CVE Field Guide

Critical CVEs

CVE	Title	Updated	Score
CVE-2026-42996		01.05.2026	10
CVE-2026-7546	Totolink NR1800X lighttpd find_host_ip stack-based overflow	01.05.2026	9.3
CVE-2026-7538	Totolink A8000RU CGI cstecgi.cgi vulnerability os command injection	01.05.2026	9.3
CVE-2022-50993	Weaver E-office < 10.0_20221201 Unauthenticated Arbitrary File Read via XmlRpcServlet	30.04.2026	9.3
CVE-2025-71284	Synway SMG Gateway Management Software OS Command Injection via radius_address	30.04.2026	9.3
CVE-2026-4670	Improper Authentication vulnerability in Progress MOVEit Automation	01.05.2026	9.8
CVE-2018-25316	Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change	30.04.2026	9.3
CVE-2018-25317	Tenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS Change	30.04.2026	9.3
CVE-2018-25318	Tenda FH303/A300 V5.07.68_EN Cookie Session Weakness DNS Change	30.04.2026	9.3
CVE-2026-30893	Wazuh cluster sync path traversal in decompress_files() enables arbitrary file write and code execution from authenticated cluster peer	29.04.2026	9
CVE-2026-26015	Unauthenticated RCE in DocsGPT MCP STDIO Configuration	30.04.2026	10
CVE-2026-41940	WebPros cPanel and WHM Authentication Bypass via Login Flow	01.05.2026	9.3
CVE-2026-5166	Path Traversal in TUBITAK BILGEM's Pardus Software Center	29.04.2026	9.6
CVE-2026-3325	SQL injection in MegaCMS by CRM Sistemas de Fidelización	29.04.2026	10
CVE-2026-41446	WattBox 800 & 820 Series < 2.10.0.0 RCE via Diagnostic Endpoints	29.04.2026	9.2
CVE-2026-24178		29.04.2026	9.8
CVE-2026-3893	Carlson Software VASCO-B GNSS Receiver Missing Authentication for Critical Function	29.04.2026	9.4
CVE-2026-41386	OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes	29.04.2026	9.1
CVE-2026-27760	OpenCATS PHP Code Injection via installer AJAX endpoint	28.04.2026	9.2
CVE-2026-5779	Multiple vulnerabilities in MphRx's Minerva	28.04.2026	9.4
CVE-2026-7241	Totolink A8000RU CGI cstecgi.cgi setWiFiBasicCfg os command injection	29.04.2026	9.3
CVE-2026-7242	Totolink A8000RU CGI cstecgi.cgi setOpenVpnClientCfg os command injection	28.04.2026	9.3
CVE-2026-7243	Totolink A8000RU CGI cstecgi.cgi setRadvdCfg os command injection	28.04.2026	9.3
CVE-2026-7244	Totolink A8000RU CGI cstecgi.cgi setWiFiEasyGuestCfg os command injection	28.04.2026	9.3
CVE-2026-7248	D-Link DI-8100 CGI Endpoint tgfile.htm tgfile_htm buffer overflow	29.04.2026	9.3
CVE-2026-7240	Totolink A8000RU CGI cstecgi.cgi setVpnAccountCfg os command injection	29.04.2026	9.3
CVE-2026-32644	Milesight Cameras Use of Hard-coded Cryptographic Key	28.04.2026	9.2
CVE-2026-7202	Totolink A8000RU CGI cstecgi.cgi setWiFiWpsStart os command injection	29.04.2026	9.3
CVE-2026-7203	Totolink A8000RU CGI cstecgi.cgi setUrlFilterRules os command injection	29.04.2026	9.3
CVE-2026-7204	Totolink A8000RU CGI cstecgi.cgi setPptpServerCfg os command injection	28.04.2026	9.3
CVE-2026-40976		29.04.2026	9.1
CVE-2026-7156	Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection	28.04.2026	9.3
CVE-2026-7154	Totolink A8000RU CGI cstecgi.cgi setAdvancedInfoShow os command injection	28.04.2026	9.3
CVE-2026-7155	Totolink A8000RU CGI cstecgi.cgi setLoginPasswordCfg os command injection	28.04.2026	9.3
CVE-2026-7152	Totolink A8000RU CGI cstecgi.cgi setTelnetCfg os command injection	28.04.2026	9.3
CVE-2026-7153	Totolink A8000RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection	28.04.2026	9.3
CVE-2026-7139	Totolink A8000RU CGI cstecgi.cgi setWiFiAclRules os command injection	29.04.2026	9.3
CVE-2026-7140	Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection	27.04.2026	9.3
CVE-2026-7136	Totolink A8000RU CGI cstecgi.cgi setDmzCfg os command injection	27.04.2026	9.3
CVE-2026-7137	Totolink A8000RU CGI cstecgi.cgi setStorageCfg os command injection	27.04.2026	9.3
CVE-2026-7138	Totolink A8000RU CGI cstecgi.cgi setNtpCfg os command injection	27.04.2026	9.3
CVE-2026-41462	ProjeQtor < 12.4.4 Unauthenticated SQL Injection via Login	27.04.2026	9.3
CVE-2026-7123	Totolink A8000RU CGI cstecgi.cgi setIptvCfg os command injection	27.04.2026	9.3
CVE-2026-7124	Totolink A8000RU CGI cstecgi.cgi setIpv6LanCfg os command injection	27.04.2026	9.3
CVE-2026-7125	Totolink A8000RU CGI cstecgi.cgi setWiFiEasyCfg os command injection	27.04.2026	9.3
CVE-2026-7121	Totolink A8000RU CGI cstecgi.cgi setWizardCfg os command injection	27.04.2026	9.3
CVE-2026-7122	Totolink A8000RU CGI cstecgi.cgi setUPnPCfg os command injection	29.04.2026	9.3
CVE-2026-22336	WordPress Directorist Booking plugin < 3.0.2 - SQL Injection vulnerability	28.04.2026	9.3
CVE-2026-22337	WordPress Directorist Social Login plugin < 2.1.4 - Privilege Escalation vulnerability	28.04.2026	9.8
CVE-2026-41409	Apache MINA: CWE-502 Deserialization of Untrusted Data	27.04.2026	9.8
CVE-2026-41635	Apache MINA: AbstractIoBuffer.resolveClass() null-clazz Branch Skips acceptMatchers Filter — Full Object Deserialization RCE	28.04.2026	9.8
CVE-2026-42363	GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability	27.04.2026	9.3
CVE-2026-7037	Totolink A8000RU CGI cstecgi.cgi setVpnPassCfg os command injection	27.04.2026	9.3
CVE-2026-31682	bridge: br_nd_send: linearize skb before parsing ND options	27.04.2026	9.1
CVE-2026-31685	netfilter: ip6t_eui64: reject invalid MAC header for all packets	27.04.2026	9.4
CVE-2026-6951		25.04.2026	9.2
CVE-2026-41248	Official Clerk JavaScript SDKs: Middleware-based route protection bypass	27.04.2026	9.1
CVE-2026-41478	Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)	27.04.2026	10
CVE-2026-41428	Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints	24.04.2026	9.1
CVE-2026-41327	Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field	24.04.2026	9.1
CVE-2026-41492	Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars in Dgraph	24.04.2026	9.8
CVE-2026-41328	Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field	24.04.2026	9.1
CVE-2026-6911	Authentication Bypass via Missing JWT Signature Verification in AWS Ops Wheel	30.04.2026	9.3
CVE-2026-39920	BridgeHead FileStore < 24A Apache Axis2 Default Credentials RCE	24.04.2026	9.3
CVE-2026-31536	smb: server: let send_done handle a completion without IB_SEND_SIGNALED	27.04.2026	9.8
CVE-2026-31589	mm: call ->free_folio() directly in folio_unmap_invalidate()	27.04.2026	9.8
CVE-2026-31607	usbip: validate number_of_packets in usbip_pack_ret_submit()	27.04.2026	9.8
CVE-2026-31608	smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()	27.04.2026	9.8
CVE-2026-31609	smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush()	27.04.2026	9.8
CVE-2026-31633	rxrpc: Fix integer overflow in rxgk_verify_response()	27.04.2026	9.8
CVE-2026-31636	rxrpc: fix RESPONSE authenticator parser OOB read	27.04.2026	9.1
CVE-2026-31637	rxrpc: reject undecryptable rxkad response tickets	27.04.2026	9.8
CVE-2026-31649	net: stmmac: fix integer underflow in chain mode	27.04.2026	9.8
CVE-2026-31657	batman-adv: hold claim backbone gateways by reference	27.04.2026	9.8
CVE-2026-31659	batman-adv: reject oversized global TT response buffers	27.04.2026	9.8
CVE-2026-31668	seg6: separate dst_cache for input and output paths in seg6 lwtunnel	27.04.2026	9.8
CVE-2026-31669	mptcp: fix slab-use-after-free in __inet_lookup_established	27.04.2026	9.8
CVE-2026-25660	Authentication bypass for certain API calls	24.04.2026	9.3
CVE-2026-21515	Azure IoT Central Elevation of Privilege Vulnerability	30.04.2026	9.9

Latest Updates

CVE	Title	Updated	Score
CVE-2026-7584	Arbitrary Code Execution via Unsafe Deserialization in LabOne Q	01.05.2026	7.8
CVE-2026-42996		01.05.2026
CVE-2024-13362	Freemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url Parameter	01.05.2026	6.1
CVE-2026-6127	Elementor Website Builder <= 4.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via REST API	01.05.2026	6.4
CVE-2026-7554	D-Link M60 httpd password recovery	01.05.2026
CVE-2026-7555	itsourcecode Electronic Judging System login.php sql injection	01.05.2026
CVE-2026-42994		01.05.2026
CVE-2026-7549	SourceCodester Pharmacy Sales and Inventory System ajax.php delete_customer sql injection	01.05.2026
CVE-2026-7550	SourceCodester Pharmacy Sales and Inventory System ajax.php save_customer sql injection	01.05.2026
CVE-2026-7553	code-projects Gym Management System edit_exercises.php sql injection	01.05.2026
CVE-2026-7546	Totolink NR1800X lighttpd find_host_ip stack-based overflow	01.05.2026
CVE-2026-7548	Totolink NR1800X cstecgi.cgi sub_41A68C command injection	01.05.2026
CVE-2026-7536	Open5GS BSF pcfBindings bsf_sess_add_by_ip_address denial of service	01.05.2026
CVE-2026-7538	Totolink A8000RU CGI cstecgi.cgi vulnerability os command injection	01.05.2026
CVE-2026-7545	SourceCodester Advanced School Management System checkEmail Endpoint commonController.php sql injection	01.05.2026
CVE-2026-7518	Open5GS AMF SBI Endpoint sdmsubscription-notify amf_namf_callback_handle_sdm_data_change_notify denial of service	01.05.2026
CVE-2026-7519	Fujian Apex LiveBOS Endpoint UploadImage.do path traversal	01.05.2026
CVE-2026-7535	Open5GS transfer-update denial of service	01.05.2026
CVE-2026-7512	UTT HiPER 1200GW formUser strcpy buffer overflow	30.04.2026
CVE-2026-7513	UTT HiPER 1200GW formRemoteControl strcpy buffer overflow	30.04.2026
CVE-2026-22726	Route Services Firewall Bypass	30.04.2026	5
CVE-2026-5403	Heap-based Buffer Overflow in Wireshark	30.04.2026	7.8
CVE-2026-5404	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark	30.04.2026	4.7
CVE-2026-5405	Heap-based Buffer Overflow in Wireshark	30.04.2026	7.8
CVE-2026-5656	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Wireshark	30.04.2026	7
CVE-2026-7508	Bootstrap CMS Page Creation show.blade.php code injection	30.04.2026
CVE-2026-7510	OWAP DefectDojo Benchmark/Engagement/Product/Survey authorization	30.04.2026
CVE-2026-4178		30.04.2026
CVE-2026-7506	SourceCodester Hotel Management System check sql injection	30.04.2026
CVE-2026-28909		30.04.2026
CVE-2026-7505	nextlevelbuilder GoClaw/GoClaw Lite RPC improper authorization	30.04.2026
CVE-2025-14688	IBM® Db2® is vulnerable to a denial of service when fetching from certain tables under specific configurations	30.04.2026	5.3
CVE-2025-36122	IBM® Db2® is vulnerable to a denial of service with a specially crafted query when stmtheap is set to automatic	30.04.2026	6.5
CVE-2026-1577	IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries	30.04.2026	6.5
CVE-2026-2311	IBM i is affected by a privilege escalation vulnerability in Web Administration GUI []	30.04.2026	6.4
CVE-2026-7503	code-projects for Plugin cstecgi.cgi setWiFiMultipleConfig buffer overflow	30.04.2026
CVE-2025-36180	Inadequate Pod Communication Restrictions, affects watsonx.data	30.04.2026	5.3
CVE-2025-36335	Vulnerabilities found	30.04.2026	6.2
CVE-2026-3345	Path Traversal and Arbitrary File Write Vulnerability in IBM Langflow Desktop API v2 File Upload Endpoint	30.04.2026	6.5
CVE-2026-40684		01.05.2026	5.9
CVE-2026-40685		01.05.2026	6.5
CVE-2026-40686		01.05.2026	3.7
CVE-2026-40687		01.05.2026	4.8
CVE-2026-6389	IBM Turbonomic Prometurbo agent used by IBM Turbonomic Application Resource Management is affected by a single vulnerability	30.04.2026	8.8
CVE-2026-6542	Monitor API allows cross-user read of transaction logs and deletion of build data via flow_id	30.04.2026	6.5
CVE-2026-6543	Authenticated Remote Code Execution Vulnerability in Langflow Code Validation Endpoint	30.04.2026	8.8
CVE-2026-7502	LinkStackOrg LinkStack Management Endpoint UserController.php saveLink authorization	30.04.2026
CVE-2026-7551	HKUDS OpenHarness Remote Command Execution via /bridge Slash Command	30.04.2026
CVE-2026-3340	Server-Side Request Forgery (SSRF) in Langflow URL Component	30.04.2026	6.5
CVE-2026-3346	Stored Cross-Site Scripting (XSS) in Langflow Markdown Rendering via rehypeRaw	30.04.2026	6.4
CVE-2026-4502	Arbitrary File Write and Remote Code Execution Vulnerability in Langflow v2 API	30.04.2026	6.5
CVE-2026-4503	Unauthenticated Insecure Direct Object Reference (IDOR) Vulnerability in Langflow Desktop Image Download Endpoint	30.04.2026	7.5
CVE-2026-7501	LinkStackOrg LinkStack UserController.php editPage cross site scripting	30.04.2026
CVE-2026-35051	Traefik: ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass auth	30.04.2026
CVE-2026-39858	Traefik: Forwarded alias spoofing top pre-auth decision bypass	30.04.2026
CVE-2026-40912	Traefik: StripPrefixRegex auth bypass via Path/RawPath desync	30.04.2026
CVE-2026-40950	Buffer overflow in the Secure Access server prior to 14.50	30.04.2026
CVE-2026-40951	Memory corruption in Secure Access Windows clients prior to 14.50	30.04.2026
CVE-2026-41174	Traefik Kubernetes CRD allows unauthorized cross-namespace middleware binding	30.04.2026
CVE-2026-41263	Traefik: BasicAuth middleware: timing side-channel vulnerability	30.04.2026
CVE-2026-6539	Notepad++ 8.9.3 Format String Injection via nativeLang.xml	30.04.2026
CVE-2026-28532	FRRouting < 10.5.3 Integer Overflow in OSPF TLV Parser Functions	30.04.2026
CVE-2026-33449	Message handler buffer overflow in clients prior to 14.50	30.04.2026
CVE-2026-33450	Out of bounds read in Secure Access MacOS clients prior to 14.50	30.04.2026
CVE-2026-33451	Arbitrary read/write vulnerability in Windows clients prior to 14.50	30.04.2026
CVE-2026-33452	Buffer overflow in Windows clients prior to 14.50	30.04.2026
CVE-2026-40949	Buffer overflow in Windows clients prior to 14.50	30.04.2026
CVE-2026-7435	SSCMS v7.4.0 SQL Injection via stl:sqlContent queryString	30.04.2026
CVE-2025-46115		30.04.2026
CVE-2025-56568		30.04.2026
CVE-2026-33446	Buffer overflow in client authentication prior to version 14.50	30.04.2026
CVE-2026-33447		30.04.2026
CVE-2026-33448	Format string vulnerability in MacOS clients prior to 14.50	30.04.2026
CVE-2026-7429	SSCMS v7.4.0 Reflected Cross-Site Scripting via STL Processing	30.04.2026
CVE-2026-32148	Lockfile checksums not verified in Hex allows dependency integrity bypass	01.05.2026
CVE-2026-35514	Unauthenticated Account Registration via /user/invited Bypasses All Signup Restrictions in Chartbrew	30.04.2026	6.5
CVE-2026-40595	Chartbrew: Incorrect Access Control in public chart and export routes via missing onReport and SharePolicy checks	30.04.2026	7.5
CVE-2026-40600	Chartbrew: Incorrect Access Control in project share policy routes via unbound policy_id	30.04.2026	8.1
CVE-2026-40601	Chartbrew: Missing Authorization in /api/chart/:chart_id/query via team-level refresh toggle	30.04.2026	7.5
CVE-2026-40603	Chartbrew: Incorrect Access Control in /api/project/dashboard/:brewName via same-team override	30.04.2026	6.5
CVE-2026-40904	Chartbrew: Incorrect Access Control in dataset and dataRequest routes via team-scoped permission checks	30.04.2026	8.1
CVE-2026-7461	OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials	01.05.2026	7.2
CVE-2026-36766		30.04.2026
CVE-2026-33845	Gnutls: gnutls: denial of service via dtls zero-length fragment	30.04.2026
CVE-2026-36761		30.04.2026
CVE-2026-36762		30.04.2026
CVE-2026-36763		30.04.2026
CVE-2026-36765		30.04.2026
CVE-2026-3832	Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response	30.04.2026
CVE-2026-3833	Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison	30.04.2026
CVE-2026-36760		30.04.2026
CVE-2026-36764		30.04.2026
CVE-2026-36767		30.04.2026
CVE-2022-50992	Weaver E-cology 9.5 Unauthenticated Arbitrary File Read via XmlRpcServlet	30.04.2026
CVE-2022-50993	Weaver E-office < 10.0_20221201 Unauthenticated Arbitrary File Read via XmlRpcServlet	30.04.2026
CVE-2025-51846	CryptPad unbounded WebSocket frame flood	30.04.2026	7.5
CVE-2025-71284	Synway SMG Gateway Management Software OS Command Injection via radius_address	30.04.2026
CVE-2026-36757		30.04.2026
CVE-2025-13890		30.04.2026
CVE-2025-51847		30.04.2026
CVE-2025-51849		30.04.2026
CVE-2025-51850		30.04.2026
CVE-2026-34994		30.04.2026
CVE-2026-34995		30.04.2026
CVE-2026-34996		30.04.2026
CVE-2026-34997		30.04.2026
CVE-2026-34998		30.04.2026
CVE-2026-36340		30.04.2026
CVE-2026-36756		30.04.2026
CVE-2026-36758		30.04.2026
CVE-2026-36759		30.04.2026
CVE-2025-14543	Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Libraries) allows Serialized Data External Linking.	30.04.2026
CVE-2026-36960		30.04.2026
CVE-2026-38939		30.04.2026
CVE-2026-38940		30.04.2026
CVE-2026-4670	Improper Authentication vulnerability in Progress MOVEit Automation	01.05.2026	9.8
CVE-2026-5174	Improper Access Control Vulnerability in Progress MOVEit Automation	01.05.2026	7.7
CVE-2026-36956		30.04.2026
CVE-2026-36957		30.04.2026
CVE-2026-36958		30.04.2026
CVE-2026-36959		30.04.2026
CVE-2026-7500	Org.keycloak.keycloak-services: improper access control on keycloak server when the account account api feature is disabled	30.04.2026
CVE-2026-2892	Otter Blocks <= 3.1.4 - Improper Authorization to Unauthenticated Purchase Verification Bypass via Forged Cookie	30.04.2026	7.5
CVE-2026-7163	Assisted-service: assisted-service: authenticated users can gain administrative access to openshift clusters via credential disclosure	30.04.2026
CVE-2026-7246	Pallets Click contains a command injection via Unsanitized Filename "click.edit()"	30.04.2026
CVE-2024-13971	Arbitrary File Read and Server Side Request Forgery via XML External Entities in Lobster_pro	30.04.2026
CVE-2025-14576	Possible QML code injection in VectorImage component	30.04.2026
CVE-2026-7382	Information Disclosure in MeWare Software's PDKS	30.04.2026	6.5
CVE-2026-7399	IDOR in MeWare Software's PDKS	30.04.2026	8.1
CVE-2026-7402	Improper Rate Limiting in MeWare Software's PDKS	30.04.2026	8.1
CVE-2026-31693	cifs: some missing initializations on replay	30.04.2026
CVE-2026-5080	Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely	30.04.2026
CVE-2026-1493	Cross-Site Scripting in LEX Baza Dokumentów	30.04.2026
CVE-2026-41882		30.04.2026	7.4