| CVE-2019-25709 |
CF Image Hosting Script 1.6.5 Unauthorized Database Access |
12.04.2026 |
9.3 |
| CVE-2026-6115 |
Totolink A7100RU CGI cstecgi.cgi setAppCfg os command injection |
12.04.2026 |
9.3 |
| CVE-2026-6116 |
Totolink A7100RU CGI cstecgi.cgi setDiagnosisCfg os command injection |
12.04.2026 |
9.3 |
| CVE-2026-6112 |
Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os command injection |
12.04.2026 |
9.3 |
| CVE-2026-6113 |
Totolink A7100RU CGI cstecgi.cgi setTtyServiceCfg os command injection |
12.04.2026 |
9.3 |
| CVE-2026-6114 |
Totolink A7100RU CGI cstecgi.cgi setNetworkCfg os command injection |
12.04.2026 |
9.3 |
| CVE-2026-31845 |
|
11.04.2026 |
9.3 |
| CVE-2026-4149 |
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability |
11.04.2026 |
10 |
| CVE-2026-5058 |
aws-mcp-server Command Injection Remote Code Execution Vulnerability |
11.04.2026 |
9.8 |
| CVE-2026-5059 |
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability |
11.04.2026 |
9.8 |
| CVE-2026-40189 |
goshs has a file-based ACL authorization bypass in goshs state-changing routes |
10.04.2026 |
9.3 |
| CVE-2026-40175 |
Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain |
10.04.2026 |
10 |
| CVE-2026-40177 |
Password bypass when 2FA is activated |
10.04.2026 |
9.3 |
| CVE-2026-33707 |
Weak Password Recovery Mechanism for Forgotten Password in chamilo/chamilo-lms |
10.04.2026 |
9.4 |
| CVE-2026-33698 |
Chamilo LMS affected by unauthenticated RCE in main/install folder |
10.04.2026 |
9.3 |
| CVE-2026-32892 |
OS Command Injection in Chamilo LMS 1.11.36 |
10.04.2026 |
9.1 |
| CVE-2026-40157 |
PraisonAI affected by arbitrary file write via path traversal in `praisonai recipe unpack` |
10.04.2026 |
9.4 |
| CVE-2026-5412 |
Juju CloudSpec API could leak senstive information |
10.04.2026 |
9.9 |
| CVE-2026-1115 |
Stored XSS in parisneo/lollms |
10.04.2026 |
9.6 |
| CVE-2026-6028 |
Totolink A7100RU CGI cstecgi.cgi setPptpServerCfg os command injection |
10.04.2026 |
9.3 |
| CVE-2026-6029 |
Totolink A7100RU CGI cstecgi.cgi setVpnAccountCfg os command injection |
10.04.2026 |
9.3 |
| CVE-2026-6026 |
Totolink A7100RU CGI cstecgi.cgi setPortalConfWeChat os command injection |
10.04.2026 |
9.3 |
| CVE-2026-6027 |
Totolink A7100RU CGI cstecgi.cgi setUrlFilterRules os command injection |
10.04.2026 |
9.3 |
| CVE-2026-6025 |
Totolink A7100RU CGI cstecgi.cgi setSyslogCfg os command injection |
10.04.2026 |
9.3 |
| CVE-2026-5996 |
Totolink A7100RU CGI cstecgi.cgi setAdvancedInfoShow os command injection |
10.04.2026 |
9.3 |
| CVE-2026-5997 |
Totolink A7100RU CGI cstecgi.cgi setLoginPasswordCfg os command injection |
10.04.2026 |
9.3 |
| CVE-2026-5993 |
Totolink A7100RU CGI cstecgi.cgi setWiFiGuestCfg os command injection |
10.04.2026 |
9.3 |
| CVE-2026-5994 |
Totolink A7100RU CGI cstecgi.cgi setTelnetCfg os command injection |
10.04.2026 |
9.3 |
| CVE-2026-5995 |
Totolink A7100RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection |
10.04.2026 |
9.3 |
| CVE-2026-34424 |
Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Access Toolkit |
09.04.2026 |
9.3 |
| CVE-2026-33771 |
CTP OS: Configuring password requirements does not work which permits the use of weak passwords |
09.04.2026 |
9.1 |
| CVE-2026-33784 |
JSI Virtual Lightweight Collector: Default password is not required to be changed which allows unauthorized high-privileged access |
09.04.2026 |
9.3 |
| CVE-2026-40154 |
PraisonAI Affected by Untrusted Remote Template Code Execution |
10.04.2026 |
9.3 |
| CVE-2026-40111 |
PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py) |
09.04.2026 |
9.3 |
| CVE-2026-5977 |
Totolink A7100RU CGI cstecgi.cgi setWiFiBasicCfg os command injection |
09.04.2026 |
9.3 |
| CVE-2026-5978 |
Totolink A7100RU CGI cstecgi.cgi setWiFiAclRules os command injection |
09.04.2026 |
9.3 |
| CVE-2026-5976 |
Totolink A7100RU CGI cstecgi.cgi setStorageCfg os command injection |
09.04.2026 |
9.3 |
| CVE-2025-13926 |
Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision |
10.04.2026 |
9.3 |
| CVE-2026-40088 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in praisonai |
09.04.2026 |
9.7 |
| CVE-2026-40089 |
Sonicverse has Server-Side Request Forgery via user-controlled URLs in dashboard API client |
09.04.2026 |
9.9 |
| CVE-2026-5194 |
wolfSSL ECDSA Certificate Verification |
10.04.2026 |
9.3 |
| CVE-2026-5975 |
Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection |
09.04.2026 |
9.3 |
| CVE-2026-28205 |
Initialization of a resource with an insecure default in OpenPLC_V3 |
10.04.2026 |
9.2 |
| CVE-2026-34971 |
Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift |
09.04.2026 |
9 |
| CVE-2026-34987 |
Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access |
10.04.2026 |
9 |
| CVE-2026-35556 |
Plaintext storage of a password in OpenPLC_V3 |
10.04.2026 |
9.2 |
| CVE-2026-39912 |
v2board / Xboard Authentication Token Exposure via loginWithMailLink |
09.04.2026 |
9.1 |
| CVE-2026-39980 |
OpenCTI affected by RCE via notifier template |
09.04.2026 |
9.1 |
| CVE-2026-39987 |
marimo Affected by Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass |
09.04.2026 |
9.3 |
| CVE-2025-62718 |
Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF |
09.04.2026 |
9.3 |
| CVE-2026-34177 |
VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf |
09.04.2026 |
9.1 |
| CVE-2026-34178 |
Importing a crafted backup leads to project restriction bypass |
09.04.2026 |
9.1 |
| CVE-2026-34179 |
Update of type field in restricted TLS certificate allows privilege escalation to cluster admin |
09.04.2026 |
9.1 |
| CVE-2026-5852 |
Totolink A7100RU CGI cstecgi.cgi setIptvCfg os command injection |
09.04.2026 |
9.3 |
| CVE-2026-5853 |
Totolink A7100RU CGI cstecgi.cgi setIpv6LanCfg os command injection |
09.04.2026 |
9.3 |
| CVE-2026-5854 |
Totolink A7100RU CGI cstecgi.cgi setWiFiEasyCfg os command injection |
09.04.2026 |
9.3 |
| CVE-2026-5850 |
Totolink A7100RU CGI cstecgi.cgi setVpnPassCfg os command injection |
09.04.2026 |
9.3 |
| CVE-2026-5851 |
Totolink A7100RU CGI cstecgi.cgi setUPnPCfg os command injection |
09.04.2026 |
9.3 |
| CVE-2026-1830 |
Quick Playground <= 1.3.1 - Missing Authorization to Unauthenticated Arbitrary File Upload |
09.04.2026 |
9.8 |
| CVE-2026-3199 |
Nexus Repository 3 - Authenticated Remote Code Execution via Task Property Injection |
09.04.2026 |
9.4 |
| CVE-2026-40035 |
Unfurl - Werkzeug Debugger Exposure via String Config Parsing |
09.04.2026 |
9.3 |
| CVE-2026-39860 |
Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination |
09.04.2026 |
9 |
| CVE-2026-39888 |
PraisonAIAgents has a sandbox escape via exception frame traversal in `execute_code` (subprocess mode) |
09.04.2026 |
10 |
| CVE-2026-39890 |
PraisonAI Affected by Remote Code Execution via YAML Deserialization in Agent Definition Loading |
09.04.2026 |
9.8 |
| CVE-2026-2942 |
ProSolution WP Client <= 1.9.9 - Unauthenticated Arbitrary File Upload via proSol_fileUploadProcess |
08.04.2026 |
9.8 |
| CVE-2025-14815 |
Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64 |
08.04.2026 |
9.3 |
| CVE-2025-14816 |
Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64 |
08.04.2026 |
9.3 |
| CVE-2026-25776 |
|
08.04.2026 |
9.3 |
| CVE-2026-3535 |
DSGVO Google Web Fonts GDPR <= 1.1 - Unauthenticated Arbitrary File Upload via 'fonturl' Parameter |
08.04.2026 |
9.8 |
| CVE-2026-4003 |
Users manager – PN <= 1.1.15 - Unauthenticated Privilege Escalation via Account Takeover via 'userspn_form_save' AJAX Action |
08.04.2026 |
9.8 |
| CVE-2026-3296 |
Everest Forms <= 3.4.3 - Unauthenticated PHP Object Injection via Form Entry Metadata |
08.04.2026 |
9.8 |
| CVE-2026-1346 |
Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access |
09.04.2026 |
9.3 |
| CVE-2026-34078 |
Flatpak has a complete sandbox escape leading to host file access and code execution in the host context |
11.04.2026 |
9.3 |
| CVE-2026-39846 |
SiYuan affected by Remote Code Execution in the Electron desktop client via stored XSS in synced table captions |
08.04.2026 |
9.1 |
| CVE-2026-39847 |
Emmett has a path traversal in internal assets handler |
08.04.2026 |
9.1 |
| CVE-2026-34580 |
Botan has a certificate authentication bypass due to trust anchor confusion |
09.04.2026 |
9.3 |
| CVE-2026-33439 |
Pre-Authentication Remote Code Execution via `jato.clientSession` Deserialization in OpenAM |
08.04.2026 |
9.3 |
| CVE-2026-39397 |
@delmaredigital/payload-puc is missing authorization on /api/puck/* CRUD endpoints allows unauthenticated access to Puck-registered collections |
07.04.2026 |
9.4 |
| CVE-2026-39382 |
dbt has a Command Injection in Reusable Workflow via Unsanitized comment-body Output |
08.04.2026 |
9.3 |
| CVE-2026-39322 |
PolarLearn: Any password authenticates banned accounts and grants API access |
09.04.2026 |
9.2 |
| CVE-2026-39355 |
Genealogy is Missing Authorization in `TeamController::transferOwnership()` Allows Any Authenticated User to Hijack Any Team (Broken Access Control) |
08.04.2026 |
10 |
| CVE-2026-39324 |
Rack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserialization |
08.04.2026 |
9.3 |
| CVE-2026-39337 |
ChurchCRM Affected by Unauthenticated RCE in Install Wizard |
07.04.2026 |
10 |
| CVE-2026-39339 |
ChurchCRM has an API Authentication Bypass |
07.04.2026 |
9.1 |
| CVE-2026-39342 |
ChurchCRM has a SQL injection searchwhat parameter via QueryView.php |
09.04.2026 |
9.4 |
| CVE-2026-35573 |
ChurchCRM has a Path traversal leads to RCE |
08.04.2026 |
9.1 |
| CVE-2026-23696 |
Windmill < 1.603.3 File Ownership Handling SQLi RCE |
08.04.2026 |
9.4 |
| CVE-2026-35614 |
Frappe has a SQL injection in bulk_update |
09.04.2026 |
9.3 |
| CVE-2026-35615 |
PraisonAI has a Path Traversal in FileTools |
09.04.2026 |
9.2 |
| CVE-2026-39305 |
Arbitrary File Write / Path Traversal in Action Orchestrator |
07.04.2026 |
9 |
| CVE-2026-4631 |
Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection |
10.04.2026 |
9.8 |
| CVE-2026-35580 |
Emissary has GitHub Actions Shell Injection via Workflow Inputs |
07.04.2026 |
9.1 |
| CVE-2026-35490 |
changedetection.io has an Authentication Bypass via Decorator Ordering |
09.04.2026 |
9.8 |
| CVE-2026-20889 |
|
08.04.2026 |
9.8 |
| CVE-2026-20911 |
|
08.04.2026 |
9.8 |
| CVE-2026-21413 |
|
08.04.2026 |
9.8 |
| CVE-2026-5627 |
Path Traversal in mintplex-labs/anything-llm |
07.04.2026 |
9.1 |
| CVE-2021-4473 |
Tianxin Internet Behavior Management System Command Injection via toQuery.php |
08.04.2026 |
9.3 |
| CVE-2026-22679 |
Weaver E-cology 10.0 Unauthenticated RCE via dubboApi Debug Endpoint |
07.04.2026 |
9.3 |
| CVE-2025-39666 |
omd: Local privilege escalation when executing omd commands as root |
07.04.2026 |
9.3 |
| CVE-2026-1114 |
Improper Access Control via Weak JWT Token in parisneo/lollms |
07.04.2026 |
9.8 |
| CVE-2026-0740 |
Ninja Forms - File Upload <= 3.3.26 - Unauthenticated Arbitrary File Upload |
08.04.2026 |
9.8 |
| CVE-2026-35471 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs |
07.04.2026 |
9.8 |
| CVE-2026-35392 |
goshs has an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs PUT Upload |
07.04.2026 |
9.8 |
| CVE-2026-35393 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs POST multipart upload |
08.04.2026 |
9.8 |
| CVE-2026-35459 |
pyLoad has SSRF fix bypass via HTTP redirect |
07.04.2026 |
9.3 |
| CVE-2026-35022 |
Anthropic Claude Code & Agent SDK OS Command Injection via Authentication Helper |
07.04.2026 |
9.3 |
| CVE-2026-35178 |
Workbench Affected by Remote Code Execution (RCE) via Malicious Cookie in Timezone Conversion |
07.04.2026 |
9.3 |
| CVE-2026-35174 |
Chyrp Lite has a Path Traversal to Remote Code Execution |
07.04.2026 |
9.1 |
| CVE-2026-35050 |
text-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml". |
07.04.2026 |
9.1 |
| CVE-2026-35171 |
Arbitrary Code Execution via Malicious Logging Configuration in Kedro |
07.04.2026 |
9.8 |
| CVE-2026-35047 |
Brave CMS has Unrestricted File Upload in BraveCMS via CKEditor Endpoint |
07.04.2026 |
9.3 |
| CVE-2026-35030 |
LiteLLM has an authentication bypass via OIDC userinfo cache key collision |
07.04.2026 |
9.4 |
| CVE-2026-35039 |
fast-jwt Affected by Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup) |
08.04.2026 |
9.1 |
| CVE-2026-34989 |
CI4MS affected by Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS |
07.04.2026 |
9.4 |
| CVE-2026-34841 |
Axios npm Supply Chain Incident Impacting @usebruno/cli |
08.04.2026 |
9.8 |
| CVE-2026-34976 |
Dgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization |
07.04.2026 |
10 |
| CVE-2026-34977 |
Aperi'Solve Affected by Unauthenticated RCE via JPSeek Analyzer Command |
07.04.2026 |
9.3 |
| CVE-2026-34950 |
fast-jwt has an incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key |
06.04.2026 |
9.1 |
| CVE-2026-34208 |
SandboxJS: Sandbox integrity escape |
06.04.2026 |
10 |
| CVE-2026-26026 |
GLPI has a Server-Side Template Injection via Double-Compilation |
07.04.2026 |
9.1 |
| CVE-2019-25687 |
Pegasus CMS 1.0 Remote Code Execution via extra_fields.php |
06.04.2026 |
9.3 |