CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-5412 Juju CloudSpec API could leak senstive information 10.04.2026 9.9
CVE-2026-1115 Stored XSS in parisneo/lollms 10.04.2026 9.6
CVE-2026-6028 Totolink A7100RU CGI cstecgi.cgi setPptpServerCfg os command injection 10.04.2026 9.3
CVE-2026-6029 Totolink A7100RU CGI cstecgi.cgi setVpnAccountCfg os command injection 10.04.2026 9.3
CVE-2026-6026 Totolink A7100RU CGI cstecgi.cgi setPortalConfWeChat os command injection 10.04.2026 9.3
CVE-2026-6027 Totolink A7100RU CGI cstecgi.cgi setUrlFilterRules os command injection 10.04.2026 9.3
CVE-2026-6025 Totolink A7100RU CGI cstecgi.cgi setSyslogCfg os command injection 10.04.2026 9.3
CVE-2026-5996 Totolink A7100RU CGI cstecgi.cgi setAdvancedInfoShow os command injection 10.04.2026 9.3
CVE-2026-5997 Totolink A7100RU CGI cstecgi.cgi setLoginPasswordCfg os command injection 10.04.2026 9.3
CVE-2026-5993 Totolink A7100RU CGI cstecgi.cgi setWiFiGuestCfg os command injection 10.04.2026 9.3
CVE-2026-5994 Totolink A7100RU CGI cstecgi.cgi setTelnetCfg os command injection 10.04.2026 9.3
CVE-2026-5995 Totolink A7100RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection 10.04.2026 9.3
CVE-2026-34424 Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Access Toolkit 09.04.2026 9.3
CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords 09.04.2026 9.1
CVE-2026-33784 JSI Virtual Lightweight Collector: Default password is not required to be changed which allows unauthorized high-privileged access 09.04.2026 9.3
CVE-2026-40154 PraisonAI Affected by Untrusted Remote Template Code Execution 09.04.2026 9.3
CVE-2026-40111 PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py) 09.04.2026 9.3
CVE-2026-5977 Totolink A7100RU CGI cstecgi.cgi setWiFiBasicCfg os command injection 09.04.2026 9.3
CVE-2026-5978 Totolink A7100RU CGI cstecgi.cgi setWiFiAclRules os command injection 09.04.2026 9.3
CVE-2026-5976 Totolink A7100RU CGI cstecgi.cgi setStorageCfg os command injection 09.04.2026 9.3
CVE-2025-13926 Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision 10.04.2026 9.3
CVE-2026-40088 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in praisonai 09.04.2026 9.7
CVE-2026-40089 Sonicverse has Server-Side Request Forgery via user-controlled URLs in dashboard API client 09.04.2026 9.9
CVE-2026-5194 wolfSSL ECDSA Certificate Verification 09.04.2026 9.3
CVE-2026-5975 Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection 09.04.2026 9.3
CVE-2026-28205 Initialization of a resource with an insecure default in OpenPLC_V3 09.04.2026 9.2
CVE-2026-34971 Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift 09.04.2026 9
CVE-2026-34987 Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access 10.04.2026 9
CVE-2026-35556 Plaintext storage of a password in OpenPLC_V3 09.04.2026 9.2
CVE-2026-39912 v2board / Xboard Authentication Token Exposure via loginWithMailLink 09.04.2026 9.1
CVE-2026-39980 OpenCTI affected by RCE via notifier template 09.04.2026 9.1
CVE-2026-39987 marimo Affected by Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass 09.04.2026 9.3
CVE-2025-62718 Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF 09.04.2026 9.3
CVE-2026-34177 VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf 09.04.2026 9.1
CVE-2026-34178 Importing a crafted backup leads to project restriction bypass 09.04.2026 9.1
CVE-2026-34179 Update of type field in restricted TLS certificate allows privilege escalation to cluster admin 09.04.2026 9.1
CVE-2026-5852 Totolink A7100RU CGI cstecgi.cgi setIptvCfg os command injection 09.04.2026 9.3
CVE-2026-5853 Totolink A7100RU CGI cstecgi.cgi setIpv6LanCfg os command injection 09.04.2026 9.3
CVE-2026-5854 Totolink A7100RU CGI cstecgi.cgi setWiFiEasyCfg os command injection 09.04.2026 9.3
CVE-2026-5850 Totolink A7100RU CGI cstecgi.cgi setVpnPassCfg os command injection 09.04.2026 9.3
CVE-2026-5851 Totolink A7100RU CGI cstecgi.cgi setUPnPCfg os command injection 09.04.2026 9.3
CVE-2026-1830 Quick Playground <= 1.3.1 - Missing Authorization to Unauthenticated Arbitrary File Upload 09.04.2026 9.8
CVE-2026-3199 Nexus Repository 3 - Authenticated Remote Code Execution via Task Property Injection 09.04.2026 9.4
CVE-2026-40035 Unfurl - Werkzeug Debugger Exposure via String Config Parsing 09.04.2026 9.3
CVE-2026-39860 Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination 09.04.2026 9
CVE-2026-39888 PraisonAIAgents has a sandbox escape via exception frame traversal in `execute_code` (subprocess mode) 09.04.2026 10
CVE-2026-39890 PraisonAI Affected by Remote Code Execution via YAML Deserialization in Agent Definition Loading 09.04.2026 9.8
CVE-2026-2942 ProSolution WP Client <= 1.9.9 - Unauthenticated Arbitrary File Upload via proSol_fileUploadProcess 08.04.2026 9.8
CVE-2025-14815 Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64 08.04.2026 9.3
CVE-2025-14816 Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64 08.04.2026 9.3
CVE-2026-25776 08.04.2026 9.3
CVE-2026-3535 DSGVO Google Web Fonts GDPR <= 1.1 - Unauthenticated Arbitrary File Upload via 'fonturl' Parameter 08.04.2026 9.8
CVE-2026-4003 Users manager – PN <= 1.1.15 - Unauthenticated Privilege Escalation via Account Takeover via 'userspn_form_save' AJAX Action 08.04.2026 9.8
CVE-2026-3296 Everest Forms <= 3.4.3 - Unauthenticated PHP Object Injection via Form Entry Metadata 08.04.2026 9.8
CVE-2026-1346 Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access 09.04.2026 9.3
CVE-2026-34078 Flatpak has a complete sandbox escape leading to host file access and code execution in the host context 09.04.2026 9.3
CVE-2026-39846 SiYuan affected by Remote Code Execution in the Electron desktop client via stored XSS in synced table captions 08.04.2026 9.1
CVE-2026-39847 Emmett has a path traversal in internal assets handler 08.04.2026 9.1
CVE-2026-34580 Botan has a certificate authentication bypass due to trust anchor confusion 09.04.2026 9.3
CVE-2026-33439 Pre-Authentication Remote Code Execution via `jato.clientSession` Deserialization in OpenAM 08.04.2026 9.3
CVE-2026-39397 @delmaredigital/payload-puc is missing authorization on /api/puck/* CRUD endpoints allows unauthenticated access to Puck-registered collections 07.04.2026 9.4
CVE-2026-39382 dbt has a Command Injection in Reusable Workflow via Unsanitized comment-body Output 08.04.2026 9.3
CVE-2026-39322 PolarLearn: Any password authenticates banned accounts and grants API access 09.04.2026 9.2
CVE-2026-39355 Genealogy is Missing Authorization in `TeamController::transferOwnership()` Allows Any Authenticated User to Hijack Any Team (Broken Access Control) 08.04.2026 10
CVE-2026-39324 Rack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserialization 08.04.2026 9.3
CVE-2026-39337 ChurchCRM Affected by Unauthenticated RCE in Install Wizard 07.04.2026 10
CVE-2026-39339 ChurchCRM has an API Authentication Bypass 07.04.2026 9.1
CVE-2026-39342 ChurchCRM has a SQL injection searchwhat parameter via QueryView.php 09.04.2026 9.4
CVE-2026-35573 ChurchCRM has a Path traversal leads to RCE 08.04.2026 9.1
CVE-2026-23696 Windmill < 1.603.3 File Ownership Handling SQLi RCE 08.04.2026 9.4
CVE-2026-35614 Frappe has a SQL injection in bulk_update 09.04.2026 9.3
CVE-2026-35615 PraisonAI has a Path Traversal in FileTools 09.04.2026 9.2
CVE-2026-39305 Arbitrary File Write / Path Traversal in Action Orchestrator 07.04.2026 9
CVE-2026-4631 Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection 10.04.2026 9.8
CVE-2026-35580 Emissary has GitHub Actions Shell Injection via Workflow Inputs 07.04.2026 9.1
CVE-2026-35490 changedetection.io has an Authentication Bypass via Decorator Ordering 09.04.2026 9.8
CVE-2026-20889 08.04.2026 9.8
CVE-2026-20911 08.04.2026 9.8
CVE-2026-21413 08.04.2026 9.8
CVE-2026-5627 Path Traversal in mintplex-labs/anything-llm 07.04.2026 9.1
CVE-2021-4473 Tianxin Internet Behavior Management System Command Injection via toQuery.php 08.04.2026 9.3
CVE-2026-22679 Weaver E-cology 10.0 Unauthenticated RCE via dubboApi Debug Endpoint 07.04.2026 9.3
CVE-2025-39666 omd: Local privilege escalation when executing omd commands as root 07.04.2026 9.3
CVE-2026-1114 Improper Access Control via Weak JWT Token in parisneo/lollms 07.04.2026 9.8
CVE-2026-0740 Ninja Forms - File Upload <= 3.3.26 - Unauthenticated Arbitrary File Upload 08.04.2026 9.8
CVE-2026-35471 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs 07.04.2026 9.8
CVE-2026-35392 goshs has an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs PUT Upload 07.04.2026 9.8
CVE-2026-35393 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs POST multipart upload 08.04.2026 9.8
CVE-2026-35459 pyLoad has SSRF fix bypass via HTTP redirect 07.04.2026 9.3
CVE-2026-35022 Anthropic Claude Code & Agent SDK OS Command Injection via Authentication Helper 07.04.2026 9.3
CVE-2026-35178 Workbench Affected by Remote Code Execution (RCE) via Malicious Cookie in Timezone Conversion 07.04.2026 9.3
CVE-2026-35174 Chyrp Lite has a Path Traversal to Remote Code Execution 07.04.2026 9.1
CVE-2026-35050 text-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml". 07.04.2026 9.1
CVE-2026-35171 Arbitrary Code Execution via Malicious Logging Configuration in Kedro 07.04.2026 9.8
CVE-2026-35047 Brave CMS has Unrestricted File Upload in BraveCMS via CKEditor Endpoint 07.04.2026 9.3
CVE-2026-35030 LiteLLM has an authentication bypass via OIDC userinfo cache key collision 07.04.2026 9.4
CVE-2026-35039 fast-jwt Affected by Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup) 08.04.2026 9.1
CVE-2026-34989 CI4MS affected by Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 07.04.2026 9.4
CVE-2026-34841 Axios npm Supply Chain Incident Impacting @usebruno/cli 08.04.2026 9.8
CVE-2026-34976 Dgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization 07.04.2026 10
CVE-2026-34977 Aperi'Solve Affected by Unauthenticated RCE via JPSeek Analyzer Command 07.04.2026 9.3
CVE-2026-34950 fast-jwt has an incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key 06.04.2026 9.1
CVE-2026-34208 SandboxJS: Sandbox integrity escape 06.04.2026 10
CVE-2026-26026 GLPI has a Server-Side Template Injection via Double-Compilation 07.04.2026 9.1
CVE-2019-25687 Pegasus CMS 1.0 Remote Code Execution via extra_fields.php 06.04.2026 9.3
CVE-2016-20052 Snews CMS 1.7 Unrestricted File Upload via snews_files 06.04.2026 9.3
CVE-2018-25254 NICO-FTP 3.0.1.19 Buffer Overflow SEH 06.04.2026 9.3
CVE-2026-35616 07.04.2026 9.1
CVE-2017-20236 ProSoft Technology ICX35-HWC Command Injection via Web Interface 06.04.2026 9.3
CVE-2026-34938 PraisonAI: Python Sandbox Escape via str Subclass startswith() Override in execute_code 06.04.2026 10
CVE-2026-34952 PraisonAI: Missing Authentication in WebSocket Gateway 06.04.2026 9.1
CVE-2026-34953 PraisonAI: Authentication Bypass in OAuthManager.validate_token() 06.04.2026 9.1
CVE-2017-20234 GarrettCom Magnum 6K and 10K Authentication Bypass via Hardcoded String 06.04.2026 9.3
CVE-2018-25236 Hirschmann HiOS HiSecOS Authentication Bypass via HTTP Management 06.04.2026 9.3
CVE-2021-4477 Hirschmann HiLCOS OpenBAT BAT450 IPv6 IPsec Firewall Bypass 06.04.2026 9.3
CVE-2026-34612 Kestra: Remote Code Execution via SQL Injection 06.04.2026 10
CVE-2026-34934 PraisonAI: Second-Order SQL Injection in `get_all_user_threads` 06.04.2026 9.8
CVE-2026-34935 PraisonAI: OS Command Injection in MCPHandler.parse_mcp_command() 06.04.2026 9.8
CVE-2018-25237 Hirschmann HiSecOS Buffer Overflow via HTTPS Login 06.04.2026 9.3
CVE-2017-20237 Hirschmann Industrial HiVision Authentication Bypass Remote Code Execution 06.04.2026 9.3
CVE-2026-25197 Gardyn Cloud API Authorization Bypass Through User-Controlled Key 07.04.2026 9.3
CVE-2026-28766 Gardyn Cloud API Missing Authentication for Critical Function 07.04.2026 9.2
CVE-2026-35560 Improper certificate validation in identity provider connection components in Amazon Athena ODBC driver 07.04.2026 9.1
CVE-2026-35561 Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver 07.04.2026 9.1
CVE-2026-28798 Arbitrary internal service access via /v1/sys/proxy when Cloudflare Tunnel is enabled on ZimaOS 06.04.2026 9.1

Latest Updates

CVE Title Updated Score
CVE-2026-23781 10.04.2026
CVE-2026-29043 HDF5 H5T__ref_mem_setnull Heap Buffer Overflow 10.04.2026 5.5
CVE-2026-34477 Apache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypass 10.04.2026
CVE-2026-34478 Apache Log4j Core: Log injection in Rfc5424Layout due to silent configuration incompatibility 10.04.2026
CVE-2026-34479 Apache Log4j 1 to Log4j 2 bridge: Silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters 10.04.2026
CVE-2026-34480 Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters 10.04.2026
CVE-2026-34481 Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout 10.04.2026
CVE-2026-34727 Vikunja ahs a TOTP Two-Factor Authentication Bypass via OIDC Login Path 10.04.2026 7.4
CVE-2026-35594 Vikunja Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade 10.04.2026 6.5
CVE-2026-40021 Apache Log4net: Silent log event loss in XmlLayout and XmlLayoutSchemaLog4J due to unescaped XML 1.0 forbidden characters 10.04.2026
CVE-2026-40023 Apache Log4cxx, Apache Log4cxx (Conan), Apache Log4cxx (Brew): Silent log event loss in XMLLayout due to unescaped XML 1.0 forbidden characters 10.04.2026
CVE-2026-40228 10.04.2026 2.9
CVE-2026-40225 10.04.2026 6.4
CVE-2026-40226 10.04.2026 6.4
CVE-2026-40227 10.04.2026 6.2
CVE-2026-29002 CouchCMS Privilege Escalation via f_k_levels_list Parameter 10.04.2026
CVE-2026-40223 10.04.2026 4.7
CVE-2026-40224 10.04.2026 6.7
CVE-2025-44560 10.04.2026
CVE-2026-29861 10.04.2026
CVE-2026-31262 10.04.2026
CVE-2026-36232 10.04.2026
CVE-2026-36233 10.04.2026
CVE-2026-36236 10.04.2026
CVE-2026-23780 10.04.2026
CVE-2026-23782 10.04.2026
CVE-2026-36234 10.04.2026
CVE-2026-36235 10.04.2026
CVE-2026-40217 10.04.2026 8.8
CVE-2025-58913 WordPress VideoPro theme <= 2.3.8.1 - Local File Inclusion vulnerability 10.04.2026 8.1
CVE-2025-58920 WordPress Cerato theme <= 2.2.18 - Reflected Cross Site Scripting (XSS) vulnerability 10.04.2026 7.1
CVE-2025-5804 WordPress Case Theme User < 1.0.4 - Local File Inclusion Vulnerability 10.04.2026 7.5
CVE-2026-33092 10.04.2026
CVE-2026-6067 CVE-2026-6067 10.04.2026
CVE-2026-6068 CVE-2026-6068 10.04.2026
CVE-2026-6069 CVE-2026-6069 10.04.2026
CVE-2026-5412 Juju CloudSpec API could leak senstive information 10.04.2026 9.9
CVE-2026-5774 Juju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map 10.04.2026
CVE-2026-5777 Security Misconfiguration Vulnerability in Atom 3x Projector 10.04.2026
CVE-2026-31412 usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() 10.04.2026
CVE-2026-39304 Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incorrect handling of TLSv1.3 KeyUpdate can be exploited to cause DoS via OOM 10.04.2026
CVE-2021-47960 10.04.2026 6.5
CVE-2021-47961 10.04.2026 8.1
CVE-2026-4162 Gravity SMTP <= 2.1.4 - Missing Authorization to Authenticated (Subscriber+) Plugin Uninstall 10.04.2026 7.1
CVE-2026-6057 Unauthenticated Path Traversal in FalkorDB Browser Leads to Remote Code Execution 10.04.2026
CVE-2026-6038 code-projects Vehicle Showroom Management System RegisterCustomerFunction.php sql injection 10.04.2026
CVE-2026-6042 musl libc GB18030 4-byte Decoder iconv.c iconv algorithmic complexity 10.04.2026
CVE-2026-33455 Livestatus injection in monitoring quicksearch 10.04.2026
CVE-2026-33456 Potential livestatus injection in notification test 10.04.2026
CVE-2026-33457 Potential livestatus injection in prediction graph page 10.04.2026
CVE-2026-6036 code-projects Vehicle Showroom Management System VehicleDetailsFunction.php sql injection 10.04.2026
CVE-2026-6037 code-projects Vehicle Showroom Management System AddVehicleFunction.php sql injection 10.04.2026
CVE-2026-22750 SSL bundle configuration silently bypassed in Spring Cloud Gateway 10.04.2026 7.5
CVE-2026-40212 10.04.2026 5.4
CVE-2026-5525 Stack-Based Buffer Overflow in Notepad++ File Drop Handler leads to DoS 10.04.2026 6
CVE-2026-6033 CodeAstro Online Classroom updatedetailsfromstudent.php sql injection 10.04.2026
CVE-2026-6034 code-projects Vehicle Showroom Management System ProfitAndLossReport.php cross site scripting 10.04.2026
CVE-2026-6035 code-projects Vehicle Showroom Management System ServiceAndSalesReport.php cross site scripting 10.04.2026
CVE-2026-6031 code-projects Simple IT Discussion Forum add-category-function.php sql injection 10.04.2026
CVE-2026-6032 code-projects Simple Laundry System checkcheckout.php cross site scripting 10.04.2026
CVE-2026-1115 Stored XSS in parisneo/lollms 10.04.2026
CVE-2026-6028 Totolink A7100RU CGI cstecgi.cgi setPptpServerCfg os command injection 10.04.2026
CVE-2026-6029 Totolink A7100RU CGI cstecgi.cgi setVpnAccountCfg os command injection 10.04.2026
CVE-2026-6030 itsourcecode Construction Management System del1.php sql injection 10.04.2026
CVE-2025-14545 YML for Yandex Market < 5.0.26 - Shop Manager+ RCE via Feed Generation 10.04.2026
CVE-2026-28704 10.04.2026
CVE-2026-4432 YITH WooCommerce Wishlist < 4.13.0 - Unauthenticated Arbitrary Wishlist Renaming via IDOR 10.04.2026
CVE-2026-6026 Totolink A7100RU CGI cstecgi.cgi setPortalConfWeChat os command injection 10.04.2026
CVE-2026-6027 Totolink A7100RU CGI cstecgi.cgi setUrlFilterRules os command injection 10.04.2026
CVE-2026-5477 Prefix-substitution forgery via integer overflow in wolfCrypt CMAC 10.04.2026
CVE-2026-6015 Tenda AC9 POST Request QuickIndex formQuickIndex stack-based overflow 10.04.2026
CVE-2026-6016 Tenda AC9 POST Request WizardHandle decodePwd stack-based overflow 10.04.2026
CVE-2026-6024 Tenda i6 HTTP R7WebsSecurityHandlerfunction path traversal 10.04.2026
CVE-2026-6025 Totolink A7100RU CGI cstecgi.cgi setSyslogCfg os command injection 10.04.2026
CVE-2026-4482 Insight Agent Private Key Information Disclosure via Inherited File Permissions 10.04.2026
CVE-2026-6011 OpenClaw assertPublicHostname web-fetch.ts server-side request forgery 10.04.2026
CVE-2026-6012 D-Link DIR-513 POST Request formSetPassword buffer overflow 10.04.2026
CVE-2026-6013 D-Link DIR-513 POST Request formSetRoute buffer overflow 10.04.2026
CVE-2026-6014 D-Link DIR-513 POST Request formAdvanceSetup buffer overflow 10.04.2026
CVE-2026-2305 AddFunc Head & Footer Code <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Fields 10.04.2026 6.4
CVE-2026-5188 Integer underflow in X.509 SAN parsing in wolfSSL 10.04.2026
CVE-2026-5466 wc_VerifyEccsiHash missing sanity check 10.04.2026
CVE-2026-5479 wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag 10.04.2026
CVE-2026-5500 Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass 10.04.2026
CVE-2026-5501 Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates 10.04.2026
CVE-2026-6005 code-projects Patient Record Management System hematology_print.php sql injection 10.04.2026
CVE-2026-6006 code-projects Patient Record Management System edit_hpatient.php sql injection 10.04.2026
CVE-2026-6007 itsourcecode Construction Management System del.php sql injection 10.04.2026
CVE-2026-6010 CodeAstro Online Classroom takeassessment2.php sql injection 10.04.2026
CVE-2026-33551 10.04.2026 3.5
CVE-2026-5999 JeecgBoot SysAnnouncementController improper authorization 10.04.2026
CVE-2026-6000 code-projects Online Library Management System SQL Database Backup File library.sql information disclosure 10.04.2026
CVE-2026-6003 code-projects Simple IT Discussion Forum user.php cross site scripting 10.04.2026
CVE-2026-6004 code-projects Simple IT Discussion Forum delete-category.php sql injection 10.04.2026
CVE-2026-1263 Webling <= 3.9.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'title' Parameter 10.04.2026 6.4
CVE-2026-1924 Aruba HiSpeed Cache <= 3.0.4 - Cross-Site Request Forgery to Plugin Settings Reset 10.04.2026 4.3
CVE-2026-25203 10.04.2026 7.8
CVE-2026-2712 WP-Optimize <= 4.5.0 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update and Image Manipulation 10.04.2026 5.4
CVE-2026-3360 Tutor LMS <= 3.9.7 - Missing Authorization to Unauthenticated Arbitrary Billing Profile Overwrite via 'order_id' Parameter 10.04.2026 7.5
CVE-2026-4057 Download Manager <= 3.3.51 - Missing Authorization to Authenticated (Contributor+) Media File Protection Removal 10.04.2026 4.3
CVE-2026-4305 Royal WordPress Backup & Restore Plugin <= 1.0.16 - Reflected Cross-Site Scripting via 'wpr_pending_template' Parameter 10.04.2026 6.1
CVE-2026-4351 Perfmatters <= 2.5.9 - Authenticated (Subscriber+) Arbitrary File Overwrite via 'snippets' Parameter 10.04.2026 8.1
CVE-2026-4664 Customer Reviews for WooCommerce <= 5.103.0 - Unauthenticated Authentication Bypass to Arbitrary Review Submission via 'key' Parameter 10.04.2026 5.3
CVE-2026-4977 UsersWP <= 1.2.58 - Authenticated (Subscriber+) Restricted Usermeta Modification via 'htmlvar' Parameter 10.04.2026 4.3
CVE-2026-5996 Totolink A7100RU CGI cstecgi.cgi setAdvancedInfoShow os command injection 10.04.2026
CVE-2026-5997 Totolink A7100RU CGI cstecgi.cgi setLoginPasswordCfg os command injection 10.04.2026
CVE-2026-5998 zhayujie chatgpt-on-wechat CowAgent API Memory Content Endpoint service.py dispatch path traversal 10.04.2026
CVE-2026-5993 Totolink A7100RU CGI cstecgi.cgi setWiFiGuestCfg os command injection 10.04.2026
CVE-2026-5994 Totolink A7100RU CGI cstecgi.cgi setTelnetCfg os command injection 10.04.2026
CVE-2026-5995 Totolink A7100RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection 10.04.2026
CVE-2026-5992 Tenda F451 P2pListFilter fromP2pListFilter stack-based overflow 10.04.2026
CVE-2026-5991 Tenda F451 WrlExtraSet formWrlExtraSet stack-based overflow 09.04.2026
CVE-2026-5460 Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3 10.04.2026
CVE-2026-5990 Tenda F451 SafeEmailFilter fromSafeEmailFilter stack-based overflow 10.04.2026
CVE-2026-5392 wolfSSL heap OOB read in PKCS7 SignedData streaming 10.04.2026
CVE-2026-5393 OOB Read in DoTls13CertificateVerify with WOLFSSL_DUAL_ALG_CERTS 10.04.2026
CVE-2026-5448 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore 10.04.2026
CVE-2026-5989 Tenda F451 RouteStatic fromRouteStatic stack-based overflow 09.04.2026
CVE-2026-34424 Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Access Toolkit 09.04.2026
CVE-2026-5295 Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID 09.04.2026
CVE-2026-5987 Sanluan PublicCMS FreeMarker Template AbstractFreemarkerView.java AbstractFreemarkerView.doRender special elements used in a template engine 10.04.2026
CVE-2026-5988 Tenda F451 AdvSetWrlsafeset formWrlsafeset stack-based overflow 09.04.2026
CVE-2026-5503 out-of-bounds write in TLSX_EchChangeSNI via attacker-controlled publicName 09.04.2026
CVE-2026-5504 PKCS7 CBC Padding Oracle — Plaintext Recovery 09.04.2026
CVE-2026-5986 Zod jsVideoUrlParser util.js getTime redos 09.04.2026
CVE-2026-5507 Session Cache Restore — Arbitrary Free via Deserialized Pointer 09.04.2026
CVE-2026-5985 code-projects Simple IT Discussion Forum crud.php sql injection 10.04.2026
CVE-2026-5984 D-Link DIR-605L POST Request formSetLog buffer overflow 09.04.2026
CVE-2025-13914 Apstra: SSH host key validation vulnerability for managed devices 09.04.2026 8.7
CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords 09.04.2026 7.4
CVE-2026-33774 Junos OS: MX Series: Firewall filters on lo0.<non-0> in the default routing instance are not in effect 10.04.2026 6.5
CVE-2026-33776 Junos OS and Junos OS Evolved: Specific low privileged CLI command exposes sensitive information 10.04.2026 5.5
CVE-2026-33778 Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes 10.04.2026 7.5
CVE-2026-33781 Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed 10.04.2026 6.5
CVE-2026-33783 Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftmand crashes 09.04.2026 6.5
CVE-2026-33784 JSI Virtual Lightweight Collector: Default password is not required to be changed which allows unauthorized high-privileged access 09.04.2026 9.8
CVE-2026-33785 Junos OS: MX Series: Missing Authorization for specific 'request' CLI commands in a JDM/CSDS scenario 09.04.2026 8.8
CVE-2026-33787 Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specific show command is executed chassisd crashes 09.04.2026 5.5
CVE-2026-33790 Junos OS: SRX Series: In a NAT64 configuration, receipt of a specific, malformed ICMPv6 packet will cause the srxpfe process to crash and restart. 10.04.2026 7.5
CVE-2026-33791 Junos OS and Junos OS Evolved: Execution of crafted CLI commands allows for arbitrary shell injection as root 09.04.2026 6.7
CVE-2026-33797 Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset 09.04.2026 7.4
CVE-2026-39848 Dockyard's Unauthenticated Cron Endpoint in Dockyard Enables Container Enumeration and Database Manipulation 10.04.2026 6.5
CVE-2026-40154 PraisonAI Affected by Untrusted Remote Template Code Execution 09.04.2026 9.3
CVE-2026-5264 DTLS 1.3 ACK heap buffer overflow 10.04.2026
CVE-2026-5772 MatchDomainName 1-Byte Stack Buffer Over-Read in Hostname Validation 10.04.2026
CVE-2026-5778 Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path. 10.04.2026
CVE-2026-5983 D-Link DIR-605L POST Request formSetDDNS buffer overflow 09.04.2026
CVE-2025-59969 Junos OS Evolved: QFX5000 Series and PTX Series: An attacker sending crafted multicast packets will cause evo-aftmand / evo-pfemand to crash and restart 09.04.2026 6.5
CVE-2026-21904 Junos Space: ilpFilter field on nLegacy.jsp is vulnerable to reflected cross-site script injection 10.04.2026 6.1
CVE-2026-21915 JSI Virtual Lightweight Collector: Shell escape allows privilege escalation to root 10.04.2026 6.7
CVE-2026-21916 Junos OS: A low privileged user can escalate their privileges so that they can login as root 10.04.2026 7.3
CVE-2026-21919 Junos OS and Junos OS Evolved: A high frequency of connecting and disconnecting NETCONF sessions causes management unavailability 09.04.2026 6.5
CVE-2026-33773 Junos OS: EX Series, QFX Series: If the same egress filter is configured on both an IRB and a physical interface one of those is not applied 09.04.2026 5.8
CVE-2026-33775 Junos OS: MX Series: Mismatch between configured and received packet types causes memory leak in bbe-smgd 09.04.2026 6.5
CVE-2026-33779 Junos OS: SRX Series: Insufficient certificate verification for device to SD cloud communication 09.04.2026 6.5
CVE-2026-33780 Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald 09.04.2026 6.5
CVE-2026-33782 Junos OS: MX Series: In specific DHCPv6 scenarios jdhcpd memory increases continuously with subscriber logouts 09.04.2026 6.5
CVE-2026-33786 Junos OS: SRX1600, SRX2300, SRX4300: When a specific show command is executed chassisd crashes 09.04.2026 5.5
CVE-2026-33788 Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs 10.04.2026 7.8
CVE-2026-33793 Junos OS and Junos OS Evolved: When an unsigned Python op script configuration is present, a local low privileged user can compromise the system 09.04.2026 7.8
CVE-2026-34512 OpenClaw < 2026.3.25 - Improper Access Control in /sessions/:sessionKey/kill Endpoint 09.04.2026
CVE-2026-35617 OpenClaw < 2026.3.25 - Authorization Bypass via Group Policy Rebinding with Mutable Space displayName 09.04.2026
CVE-2026-35618 OpenClaw < 2026.3.23 - Replay Identity Drift via Query-Only Variants in Plivo V2 Verification 10.04.2026
CVE-2026-35622 OpenClaw < 2026.3.22 - Improper Authentication Verification in Google Chat Webhook 09.04.2026
CVE-2026-35623 OpenClaw < 2026.3.25 - Brute-Force Attack via Missing Webhook Password Rate Limiting 10.04.2026
CVE-2026-35624 OpenClaw < 2026.3.22 - Policy Confusion via Room Name Collision in Nextcloud Talk 09.04.2026
CVE-2026-35625 OpenClaw < 2026.3.25 - Privilege Escalation via Silent Local Shared-Auth Reconnect 09.04.2026
CVE-2026-35626 OpenClaw < 2026.3.22 - Unauthenticated Resource Exhaustion via Voice Call Webhook 09.04.2026
CVE-2026-35627 OpenClaw < 2026.3.22 - Unauthenticated Cryptographic Work in Nostr Inbound DM Handling 10.04.2026
CVE-2026-35628 OpenClaw < 2026.3.25 - Brute-Force Attack via Missing Telegram Webhook Rate Limiting 09.04.2026
CVE-2026-35629 OpenClaw < 2026.3.25 - Server-Side Request Forgery via Unguarded Configured Base URLs in Channel Extensions 10.04.2026
CVE-2026-35631 OpenClaw < 2026.3.22 - Missing Authorization Enforcement in Internal ACP Chat Commands 09.04.2026
CVE-2026-35632 OpenClaw < 2026.2.22 - Symlink Traversal via IDENTITY.md appendFile in agents.create/update 10.04.2026
CVE-2026-35633 OpenClaw < 2026.3.22 - Unbounded Memory Allocation via Remote Media Error Responses 09.04.2026
CVE-2026-35634 OpenClaw < 2026.3.23 - Authentication Bypass via Local-Direct Requests in Canvas Gateway 10.04.2026
CVE-2026-35635 OpenClaw < 2026.3.22 - Webhook Path Route Replacement Vulnerability in Synology Chat 09.04.2026
CVE-2026-35636 OpenClaw 2026.3.11 < 2026.3.25 - Session Isolation Bypass via sessionId Resolution 09.04.2026
CVE-2026-35637 OpenClaw < 2026.3.22 - Premature Cite Expansion Before Authorization in Channel and DM 09.04.2026
CVE-2026-35638 OpenClaw < 2026.3.22 - Privilege Escalation via Self-Declared Scopes in Trusted-Proxy Control UI 10.04.2026
CVE-2026-35639 OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation 09.04.2026
CVE-2026-35640 OpenClaw < 2026.3.25 - Denial of Service via Unauthenticated Webhook Request Parsing 10.04.2026
CVE-2026-35642 OpenClaw < 2026.3.25 - Authorization Bypass in Group Reactions via requireMention Bypass 09.04.2026
CVE-2026-35644 OpenClaw < 2026.3.22 - Credential Exposure via baseUrl Fields in Gateway Snapshots 10.04.2026
CVE-2026-35645 OpenClaw < 2026.3.25 - Privilege Escalation via Synthetic operator.admin in deleteSession 09.04.2026
CVE-2026-35646 OpenClaw < 2026.3.25 - Pre-Authentication Rate-Limit Bypass in Webhook Token Validation 10.04.2026
CVE-2026-40111 PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py) 09.04.2026
CVE-2026-40112 PraisonAI has Stored XSS via Unsanitized Agent Output in HTML Rendering (nh3 Not a Required Dependency) 09.04.2026 5.4
CVE-2026-40113 PraisonAI has an Argument Injection into Cloud Run Environment Variables via Unsanitized Comma in gcloud --set-env-vars 09.04.2026 8.4
CVE-2026-40114 PraisonAI has Server-Side Request Forgery via Unvalidated webhook_url in Jobs API 09.04.2026 7.2
CVE-2026-40115 PraisonAI has an Unrestricted Upload Size in WSGI Recipe Registry Server Enables Memory Exhaustion DoS 09.04.2026 6.2
CVE-2026-40116 PraisonAI's Unauthenticated WebSocket Endpoint Proxies to Paid OpenAI Realtime API Without Rate Limits 09.04.2026 7.5
CVE-2026-40117 PraisonAIAgents Affected by Arbitrary File Read via read_skill_file Missing Workspace Boundary and Approval Gate 09.04.2026 6.2
CVE-2026-40148 PraisonAI Affected by Decompression Bomb DoS via Recipe Bundle Extraction Without Size Limits 09.04.2026 6.5
CVE-2026-40149 PraisonAI has an Unauthenticated Allow-List Manipulation Bypasses Agent Tool Approval Safety Controls 09.04.2026 7.9
CVE-2026-40150 PraisonAIAgents has SSRF and Local File Read via Unvalidated URLs in web_crawl Tool 09.04.2026 7.7
CVE-2026-40151 PraisonAI Affected by Unauthenticated Information Disclosure of Agent Instructions via /api/agents in AgentOS 09.04.2026 5.3
CVE-2026-40152 PraisonAIAgents has a Path Traversal via Unvalidated Glob Pattern in list_files Bypasses Workspace Boundary 09.04.2026 5.3
CVE-2026-40153 PraisonAIAgents Affected by Environment Variable Secret Exfiltration via os.path.expandvars() Bypassing shell=False in Shell Tool 09.04.2026 7.4
CVE-2026-5263 URI nameConstraints not enforced in ConfirmNameConstraints() 09.04.2026
CVE-2026-5981 D-Link DIR-605L POST Request formAdvFirewall buffer overflow 09.04.2026
CVE-2026-5982 D-Link DIR-605L POST Request formAdvNetwork buffer overflow 10.04.2026
CVE-2023-54358 WordPress adivaha Travel Plugin 2.3 Reflected XSS via isMobile 09.04.2026
CVE-2023-54359 WordPress adivaha Travel Plugin 2.3 SQL Injection via pid 09.04.2026
CVE-2023-54360 Joomla JLex Review 6.0.1 Reflected XSS via review_id Parameter 09.04.2026
CVE-2023-54361 Joomla iProperty Real Estate 4.1.1 Reflected XSS via filter_keyword 10.04.2026
CVE-2023-54362 Joomla VirtueMart Shopping-Cart 4.0.12 Reflected XSS via keyword 09.04.2026
CVE-2023-54363 Joomla Solidres 2.13.3 Reflected XSS via Multiple Parameters 10.04.2026
CVE-2023-54364 Joomla HikaShop 4.7.4 Reflected XSS via Product Filter 09.04.2026
CVE-2026-35206 Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment 09.04.2026
CVE-2026-40107 SiYuan Affected by Zero-Click NTLM Hash Theft and Blind SSRF via Mermaid Diagram Rendering 09.04.2026
CVE-2026-40109 Flux notification-controller GCR Receiver missing email validation allows unauthorized reconciliation triggering 09.04.2026 3.1
CVE-2026-5446 wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse 09.04.2026
CVE-2026-5980 D-Link DIR-605L POST Request formSetMACFilter buffer overflow 10.04.2026
CVE-2026-40093 nimiq-blockchain is missing a wall-clock upper bound on block timestamps 09.04.2026 8.1
CVE-2026-5447 Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier 09.04.2026
CVE-2026-5977 Totolink A7100RU CGI cstecgi.cgi setWiFiBasicCfg os command injection 09.04.2026
CVE-2026-5978 Totolink A7100RU CGI cstecgi.cgi setWiFiAclRules os command injection 09.04.2026
CVE-2026-5979 D-Link DIR-605L POST Request formVirtualServ buffer overflow 09.04.2026
CVE-2026-4436 GPL Odorizers GPL750 Missing Authentication for Critical Function 09.04.2026 8.6
CVE-2026-5976 Totolink A7100RU CGI cstecgi.cgi setStorageCfg os command injection 09.04.2026
CVE-2025-13926 Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision 10.04.2026 9.8
CVE-2026-34483 Apache Tomcat: Incomplete escaping of JSON access logs 09.04.2026
CVE-2026-34486 Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor 09.04.2026
CVE-2026-34487 Apache Tomcat: Cloud membership for clustering component exposed the Kubernetes bearer token 09.04.2026
CVE-2026-34500 Apache Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled 10.04.2026
CVE-2026-35577 Missing Host Header Validation in Apollo MCP Server for Localhost Deployments 09.04.2026 6.8
CVE-2026-40087 LangChain has incomplete f-string validation in prompt templates 09.04.2026 5.3
CVE-2026-40088 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in praisonai 09.04.2026 9.7
CVE-2026-40089 Sonicverse has Server-Side Request Forgery via user-controlled URLs in dashboard API client 09.04.2026 9.9
CVE-2026-5187 Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSL 09.04.2026
CVE-2026-5194 wolfSSL ECDSA Certificate Verification 09.04.2026
CVE-2026-5974 FoundationAgents MetaGPT terminal.py Bash.run os command injection 09.04.2026
CVE-2026-5975 Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection 09.04.2026
CVE-2026-24880 Apache Tomcat: Request smuggling via invalid chunk extension 09.04.2026
CVE-2026-25854 Apache Tomcat: Occasionally open redirect 09.04.2026
CVE-2026-29129 Apache Tomcat: TLS cipher order is not preserved 09.04.2026
CVE-2026-29145 Apache Tomcat, Apache Tomcat Native: OCSP checks sometimes soft-fail even when soft-fail is disabled 09.04.2026
CVE-2026-29146 Apache Tomcat: EncryptInterceptor vulnerable to padding oracle attack by default 09.04.2026
CVE-2026-29923 09.04.2026
CVE-2026-32990 Apache Tomcat: Fix for CVE-2025-66614 is incomplete 09.04.2026
CVE-2026-34734 HDF5: H5T__conv_struct Use After Free 09.04.2026 7.8
CVE-2026-35063 Missing Authorization in OpenPLC_V3 09.04.2026
CVE-2026-39977 flatpak-builder has a path traversal leading to arbitrary file read on host when installing licence files 09.04.2026
CVE-2026-40077 Beszel has an IDOR in hub API endpoints that read system ID from URL parameter 09.04.2026 3.5
CVE-2026-5972 FoundationAgents MetaGPT terminal.py Terminal.run_command os command injection 10.04.2026
CVE-2026-5973 FoundationAgents MetaGPT common.py get_mime_type os command injection 09.04.2026
CVE-2026-28205 Initialization of a resource with an insecure default in OpenPLC_V3 09.04.2026
CVE-2026-31170 09.04.2026
CVE-2026-34943 Wasmtime panics when lifting `flags` component value 09.04.2026
CVE-2026-34944 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64 09.04.2026
CVE-2026-34945 Wasmtime leaks host data with 64-bit tables and Winch 10.04.2026
CVE-2026-34946 Wasmtime's host panics when Winch compiler executes `table.fill` 09.04.2026
CVE-2026-34971 Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift 09.04.2026
CVE-2026-34983 Wasmtime has a use-after-free bug after cloning `wasmtime::Linker` 09.04.2026
CVE-2026-34987 Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access 10.04.2026
CVE-2026-34988 Wasmtime leaks data between pooling allocator instances 09.04.2026
CVE-2026-35186 Wasmtime has an improperly masked return value from `table.grow` with Winch compiler backend 09.04.2026
CVE-2026-35195 Wasmtime has an out-of-bounds write or crash when transcoding component model strings 09.04.2026
CVE-2026-35556 Plaintext storage of a password in OpenPLC_V3 09.04.2026
CVE-2026-39912 v2board / Xboard Authentication Token Exposure via loginWithMailLink 09.04.2026
CVE-2026-34941 Wasmtime has a Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding 10.04.2026
CVE-2026-34942 Wasmtime panics when transcoding misaligned utf-16 strings 09.04.2026