8.8
CVE-2026-32956 20.04.2026 9.8
CVE-2026-32957 20.04.2026 5.3
CVE-2026-32958 20.04.2026 6.5
CVE-2026-32959 20.04.2026 5.9
CVE-2026-32960 20.04.2026 6.5
CVE-2026-32961 20.04.2026 5.3
CVE-2026-32962 20.04.2026 5.3
CVE-2026-32963 20.04.2026
CVE-2026-32964 20.04.2026 6.5
CVE-2026-32965 20.04.2026 7.5
CVE-2026-6598 langflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in file 20.04.2026
CVE-2026-6599 langflow-ai langflow Model Context Protocol Configuration API mcp_projects.py install_mcp_config injection 20.04.2026
CVE-2026-6600 langflow-ai langflow Frontend React Component Rendering edit-message.tsx cross site scripting 20.04.2026
CVE-2026-6601 Lagom WHMCS Template Datatables resource consumption 20.04.2026
CVE-2026-6602 rickxy Hospital Management System his_admin_account.php unrestricted upload 20.04.2026
CVE-2026-6595 ProjectsAndPrograms School Management System HTTP GET Parameter buslocation.php sql injection 20.04.2026
CVE-2026-6596 langflow-ai langflow API Endpoint endpoints.py create_upload_file unrestricted upload 20.04.2026
CVE-2026-6597 langflow-ai langflow Flow Using API core.py has_api_terms credentials storage 20.04.2026
CVE-2026-6592 ComfyUI userdata Endpoint user_manager.py getuserdata cross site scripting 20.04.2026
CVE-2026-6593 ComfyUI View Endpoint server.py cross site scripting 20.04.2026
CVE-2026-6594 brikcss merge prototype pollution 20.04.2026
CVE-2026-6588 serge-chat serge Model API Endpoint model.py delete_model missing authentication 20.04.2026
CVE-2026-6589 ComfyUI server.py create_origin_only_middleware cross-site request forgery 20.04.2026
CVE-2026-6590 ComfyUI Model Preview Endpoint model_manager.py get_model_preview path traversal 20.04.2026
CVE-2026-6591 ComfyUI LoadImage Node folder_paths.py folder_paths.get_annotated_filepath path traversal 20.04.2026
CVE-2026-6587 vibrantlabsai RAGAS Collections util.py _try_process_url server-side request forgery 20.04.2026
CVE-2026-6586 TransformerOptimus SuperAGI Budget Endpoint budget.py update_budget authorization 19.04.2026
CVE-2026-6585 TransformerOptimus SuperAGI Organisation Update Endpoint organisation.py update_organisation authorization 19.04.2026
CVE-2026-6584 TransformerOptimus SuperAGI User Update Endpoint user.py update_user authorization 19.04.2026
CVE-2026-6583 TransformerOptimus SuperAGI API Key Management Endpoint api_key.py edit_api_key authorization 19.04.2026
CVE-2026-6582 TransformerOptimus SuperAGI Vector Database Management Endpoint vector_dbs.py get_vector_db_details missing authentication 19.04.2026
CVE-2026-6581 H3C Magic B1 aspForm SetMobileAPInfoById buffer overflow 19.04.2026
CVE-2026-6580 liangliangyy DjangoBlog Amap API Call views.py hard-coded key 19.04.2026
CVE-2026-6579 liangliangyy DjangoBlog Clean Endpoint views.py missing authentication 19.04.2026
CVE-2026-6578 liangliangyy DjangoBlog Setting settings.py hard-coded credentials 19.04.2026
CVE-2026-6577 liangliangyy DjangoBlog logtracks Endpoint views.py missing authentication 19.04.2026
CVE-2026-6576 liangliangyy DjangoBlog WeChat Bot commonapi.py CommandHandler command injection 19.04.2026
CVE-2026-6574 osuuu LightPicture API Upload Endpoint lp.sql hard-coded credentials 19.04.2026
CVE-2026-6573 PHPEMS Instant Exam Creation exams.master.php temppage server-side request forgery 19.04.2026
CVE-2026-6572 Collabora KodExplorer fileUpload Endpoint share.class.php improper authorization 19.04.2026
CVE-2026-6571 kodcloud KodExplorer systemRole.class.php roleGroupAction authorization 19.04.2026
CVE-2026-6570 kodcloud KodExplorer systemMember.class.php initInstall authorization 19.04.2026