| CVE-2026-40542 |
Apache HttpClient: SCRAM-SHA-256 mutual authentication bypass may cause the client to accept authentication without proper mutual authentication verification |
22.04.2026 |
|
| CVE-2026-6022 |
Uncontrolled Resource Consumption Vulnerability in Telerik UI for ASP.NET AJAX |
22.04.2026 |
7.5 |
| CVE-2026-6023 |
Deserialization of Untrusted Data Vulnerability in Telerik UI for ASP.NET AJAX |
22.04.2026 |
8.1 |
| CVE-2026-6842 |
Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions |
22.04.2026 |
|
| CVE-2026-40448 |
|
22.04.2026 |
5.3 |
| CVE-2026-40449 |
|
22.04.2026 |
6.6 |
| CVE-2026-40450 |
|
22.04.2026 |
6.6 |
| CVE-2026-41664 |
|
22.04.2026 |
6.6 |
| CVE-2026-41665 |
|
22.04.2026 |
6.1 |
| CVE-2026-41666 |
|
22.04.2026 |
6.6 |
| CVE-2026-41667 |
|
22.04.2026 |
6.6 |
| CVE-2026-6839 |
|
22.04.2026 |
6.6 |
| CVE-2026-6840 |
|
22.04.2026 |
5.5 |
| CVE-2026-22746 |
User Attribute Enumeration when Using DaoAuthenticationProvider |
22.04.2026 |
3.7 |
| CVE-2026-22747 |
Unauthorized User Impersonation when Using X.509 Client Certificates |
22.04.2026 |
6.8 |
| CVE-2026-22748 |
Potential Security Misconfiguration when Using withIssuerLocation |
22.04.2026 |
5.3 |
| CVE-2026-22753 |
Servlet Path Not Correctly Included in Path Matching of HttpSecurity#securityMatchers |
22.04.2026 |
7.5 |
| CVE-2026-22754 |
ervlet Path Not Correctly Included in Path Matching of XML Authorization Rules |
22.04.2026 |
7.5 |
| CVE-2026-40451 |
|
22.04.2026 |
|
| CVE-2026-6833 |
aEnrich|a+HRD - SQL Injection |
22.04.2026 |
|
| CVE-2026-6834 |
aEnrich|a+HRD - Missing Authorization |
22.04.2026 |
|
| CVE-2026-6835 |
aEnrich|a+HCM - Arbitrary File Upload |
22.04.2026 |
|
| CVE-2026-41457 |
OwnTone Server < 29.1 SQL Injection via query and filter Parameters |
22.04.2026 |
|
| CVE-2026-41458 |
OwnTone Server < 29.1 Race Condition DoS via DAAP Login |
22.04.2026 |
|
| CVE-2026-5398 |
Kernel use-after-free bug in the TIOCNOTTY handler |
22.04.2026 |
|
| CVE-2026-6386 |
Missing large page handling in pmap_pkru_update_range() |
22.04.2026 |
|
| CVE-2026-6392 |
Tanium addressed an information disclosure vulnerability in Threat Response. |
22.04.2026 |
2.7 |
| CVE-2026-6408 |
Tanium addressed an information disclosure vulnerability in Tanium Server. |
22.04.2026 |
2.7 |
| CVE-2026-6416 |
Tanium addressed an uncontrolled resource consumption vulnerability in Interact. |
22.04.2026 |
2.7 |
| CVE-2026-41146 |
facil.io and downstream iodine ruby gem vulnerable to uncontrolled resource consumption and loop with unreachable exit condition |
22.04.2026 |
|
| CVE-2026-40344 |
MinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer Uploads |
22.04.2026 |
|
| CVE-2026-41145 |
MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads |
22.04.2026 |
|
| CVE-2026-41136 |
free5GC AMF missing default case in Content-Type switch in HTTPUEContextTransfer |
21.04.2026 |
|
| CVE-2026-41144 |
F´ (F Prime) has Integer Overflow in FileUplink |
21.04.2026 |
0 |
| CVE-2026-40343 |
free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation |
21.04.2026 |
|
| CVE-2026-41131 |
OpenFGA has Improper Policy Enforcement |
21.04.2026 |
5 |
| CVE-2026-41133 |
pyLoad has Stale Session Privilege After Role/Permission Change (Privilege Revocation Bypass) |
21.04.2026 |
8.8 |
| CVE-2026-41135 |
free5GC PCF: Memory Leak via CORS Middleware Registration in HTTP Handler Leads to Denial of Service |
21.04.2026 |
7.5 |
| CVE-2026-41126 |
BigBlueButton has Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL" |
21.04.2026 |
4.3 |
| CVE-2026-41127 |
BigBlueButton's missing authorization allows viewer to inject/overwrite captions |
21.04.2026 |
6.5 |
| CVE-2026-41128 |
Craft CMS has a Missing Authorization Check on User Group Removal via save-permissions Action |
21.04.2026 |
|
| CVE-2026-41129 |
Craft CMS has Server-Side Request Forgery (SSRF) with Asset Uploads Mutations |
21.04.2026 |
|
| CVE-2026-41130 |
Craft CMS has a host header injection leading to SSRF via resource-js endpoint |
21.04.2026 |
|
| CVE-2026-40575 |
OAuth2 Proxy has an Authentication Bypass via X-Forwarded-Uri Header Spoofing |
21.04.2026 |
9.1 |
| CVE-2026-41059 |
OAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and skip_auth_regex |
21.04.2026 |
8.2 |
| CVE-2026-41064 |
AVideo has an incomplete fix for CVE-2026-33502 (Command Injection) |
21.04.2026 |
9.3 |
| CVE-2026-41304 |
WWBN AVideo vulnerable to RCE caused by clonesite plugin |
21.04.2026 |
|
| CVE-2026-41061 |
WWBN AVideo Vulnerable to stored XSS via Unanchored Duration Regex in Video Encoder Receiver |
21.04.2026 |
5.4 |
| CVE-2026-41062 |
WWBN/AVideo has an incomplete fix for a directory traversal bypass via query string in ReceiveImage downloadURL parameters |
21.04.2026 |
6.5 |
| CVE-2026-41063 |
WWBN AVideo has incomplete fix for CVE-2026-33500 (XSS) |
21.04.2026 |
5.4 |
| CVE-2026-41056 |
AVideos has CORS Origin Reflection with Credentials on Sensitive API Endpoints that Enables Cross-Origin Account Takeover |
21.04.2026 |
8.1 |
| CVE-2026-41057 |
AVideo has CORS Origin Reflection Bypass via plugin/API/router.php and allowOrigin(true) that Exposes Authenticated API Responses |
21.04.2026 |
7.1 |
| CVE-2026-41058 |
AVideo has an incomplete fix for CVE-2026-33293 (Path Traversal) in AVideo |
21.04.2026 |
8.1 |
| CVE-2026-41060 |
AVideo's SSRF via same-domain hostname with alternate port bypasses isSSRFSafeURL |
21.04.2026 |
7.7 |
| CVE-2026-5845 |
Improper authorization fallback allows scoped user-to-server token installation escape in GitHub Enterprise Server |
21.04.2026 |
|
| CVE-2026-3307 |
Authorization bypass in GitHub Enterprise Server secret scanning push protection allows cross-repository modification of delegated bypass reviewers |
21.04.2026 |
|
| CVE-2026-40926 |
WWBN AVideo Vulnerable to CSRF in Admin JSON Endpoints (Category CRUD, Plugin Update Script) |
21.04.2026 |
7.1 |
| CVE-2026-40928 |
AVideo: Missing CSRF Protection on State-Changing JSON Endpoints Enables Forced Comment Creation, Vote Manipulation, and Category Asset Deletion |
21.04.2026 |
5.4 |
| CVE-2026-40929 |
WWBN AVideo's missing CSRF protection in objects/commentDelete.json.php enables mass comment deletion against moderators and content creators |
21.04.2026 |
5.4 |
| CVE-2026-40935 |
WWBN/AVideo has CAPTCHA Bypass via Attacker-Controlled Length Parameter and Missing Token Invalidation on Failure |
21.04.2026 |
5.3 |
| CVE-2026-41055 |
AVideo has an incomplete fix for CVE-2026-33039 (SSRF) |
21.04.2026 |
8.6 |
| CVE-2026-4296 |
Incorrect Regular Expression vulnerability in GitHub Enterprise Server allowed unauthorized access to user accounts via OAuth callback URL validation bypass |
21.04.2026 |
|
| CVE-2026-4821 |
Proxy configuration command injection vulnerability found in GitHub Enterprise Server Management Console configuration API |
21.04.2026 |
|
| CVE-2026-4872 |
|
21.04.2026 |
|
| CVE-2026-5512 |
Improper authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository names via mobile upload policy API |
21.04.2026 |
|
| CVE-2026-5921 |
Server-Side Request Forgery in GitHub Enterprise Server allowed extraction of sensitive environment variables via timing side-channel attack |
21.04.2026 |
|
| CVE-2026-1354 |
Zero Motorcycles Firmware Key Exchange without Entity Authentication |
21.04.2026 |
6.4 |
| CVE-2026-6832 |
Nesquena Hermes WebUI Arbitrary File Deletion via Unvalidated session_id |
21.04.2026 |
|
| CVE-2026-40944 |
Oxia: TLS CA certificate chain validation fails with multi-certificate PEM bundles |
21.04.2026 |
|
| CVE-2026-40945 |
Oxia: Bearer token exposed in debug log messages on authentication failure |
21.04.2026 |
|
| CVE-2026-40946 |
Oxia: OIDC token audience validation bypass via SkipClientIDCheck |
21.04.2026 |
|
| CVE-2026-41527 |
|
21.04.2026 |
6.9 |
| CVE-2026-6830 |
Nesquena Hermes WebUI Environment Variable Credential Leakage via Profile Switch |
21.04.2026 |
|
| CVE-2026-40706 |
|
21.04.2026 |
8.4 |
| CVE-2026-40931 |
Complete Bypass of CVE-2026-24884 Patch via Git-Delivered Symlink Poisoning in compressing |
21.04.2026 |
8.4 |
| CVE-2026-40933 |
Flowise: Authenticated RCE Via MCP Adapters |
21.04.2026 |
10 |
| CVE-2026-40939 |
DSF: Missing Session Timeout for OIDC Sessions |
21.04.2026 |
|
| CVE-2026-40942 |
DSF: Inverted Time Comparison in OIDC JWKS and Token Cache |
21.04.2026 |
|
| CVE-2026-40943 |
Oxia: Server crash via race condition in session heartbeat handling |
21.04.2026 |
|
| CVE-2026-6799 |
Comfast CF-N1-S Endpoint mbox-config command injection |
21.04.2026 |
|
| CVE-2026-6829 |
nesquena hermes-webui Arbitrary Workspace Directory Access |
21.04.2026 |
|
| CVE-2025-70420 |
|
21.04.2026 |
|
| CVE-2026-21997 |
|
21.04.2026 |
8.5 |
| CVE-2026-21998 |
|
21.04.2026 |
4.9 |
| CVE-2026-21999 |
|
21.04.2026 |
5.3 |
| CVE-2026-22001 |
|
21.04.2026 |
2.7 |
| CVE-2026-22002 |
|
21.04.2026 |
4.9 |
| CVE-2026-22003 |
|
21.04.2026 |
6 |
| CVE-2026-22004 |
|
21.04.2026 |
4.9 |
| CVE-2026-22005 |
|
21.04.2026 |
4.9 |
| CVE-2026-22006 |
|
21.04.2026 |
5.4 |
| CVE-2026-22007 |
|
21.04.2026 |
2.9 |
| CVE-2026-22008 |
|
21.04.2026 |
3.7 |
| CVE-2026-22009 |
|
21.04.2026 |
6.5 |
| CVE-2026-22010 |
|
21.04.2026 |
7.5 |
| CVE-2026-22011 |
|
22.04.2026 |
7.6 |
| CVE-2026-22013 |
|
21.04.2026 |
5.3 |
| CVE-2026-22014 |
|
21.04.2026 |
3.8 |
| CVE-2026-22015 |
|
21.04.2026 |
4.3 |
| CVE-2026-22016 |
|
21.04.2026 |
7.5 |
| CVE-2026-22017 |
|
21.04.2026 |
6.5 |
| CVE-2026-22018 |
|
21.04.2026 |
3.7 |
| CVE-2026-22019 |
|
21.04.2026 |
5.4 |
| CVE-2026-22021 |
|
21.04.2026 |
5.3 |
| CVE-2026-33518 |
Incorrect privilege assignment in Portal for ArcGIS |
21.04.2026 |
9.8 |
| CVE-2026-33519 |
Incorrect privilege assignment in Portal for ArcGIS |
21.04.2026 |
9.8 |
| CVE-2026-34266 |
|
22.04.2026 |
6.5 |
| CVE-2026-34267 |
|
21.04.2026 |
4.9 |
| CVE-2026-34268 |
|
21.04.2026 |
2.9 |
| CVE-2026-34269 |
|
21.04.2026 |
6.1 |
| CVE-2026-34270 |
|
21.04.2026 |
6.5 |
| CVE-2026-34271 |
|
21.04.2026 |
6.5 |
| CVE-2026-34272 |
|
21.04.2026 |
6.5 |
| CVE-2026-34273 |
|
21.04.2026 |
5.3 |
| CVE-2026-34274 |
|
21.04.2026 |
6.1 |
| CVE-2026-34275 |
|
21.04.2026 |
9.8 |
| CVE-2026-34276 |
|
21.04.2026 |
6.5 |
| CVE-2026-34277 |
|
21.04.2026 |
6.6 |
| CVE-2026-34278 |
|
21.04.2026 |
4.9 |
| CVE-2026-34279 |
|
22.04.2026 |
9.1 |
| CVE-2026-34280 |
|
22.04.2026 |
6.5 |
| CVE-2026-34281 |
|
21.04.2026 |
6.5 |
| CVE-2026-34282 |
|
21.04.2026 |
7.5 |
| CVE-2026-34283 |
|
21.04.2026 |
6.1 |
| CVE-2026-34284 |
|
21.04.2026 |
6.1 |
| CVE-2026-34285 |
|
22.04.2026 |
9.1 |
| CVE-2026-34286 |
|
22.04.2026 |
9.1 |
| CVE-2026-34287 |
|
21.04.2026 |
9.1 |
| CVE-2026-34288 |
|
21.04.2026 |
5.9 |
| CVE-2026-34289 |
|
21.04.2026 |
5.9 |
| CVE-2026-34290 |
|
21.04.2026 |
7.5 |
| CVE-2026-34291 |
|
21.04.2026 |
8.7 |
| CVE-2026-34292 |
|
21.04.2026 |
7.2 |
| CVE-2026-34293 |
|
21.04.2026 |
4.9 |
| CVE-2026-34294 |
|
21.04.2026 |
5.9 |
| CVE-2026-34295 |
|
21.04.2026 |
6.5 |
| CVE-2026-34296 |
|
21.04.2026 |
4.3 |
| CVE-2026-34297 |
|
21.04.2026 |
7.5 |
| CVE-2026-34298 |
|
21.04.2026 |
4.7 |
| CVE-2026-34299 |
|
21.04.2026 |
6.5 |
| CVE-2026-34300 |
|
21.04.2026 |
6.5 |
| CVE-2026-34301 |
|
21.04.2026 |
6.5 |
| CVE-2026-34302 |
|
21.04.2026 |
5.5 |
| CVE-2026-34303 |
|
21.04.2026 |
6.5 |
| CVE-2026-34304 |
|
21.04.2026 |
4.9 |
| CVE-2026-34305 |
|
21.04.2026 |
7.5 |
| CVE-2026-34306 |
|
21.04.2026 |
6.5 |
| CVE-2026-34307 |
|
21.04.2026 |
5.4 |
| CVE-2026-34308 |
|
21.04.2026 |
6.5 |
| CVE-2026-34309 |
|
21.04.2026 |
8.1 |
| CVE-2026-34310 |
|
21.04.2026 |
7.5 |
| CVE-2026-34312 |
|
21.04.2026 |
2.4 |
| CVE-2026-34313 |
|
21.04.2026 |
6.5 |
| CVE-2026-34314 |
|
21.04.2026 |
6.8 |
| CVE-2026-34315 |
|
21.04.2026 |
6.5 |
| CVE-2026-34317 |
|
21.04.2026 |
5 |
| CVE-2026-34318 |
|
21.04.2026 |
5.8 |
| CVE-2026-34319 |
|
21.04.2026 |
5 |
| CVE-2026-34320 |
|
21.04.2026 |
7.5 |
| CVE-2026-34321 |
|
21.04.2026 |
4.8 |
| CVE-2026-34323 |
|
21.04.2026 |
6.3 |
| CVE-2026-34324 |
|
21.04.2026 |
6.5 |
| CVE-2026-34325 |
|
21.04.2026 |
6.8 |
| CVE-2026-35229 |
|
21.04.2026 |
7.5 |
| CVE-2026-35230 |
|
21.04.2026 |
7.5 |
| CVE-2026-35231 |
|
21.04.2026 |
7.5 |
| CVE-2026-35232 |
|
21.04.2026 |
5.4 |
| CVE-2026-35234 |
|
21.04.2026 |
4.9 |
| CVE-2026-35235 |
|
21.04.2026 |
4.9 |
| CVE-2026-35236 |
|
21.04.2026 |
4.9 |
| CVE-2026-35237 |
|
21.04.2026 |
4.9 |
| CVE-2026-35238 |
|
21.04.2026 |
4.9 |
| CVE-2026-35239 |
|
21.04.2026 |
4.9 |
| CVE-2026-35240 |
|
21.04.2026 |
4.9 |
| CVE-2026-35241 |
|
21.04.2026 |
5.7 |
| CVE-2026-35242 |
|
21.04.2026 |
7.5 |
| CVE-2026-35243 |
|
21.04.2026 |
7.8 |
| CVE-2026-35244 |
|
21.04.2026 |
5.2 |
| CVE-2026-35245 |
|
21.04.2026 |
7.5 |
| CVE-2026-35246 |
|
21.04.2026 |
7.5 |
| CVE-2026-35247 |
|
21.04.2026 |
6 |
| CVE-2026-35248 |
|
21.04.2026 |
5 |
| CVE-2026-35249 |
|
21.04.2026 |
3.2 |
| CVE-2026-35250 |
|
21.04.2026 |
2.3 |
| CVE-2026-35251 |
|
21.04.2026 |
7.5 |
| CVE-2026-35252 |
|
21.04.2026 |
6.4 |
| CVE-2026-40923 |
Tekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ check |
21.04.2026 |
5.4 |
| CVE-2026-40924 |
Tekton Pipelines: HTTP Resolver Unbounded Response Body Read Enables Denial of Service via Memory Exhaustion |
21.04.2026 |
6.5 |
| CVE-2026-40927 |
Docmost: XSS in Comments with JavaScript URI |
21.04.2026 |
5.4 |
| CVE-2026-40938 |
Tekton Pipelines: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCE |
21.04.2026 |
7.5 |
| CVE-2026-6797 |
Sanluan PublicCMS DocToHtmlUtils.java ZipSecureFile.setMinflateRatio resource consumption |
21.04.2026 |
|
| CVE-2026-6823 |
HKUDS OpenHarness Insecure Default Remote Channel Allowlist |
21.04.2026 |
|
| CVE-2026-6796 |
Sanluan PublicCMS Failed Login LoginAdminController.java log_login cleartext storage in file |
21.04.2026 |
|
| CVE-2026-40892 |
PJSIP: Stack buffer overflow in pjsip_auth_create_digest2() |
21.04.2026 |
|
| CVE-2026-40895 |
follow-redirects: Custom Authentication Headers Leaked to Cross-Domain Redirect Targets |
21.04.2026 |
|
| CVE-2026-40905 |
LinkAce: Password Reset Poisoning via X-Forwarded-Host Header Injection Leading to Account Takeover |
21.04.2026 |
8.1 |
| CVE-2026-40906 |
Electric: SQL Injection via ORDER BY Parameter in Shape API |
21.04.2026 |
10 |
| CVE-2026-40910 |
frp: Authentication bypass in frp HTTP vhost routing when routeByHTTPUser is used for access control |
21.04.2026 |
6.5 |
| CVE-2026-40911 |
WWBN AVideo YPTSocket WebSocket Broadcast Relay Leads to Unauthenticated Cross-User JavaScript Execution via Client-Side eval() Sinks |
21.04.2026 |
10 |
| CVE-2026-40925 |
WWBN AVideo has CSRF in configurationUpdate.json.php Enables Full Site Configuration Takeover Including Encoder URL and SMTP Credentials |
21.04.2026 |
8.3 |
| CVE-2026-40876 |
SFTP root escape via prefix-based path validation in goshs |
21.04.2026 |
|
| CVE-2026-40883 |
goshs: CSRF in state-changing GET routes enables authenticated file deletion and directory creation |
21.04.2026 |
|
| CVE-2026-40884 |
goshs: Empty-username SFTP password authentication bypass in goshs |
21.04.2026 |
9.8 |
| CVE-2026-40885 |
goshs: Public collaborator feed leaks .goshs ACL credentials and enables unauthorized access |
21.04.2026 |
|
| CVE-2026-40889 |
Frappe HR has Improper Access Control on Files |
21.04.2026 |
6.5 |
| CVE-2026-40890 |
github.com/gomarkdown/markdown: Out-of-bounds Read in SmartypantsRenderer |
21.04.2026 |
7.5 |
| CVE-2026-40903 |
Goshs - ArtiPACKED Vulnerability – GitHub Actions Credential Persistence |
21.04.2026 |
9.1 |
| CVE-2026-40907 |
WWBN AVideo has IDOR in Live Restreams list.json.php that Exposes Other Users' Stream Keys and OAuth Tokens |
21.04.2026 |
6.5 |
| CVE-2026-40908 |
WWBN AVideo has an Unauthenticated Information Disclosure via git.json.php that Exposes Developer Emails and Deployed Version |
21.04.2026 |
5.3 |
| CVE-2026-40909 |
WWBN AVideo has a Path Traversal in Locale Save Endpoint that Enables Arbitrary PHP File Write to Any Web-Accessible Directory (RCE) |
21.04.2026 |
8.7 |
| CVE-2026-41320 |
Frappe HR has possibility of SQL Injection due to improper field sanitization |
21.04.2026 |
6.5 |
| CVE-2026-6819 |
HKUDS OpenHarness Plugin Management Command Exposure |
21.04.2026 |
|
| CVE-2026-33812 |
Excessive memory allocation when decoding malicious SFNT in golang.org/x/image |
21.04.2026 |
|
| CVE-2026-33813 |
Panic when decoding large WEBP image on 32-bit platforms in golang.org/x/image |
21.04.2026 |
|
| CVE-2026-40372 |
ASP.NET Core Elevation of Privilege Vulnerability |
22.04.2026 |
9.1 |
| CVE-2026-40869 |
Decidim amendments can be accepted or rejected by anyone |
21.04.2026 |
7.5 |
| CVE-2026-40870 |
Decidim's comments API allows access to all commentable resources |
21.04.2026 |
7.5 |
| CVE-2026-40871 |
mailcow: dockerized vulnerable to Second Order SQL Injection in quarantine category via API |
21.04.2026 |
7.2 |
| CVE-2026-40872 |
mailcow: dockerized vulnerable to stored XSS in autodiscover logs email address field |
21.04.2026 |
|
| CVE-2026-40873 |
mailcow: dockerized vulnerable to stored XSS in Quarantine attachment filenames |
21.04.2026 |
|
| CVE-2026-40874 |
mailcow: dockerized missing authorization on Forwarding Hosts delete action |
21.04.2026 |
|
| CVE-2026-40875 |
mailcow: dockerized vulnerable to stored XSS in user login history real_rip |
21.04.2026 |
|
| CVE-2026-40878 |
mailcow-dockerized Login Page has Reflected Parameter Injection / Wrong-Context XSS Escaping |
21.04.2026 |
|
| CVE-2026-40879 |
Nest: DoS via Recursive handleData in JsonSocket (TCP Transport) |
21.04.2026 |
7.5 |
| CVE-2026-40880 |
Zebra: Cached Mempool Verification Bypasses Consensus Rules for Ahead-of-Tip Blocks |
21.04.2026 |
|
| CVE-2026-40881 |
Zebra: addr/addrv2 Deserialization Resource Exhaustion |
21.04.2026 |
|
| CVE-2026-40887 |
@vendure/core has a SQL Injection vulnerability |
21.04.2026 |
9.1 |
| CVE-2026-40888 |
Frappe HR vulnerable to Improper Access Control |
21.04.2026 |
|
| CVE-2026-22751 |
Spring Security JdbcOneTimeTokenService allows a one-time token to authenticate multiple sessions |
21.04.2026 |
4.8 |
| CVE-2026-40613 |
Coturn: Misaligned Memory Access in coturn STUN Attribute Parser (Remote DoS on ARM64) |
21.04.2026 |
7.5 |
| CVE-2026-40614 |
PJSIP: Heap buffer overflow in Opus codec decoding |
21.04.2026 |
|
| CVE-2026-40865 |
Horilla: Insecure Direct Object Reference at `/employee/view-file/<int:id> |
21.04.2026 |
|
| CVE-2026-40866 |
Horilla: Unauthorized Document Overwrite via File Upload Endpoint |
21.04.2026 |
|
| CVE-2026-40867 |
Horilla: Unauthorized Helpdesk Attachment Access via Attachment ID Manipulation |
21.04.2026 |
|
| CVE-2026-40868 |
kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token |
21.04.2026 |
8.1 |
| CVE-2026-41456 |
Bludit CMS Reflected XSS via Search Plugin |
21.04.2026 |
|
| CVE-2026-6744 |
Bagisto Downloadable Link copy server-side request forgery |
21.04.2026 |
|
| CVE-2026-6745 |
Bagisto Custom Scripts cross site scripting |
21.04.2026 |
|
| CVE-2026-40599 |
ClearanceKit: Ad-hoc signed binaries can spoof Apple process identities in the global allowlist |
21.04.2026 |
|
| CVE-2026-40602 |
hass-cli: Handling of user-supplied Jinja2 templates |
21.04.2026 |
5.6 |
| CVE-2026-40604 |
ClearanceKit: opfilter system extension can be suspended or signalled by a root process, disabling file-access policy enforcement |
21.04.2026 |
|
| CVE-2026-40606 |
ProxyAuth Addon LDAP Injection in mitmproxy |
21.04.2026 |
4.8 |
| CVE-2026-40608 |
Next AI Draw.io: Unbounded HTTP Body — Denial of Service |
21.04.2026 |
6.2 |
| CVE-2026-40611 |
Lego: Arbitrary File Write via Path Traversal in Webroot HTTP-01 Provider |
21.04.2026 |
8.8 |
| CVE-2026-40587 |
blueprintUE: Active Sessions Are Not Invalidated After Password Change or Reset |
21.04.2026 |
6.5 |
| CVE-2026-40588 |
blueprintUE: Authenticated Password Change Does Not Verify Current Password |
21.04.2026 |
8.1 |
| CVE-2026-40594 |
pyLoad: Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition) |
21.04.2026 |
4.8 |
| CVE-2026-41192 |
FreeScout's client-controlled attachment IDs allow deletion of existing conversation attachments |
21.04.2026 |
7.1 |
| CVE-2026-41193 |
FreeScout has Zip Slip path traversal in module installation that allows arbitrary file write leading to RCE |
21.04.2026 |
9.1 |
| CVE-2026-41194 |
FreeScout's Mailbox OAuth disconnect uses a state-changing GET and is CSRFable |
21.04.2026 |
5.4 |
| CVE-2026-21571 |
|
21.04.2026 |
|
| CVE-2026-38834 |
|
21.04.2026 |
|
| CVE-2026-38835 |
|
21.04.2026 |
|
| CVE-2026-40050 |
CrowdStrike LogScale Unauthenticated Path Traversal |
21.04.2026 |
9.8 |
| CVE-2026-40569 |
FreeScout's Mass Assignment in Mailbox Connection Settings Enables Silent Email Exfiltration |
21.04.2026 |
9 |
| CVE-2026-40570 |
FreeScout's Missing Authorization in load_customer_info Allows Any Authenticated User to Access Full Customer PII |
21.04.2026 |
|
| CVE-2026-40583 |
UltraDAG: SmartOp Vote Path Triggers Fatal Supply Invariant Halt |
21.04.2026 |
|
| CVE-2026-40584 |
RansomLook - Improper Filtering of Private Location Entries in API Endpoints Leads to Information Exposure |
21.04.2026 |
|
| CVE-2026-40585 |
blueprintUE: Password Reset Tokens Have No Expiry Window |
21.04.2026 |
7.4 |
| CVE-2026-40586 |
blueprintUE: Login Endpoint Has No Rate Limiting, Lockout, or Brute-Force Protection |
21.04.2026 |
7.5 |
| CVE-2026-40589 |
FreeScout has Customer Edit Cross-Mailbox Email Takeover |
21.04.2026 |
7.6 |
| CVE-2026-40590 |
FreeScout's Customer AJAX Create Modifies Hidden Existing Customer |
21.04.2026 |
4.3 |
| CVE-2026-40591 |
FreeScout: Improper Authorization in Phone Conversation Creation Enables Cross-Mailbox Hidden Customer Modification |
21.04.2026 |
7.1 |
| CVE-2026-40592 |
FreeScout's cross-user undo reply allows mailbox peers to recall another agent's outbound reply |
21.04.2026 |
5.9 |
| CVE-2026-41183 |
FreeScout allows non-folder conversation queries to disclose assigned-only hidden conversations |
21.04.2026 |
4.3 |
| CVE-2026-41189 |
FreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threads |
21.04.2026 |
7.1 |
| CVE-2026-41190 |
FreeScout has assigned-only visibility bypass via save_draft that allows hidden conversation draft injection |
21.04.2026 |
7.1 |
| CVE-2026-41191 |
FreeScout's signature only mailbox permission allows unauthorized mailbox chat setting changes |
21.04.2026 |
7.1 |
| CVE-2026-30452 |
|
21.04.2026 |
|
| CVE-2026-35451 |
Twenty: Stored XSS via BlockNote FileBlock |
21.04.2026 |
5.7 |
| CVE-2026-40161 |
Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL |
21.04.2026 |
7.7 |
| CVE-2026-40279 |
BACnet Stack: Undefined-behavior signed left shift in `decode_signed32()` |
21.04.2026 |
3.7 |
| CVE-2026-40574 |
OAuth2 Proxy has an Authorization Bypass in Email Domain Validation via Malformed Multi-@ Email Claims |
21.04.2026 |
6.8 |
| CVE-2026-40576 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in excel-mcp-server |
21.04.2026 |
9.4 |
| CVE-2026-5652 |
Authorization Bypass Through User-Controlled Key in Crafty Controller |
21.04.2026 |
9 |
| CVE-2026-6743 |
WebSystems WebTOTUM Calendar cross site scripting |
21.04.2026 |
|
| CVE-2019-25714 |
Seeyon Office Anywhere (OA) A8 Unauthenticated Arbitrary File Write via htmlofficeservlet |
21.04.2026 |
|
| CVE-2026-24176 |
|
21.04.2026 |
4.3 |
| CVE-2026-24177 |
|
21.04.2026 |
7.7 |
| CVE-2026-24189 |
|
21.04.2026 |
8.2 |
| CVE-2026-25542 |
Tekton Pipelines: VerificationPolicy regex pattern bypass via substring matching |
21.04.2026 |
6.5 |
| CVE-2026-26067 |
October: Safe Mode Bypass via CSS Preprocessor Compilers |
21.04.2026 |
4.9 |
| CVE-2026-26274 |
October: Safe Mode Bypass via Twig Database Write Operations |
21.04.2026 |
6.6 |
| CVE-2026-27937 |
October: Reflected XSS via DataTable Form Widget |
21.04.2026 |
3.1 |
| CVE-2026-29179 |
October: Editor Sub-Permission Bypass for Asset and Blueprint File Operations |
21.04.2026 |
3.3 |
| CVE-2026-40566 |
FreeScout vulnerable to SSRF via IMAP/SMTP Connection Test Endpoints |
21.04.2026 |
4.1 |
| CVE-2026-40567 |
FreeScout has HTML Injection in Outgoing Emails via Unsanitized Customer Name in Signature Variables |
21.04.2026 |
5.8 |
| CVE-2026-40568 |
FreeScout Vulnerable to XSS via Mailbox Signature Due to Incomplete HTML Sanitization |
21.04.2026 |
8.5 |
| CVE-2017-20230 |
Storable versions before 3.05 for Perl has a stack overflow |
21.04.2026 |
|
| CVE-2025-15638 |
Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt |
21.04.2026 |
|
| CVE-2026-37748 |
|
21.04.2026 |
|
| CVE-2026-40565 |
FreeScout has Stored XSS / CSS Injection via linkify() — Unescaped URL in Anchor href |
21.04.2026 |
6.1 |
| CVE-2025-41011 |
HTML injection in PHP Point Of Sale |
21.04.2026 |
|
| CVE-2025-41029 |
SQL injection in Zeon Academy Pro by Zeon Global Tech |
21.04.2026 |
|
| CVE-2026-40498 |
FreeScout has Authentication Bypass and Information Disclosure in SystemController via /system/cron |
21.04.2026 |
|
| CVE-2025-10354 |
Reflected Cross-Site Scripting (XSS) in Semantic MediaWiki |
21.04.2026 |
|
| CVE-2025-31981 |
HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption |
21.04.2026 |
5.3 |
| CVE-2026-31013 |
|
21.04.2026 |
|
| CVE-2026-31014 |
|
21.04.2026 |
|
| CVE-2026-31019 |
|
21.04.2026 |
|
| CVE-2026-3298 |
Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes |
21.04.2026 |
|
| CVE-2026-5789 |
Search path without quotes in CivetWeb |
21.04.2026 |
|
| CVE-2025-14362 |
GoAnywhere MFT SFTP Service Login Vulnerable to Brute Force Attack Under Certain Circumstances |
21.04.2026 |
7.3 |
| CVE-2025-1241 |
Encryption vulnerable to brute-force decryption in GoAnywhere MFT |
21.04.2026 |
5.8 |
| CVE-2025-31958 |
HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling |
21.04.2026 |
3.7 |
| CVE-2026-0971 |
GoAnywhere MFT SAML Sessions do not redirect to logout URL on session timeout |
21.04.2026 |
4.3 |
| CVE-2026-0972 |
GoAnywhere MFT SFTP Service Login Vulnerable to Brute Force Attack Under Certain Circumstances |
21.04.2026 |
7.3 |
| CVE-2026-1089 |
User‑Controlled HTTP Header In Fortra's GoAnywhere MFT Allows Arbitrary DNS Lookups |
21.04.2026 |
6.5 |
| CVE-2026-29644 |
|
21.04.2026 |
|
| CVE-2026-31018 |
|
21.04.2026 |
|
| CVE-2026-40520 |
FreePBX api module Command Injection via GraphQL |
21.04.2026 |
|
| CVE-2026-6746 |
Use-after-free in the DOM: Core & HTML component |
21.04.2026 |
|
| CVE-2026-6747 |
Use-after-free in the WebRTC component |
21.04.2026 |
|
| CVE-2026-6748 |
Uninitialized memory in the Audio/Video: Web Codecs component |
21.04.2026 |
|
| CVE-2026-6749 |
Information disclosure due to uninitialized memory in the Graphics: Canvas2D component |
21.04.2026 |
|
| CVE-2026-6750 |
Privilege escalation in the Graphics: WebRender component |
21.04.2026 |
|
| CVE-2026-6751 |
Uninitialized memory in the Audio/Video: Web Codecs component |
21.04.2026 |
|
| CVE-2026-6752 |
Incorrect boundary conditions in the WebRTC component |
21.04.2026 |
|
| CVE-2026-6753 |
Incorrect boundary conditions in the WebRTC component |
21.04.2026 |
|
| CVE-2026-6754 |
Use-after-free in the JavaScript Engine component |
21.04.2026 |
|
| CVE-2026-6755 |
Mitigation bypass in the DOM: postMessage component |
21.04.2026 |
|
| CVE-2026-6756 |
Mitigation bypass in Firefox for Android |
21.04.2026 |
|
| CVE-2026-6757 |
Invalid pointer in the JavaScript: WebAssembly component |
21.04.2026 |
|
| CVE-2026-6758 |
Use-after-free in the JavaScript: WebAssembly component |
21.04.2026 |
|
| CVE-2026-6759 |
Use-after-free in the Widget: Cocoa component |
21.04.2026 |
|
| CVE-2026-6760 |
Mitigation bypass in the Networking: Cookies component |
21.04.2026 |
|
| CVE-2026-6761 |
Privilege escalation in the Networking component |
21.04.2026 |
|
| CVE-2026-6762 |
Spoofing issue in the DOM: Core & HTML component |
21.04.2026 |
|
| CVE-2026-6763 |
Mitigation bypass in the File Handling component |
21.04.2026 |
|
| CVE-2026-6764 |
Incorrect boundary conditions in the DOM: Device Interfaces component |
21.04.2026 |
|
| CVE-2026-6765 |
Information disclosure in the Form Autofill component |
21.04.2026 |
|
| CVE-2026-6766 |
Incorrect boundary conditions in the Libraries component in NSS |
21.04.2026 |
|
| CVE-2026-6767 |
Other issue in the Libraries component in NSS |
21.04.2026 |
|
| CVE-2026-6768 |
Mitigation bypass in the Networking: Cookies component |
21.04.2026 |
|
| CVE-2026-6769 |
Privilege escalation in the Debugger component |
21.04.2026 |
|
| CVE-2026-6770 |
Other issue in the Storage: IndexedDB component |
21.04.2026 |
|
| CVE-2026-6771 |
Mitigation bypass in the DOM: Security component |
21.04.2026 |
|
| CVE-2026-6772 |
Incorrect boundary conditions in the Libraries component in NSS |
21.04.2026 |
|
| CVE-2026-6773 |
Denial-of-service due to integer overflow in the Graphics: WebGPU component |
21.04.2026 |
|
| CVE-2026-6774 |
Mitigation bypass in the DOM: Security component |
21.04.2026 |
|
| CVE-2026-6775 |
Incorrect boundary conditions in the WebRTC component |
21.04.2026 |
|
| CVE-2026-6776 |
Incorrect boundary conditions in the WebRTC: Networking component |
21.04.2026 |
|
| CVE-2026-6777 |
Other issue in the Networking: DNS component |
21.04.2026 |
|
| CVE-2026-6778 |
Invalid pointer in the Audio/Video: Playback component |
21.04.2026 |
|
| CVE-2026-6779 |
Other issue in the JavaScript Engine component |
21.04.2026 |
|
| CVE-2026-6780 |
Denial-of-service in the Audio/Video: Playback component |
21.04.2026 |
|
| CVE-2026-6781 |
Denial-of-service in the Audio/Video: Playback component |
21.04.2026 |
|
| CVE-2026-6782 |
Information disclosure in the IP Protection component |
21.04.2026 |
|
| CVE-2026-6783 |
Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component |
21.04.2026 |
|
| CVE-2026-6784 |
Memory safety bugs fixed in Firefox 150 and Thunderbird 150 |
22.04.2026 |
|
| CVE-2026-6785 |
Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150 |
22.04.2026 |
|
| CVE-2026-6786 |
Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150 |
22.04.2026 |
|
| CVE-2026-32147 |
SFTP chroot bypass via path traversal in SSH_FXP_FSETSTAT |
22.04.2026 |
|