CVE Field Guide

Critical CVEs

CVE	Title	Updated	Score
CVE-2026-41872		12.05.2026	9.1
CVE-2026-34260	SQL injection vulnerability in SAP S/4HANA (SAP Enterprise Search for ABAP)	12.05.2026	9.6
CVE-2026-34263	Missing authentication check in SAP Commerce cloud configuration	12.05.2026	9.6
CVE-2026-45321	Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys	12.05.2026	9.6
CVE-2026-43899	DeepChat: Incomplete Fix for CVE-2025-55733 leads to Remote Code Execution via Markdown Links bypassing `isValidExternalUrl`	11.05.2026	9.6
CVE-2026-43900	DeepChat: Persistent DOM XSS via HTML Entity Encoding in `<antArtifact>` SVG Rendering (Bypass of `svgSanitizer.ts`)	11.05.2026	9.3
CVE-2026-42882	oxyno-zeta/s3-proxy: Security Issues in Resource Path Matching	11.05.2026	9.4
CVE-2026-42869	SOCFortress CoPilot: Hardcoded JWT secret allows unauthenticated full admin compromise and lateral movement into all integrated SOC tools	11.05.2026	10
CVE-2026-42864	FireFighter: Unauthenticated SSRF in Raid jira_bot endpoint allows IAM credential theft	11.05.2026	9.9
CVE-2026-42607	Grav: Remote Code Execution (RCE) via Malicious Plugin ZIP Upload in Direct Install Feature	11.05.2026	9.1
CVE-2026-42613	Grav: Privilege Escalation via Missing Server-Side Validation of groups/access	11.05.2026	9.4
CVE-2026-44643	Angular Expressions - Remote Code Execution using filters	11.05.2026	9.3
CVE-2026-7813	pgAdmin 4: Cross-user data access and shared-server privilege escalation in server mode	11.05.2026	9.4
CVE-2026-40636		12.05.2026	9.8
CVE-2021-47923	OpenCart 3.0.3.8 Session Fixation via OCSESSID Cookie	11.05.2026	9.3
CVE-2021-47932	WordPress TheCartPress 1.5.3.6 Privilege Escalation Unauthenticated	11.05.2026	9.3
CVE-2021-47933	WordPress MStore API 2.0.6 Arbitrary File Upload	11.05.2026	9.3
CVE-2021-47936	OpenCATS 0.9.4 Remote Code Execution via Resume Upload	11.05.2026	9.3
CVE-2021-47940	WordPress Download From Files 1.48 Arbitrary File Upload	11.05.2026	9.3
CVE-2026-6722	Use-After-Free in SOAP using Apache map	12.05.2026	9.5
CVE-2026-42569	phpvms: /importer authorization bypass causing full database wipe	09.05.2026	9.4
CVE-2026-42571	Privilege Escalation Attack affecting Pelican Web UI	12.05.2026	9
CVE-2026-42601	ArchiveBox Vulnerable to RCE via unvalidated per-crawl config overrides in AddView	11.05.2026	9.3
CVE-2026-42560	auth: Patreon provider assigns the same local user ID to every authenticated Patreon account, enabling cross‑user impersonation	11.05.2026	9.1
CVE-2026-44313	LinkWarden: Server-Side Request Forgery (SSRF) in Link Creation via fetchTitleAndHeaders Function	11.05.2026	9.1
CVE-2026-42354	Sentry: Improper authentication on SAML SSO process allows user identity linking	11.05.2026	9.1
CVE-2026-42454	Termix: OS Command Injection in Docker Container Management Endpoints	08.05.2026	9.9
CVE-2026-42298	Postiz: Arbitrary Code Execution and Token Exfiltration in pr-docker-build.yml via untrusted Dockerfile.dev	11.05.2026	10
CVE-2026-42302	FastGPT: Unauthenticated Remote Code Execution (RCE) via code-server Misconfiguration in agent-sandbox	08.05.2026	9.8
CVE-2026-42287	Emlog: SQL Injection Vulnerability in log_model.php within addLog() and updateLog() Functions	11.05.2026	10
CVE-2026-42193	Plunk: SNS webhook forgery	11.05.2026	9.1
CVE-2026-42160	Data Space Portal: Incorrect Authorization and Client-Side Enforcement of Server-Side Security in ghcr.io/sovity/ds-portal-ce-backend	11.05.2026	10
CVE-2026-8178	Remote Code Execution via Unsafe Class Loading in Amazon Redshift JDBC Driver	08.05.2026	9.2
CVE-2026-42072	Nornicdb: Improper Network Binding in NornicDB Bolt Server allows unauthorized remote access	12.05.2026	9.8
CVE-2026-41070	openvpn-auth-oauth2 returns FUNC_SUCCESS on client-deny, allowing unauthenticated VPN access	08.05.2026	10
CVE-2026-41574	Nhost Vulnerable to Account Takeover via OAuth Email Verification Bypass	08.05.2026	9.3
CVE-2026-41583	ZEBRA: Consensus Divergence in Transparent Sighash Hash-Type Handling	08.05.2026	9.3
CVE-2026-41584	ZEBRA: rk Identity Point Panic in Transaction Verification	08.05.2026	9.2
CVE-2026-41588	RELATE: Timing Attack Vulnerability in course/auth.py — check_sign_in_key()	08.05.2026	9
CVE-2026-44497	ZEBRA: Consensus Divergence in Transparent Sighash Hash-Type Handling due to Stale Buffer	08.05.2026	9.3
CVE-2026-44498	ZEBRA: Block Validator Undercounts Coinbase and P2SH Sigops	08.05.2026	9.2
CVE-2026-43376	ksmbd: fix use-after-free by using call_rcu() for oplock_info	11.05.2026	9.8
CVE-2026-43379	ksmbd: fix use-after-free in smb_lazy_parent_lease_break_close()	11.05.2026	9.8
CVE-2026-43383	net/tcp-md5: Fix MAC comparison to be constant-time	11.05.2026	9.4
CVE-2026-43384	net/tcp-ao: Fix MAC comparison to be constant-time	11.05.2026	9.8
CVE-2026-43402	kthread: consolidate kthread exit paths to prevent use-after-free	11.05.2026	9.8
CVE-2026-43406	libceph: prevent potential out-of-bounds reads in process_message_header()	11.05.2026	9.1
CVE-2026-43407	libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()	11.05.2026	9.1
CVE-2026-43414	scsi: qla2xxx: Completely fix fcport double free	11.05.2026	9.8
CVE-2026-43465	net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ	11.05.2026	9.8
CVE-2026-41497	Incomplete fix for CVE-2026-34935: Command Injection in MervinPraison/PraisonAI	08.05.2026	9.8
CVE-2026-41507	Remote Code Execution (RCE) via String Literal Injection into math-codegen	08.05.2026	9.8
CVE-2026-41512	Remote code execution via JavaScript injection in `BrowserAutomation::PlaywrightService`	08.05.2026	9.9
CVE-2026-43341	net/ipv6: ioam6: prevent schema length wraparound in trace fill	11.05.2026	9.8
CVE-2026-44126	Insecure deserialization	08.05.2026	9.2
CVE-2026-44336	PraisonAI MCP `tools/call` path-traversal and RCE via Python `.pth` injection	11.05.2026	9.4
CVE-2026-43304	libceph: define and enforce CEPH_MAX_KEY_LEN	11.05.2026	9.8
CVE-2026-44125	Missing Authorization in GINAv2	08.05.2026	9.3
CVE-2026-44128	Unauthenticated Remote Code Execution	08.05.2026	9.3
CVE-2022-50994	DrayTek Vigor 2960 < 1.5.1.4 OS Command Injection via mainfunction.cgi	08.05.2026	9.2
CVE-2026-8076	Weak credentials vulnerability in the CashDro 3 web administration panel	08.05.2026	9.3
CVE-2026-8153	Command injection in Dashboard Server interface	11.05.2026	9.8
CVE-2026-6213	Remote Spark SparkView RCE	11.05.2026	10
CVE-2026-41500	electerm has Command Injection Vulnerability via runMac function	08.05.2026	9.8
CVE-2026-41501	electerm has Command Injection Vulnerability via runLinux function	08.05.2026	9.8
CVE-2026-42208	LiteLLM: SQL injection in Proxy API key verification	09.05.2026	9.3
CVE-2026-43941	Unvalidated shell.openExternal in electerm allows arbitrary protocol execution via terminal link click	08.05.2026	9.6
CVE-2026-43944	electerm: dangerous code can be run through links or command line	11.05.2026	9.4
CVE-2026-42880	ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction	08.05.2026	9.6
CVE-2026-33109	Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability	09.05.2026	9.9
CVE-2026-33823	Microsoft Team Events Portal Information Disclosure Vulnerability	08.05.2026	9.6
CVE-2026-33844	Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability	09.05.2026	9
CVE-2026-35428	Azure Cloud Shell Spoofing Vulnerability	09.05.2026	9.6
CVE-2026-42826	Azure DevOps Information Disclosure Vulnerability	09.05.2026	10
CVE-2026-7891		08.05.2026	9.3
CVE-2026-41902	FreeScout's user invitation hash never expires: permanent unauthenticated account takeover if invite link leaks	08.05.2026	9.1
CVE-2026-7414	Hardcoded credentials in Yarbo robot firmware	07.05.2026	9.8
CVE-2026-7415	Open MQTT orchestration without read/write ACLs in Yarbo robot firmware	07.05.2026	9.8
CVE-2026-41589	Wish has SCP Path Traversal that allows arbitrary file read/write	07.05.2026	9.6
CVE-2026-6795	Open Redirect in DivvyDrive Information Technologies' DivvyDrive	07.05.2026	9.6
CVE-2026-6508	RCE in TUBITAK BILGEM's Liderahenk	07.05.2026	9.8
CVE-2026-33587	Remote Code Execution (RCE) via Server-Side Template Injection (SSTI)	07.05.2026	9.2
CVE-2026-41586	ObjectInputStream.readObject() without ObjectInputFilter in fabric-sdk-java allows Java deserialization RCE	07.05.2026	9.3
CVE-2026-40982		10.05.2026	9.1
CVE-2026-41201	CI4MS: Backup Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM Blind XSS Version 2	07.05.2026	9.1
CVE-2026-41202	ci4ms Backup::restore is vulnerable to Zip Slip leading to RCE	07.05.2026	9.4
CVE-2026-41203	ci4ms Theme::upload is vulnerable to Zip Slip leading to RCE	07.05.2026	9.4
CVE-2026-40281	Gotenberg vulnerable to argument injection via newlines in ExifTool metadata values	07.05.2026	10
CVE-2026-43575	OpenClaw 2026.2.21 < 2026.4.10 - Authentication Bypass in Sandbox noVNC Helper Route	07.05.2026	9.2
CVE-2026-43578	OpenClaw 2026.3.31 < 2026.4.10 - Privilege Escalation via Missed Async Exec Completion Events in Heartbeat Owner Downgrade	07.05.2026	9.1
CVE-2026-43581	OpenClaw < 2026.4.10 - Chrome DevTools Protocol Exposure via Overly Broad CDP Relay Binding	07.05.2026	9
CVE-2026-43585	OpenClaw < 2026.4.15 - Bearer Token Validation Bypass via Stale SecretRef Resolution	07.05.2026	9.2
CVE-2026-44109	OpenClaw < 2026.4.15 - Authentication Bypass in Feishu Webhook and Card-Action Validation	07.05.2026	9.2
CVE-2026-40076	OpenMRS Core arbitrary file write and code execution via Zip Slip in module upload	07.05.2026	9.4
CVE-2026-41930	Vvveb < 1.0.8.2 Hard-coded Credentials Information Disclosure via phpMyAdmin	08.05.2026	9.2
CVE-2026-29090	Rucio SQL injection in postgres_meta DID search path compromises PostgreSQL metadata database	06.05.2026	9
CVE-2026-29080	Rucio SQL Injection in FilterEngine Oracle JSON Path via DID Search API	06.05.2026	9.4
CVE-2026-7875	NanoClaw Host/Container Filesystem Boundary Vulnerability via Outbound Attachment Handling	07.05.2026	9.3
CVE-2026-43125	dlm: validate length in dlm_search_rsb_tree	11.05.2026	9.8
CVE-2026-43185	ksmbd: fix signededness bug in smb_direct_prepare_negotiation()	11.05.2026	9.8
CVE-2026-43186	ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data()	11.05.2026	9.8
CVE-2026-43197	netconsole: avoid OOB reads, msg is not nul-terminated	11.05.2026	9.1
CVE-2026-43198	tcp: fix potential race in tcp_v6_syn_recv_sock()	11.05.2026	9.8
CVE-2026-43208	net: do not pass flow_id to set_rps_cpu()	11.05.2026	9.8
CVE-2026-43083	net: ioam6: fix OOB and missing lock	11.05.2026	9.1
CVE-2026-43114	netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry	11.05.2026	9.4
CVE-2026-43117	btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file()	11.05.2026	9.1
CVE-2026-34458	Sandboxie-Plus privilege escalation via INI CRLF injection bypassing EditAdminOnly	07.05.2026	9.3
CVE-2026-40329	SQL Injection vulnerability via sortBy in beanFeed	06.05.2026	9.3
CVE-2026-40330	Masa CMS SQL injection via sortDirection parameter in beanFeed	06.05.2026	9.3
CVE-2026-40331	Masa CMS unauthenticated SQL injection via altTable parameter in JSON API	06.05.2026	9.3
CVE-2026-33324	SQLBot prompt injection allows arbitrary SQL execution and remote code execution	05.05.2026	9.4
CVE-2026-34084	PhpSpreadsheet SSRF and RCE via PHP stream wrappers in IOFactory::load	05.05.2026	9.2
CVE-2026-27960	OpenCTI privilege escalation and unauthenticated access via default admin account	06.05.2026	9.8
CVE-2026-7854	D-Link DI-8100 POST Parameter url_rule.asp url_rule_asp buffer overflow	06.05.2026	9.3
CVE-2026-7853	D-Link DI-8100 HTTP auto_reboot.asp sprintf buffer overflow	05.05.2026	9.3
CVE-2026-43067	ext4: handle wraparound when searching for blocks for indirect mapped blocks	11.05.2026	9.8
CVE-2026-43071	dcache: Limit the minimal number of bucket to two	11.05.2026	9.1
CVE-2026-7411		06.05.2026	10
CVE-2026-7834	EFM ipTIME NAS1dual misc_main.cgi get_csrf_whites stack-based overflow	05.05.2026	9.3
CVE-2023-54342	Eclipse Equinox OSGi 3.8-3.18 Console Remote Code Execution	05.05.2026	9.3
CVE-2023-54344	Eclipse Equinox OSGi 3.7.2 Remote Code Execution via Console	05.05.2026	9.3
CVE-2026-43534	OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events	06.05.2026	9.3
CVE-2026-43566	OpenClaw 2026.4.7 < 2026.4.14 - Privilege Escalation via Untrusted Webhook Wake Events	05.05.2026	9.1

Latest Updates

CVE	Title	Updated	Score
CVE-2026-35227	Improper resource management in CODESYS Modbus TCP Server	12.05.2026
CVE-2026-0541		12.05.2026	6.7
CVE-2026-0802		12.05.2026	6
CVE-2026-0804		12.05.2026	6.7
CVE-2026-1185		12.05.2026	5.4
CVE-2026-1681	net: Stack Overflow with Ping (to own IP Address) via Shell	12.05.2026	6.1
CVE-2026-41530		12.05.2026
CVE-2026-41872		12.05.2026
CVE-2026-45430		12.05.2026	7.1
CVE-2026-7255		12.05.2026	6.5
CVE-2026-7256		12.05.2026	8.8
CVE-2026-7257		12.05.2026	4.4
CVE-2026-7287		12.05.2026	7.5
CVE-2026-0502	Cross Site Request Forgery (CSRF) in SAP BusinessObjects Business Intelligence Platform	12.05.2026	5.4
CVE-2026-27682	Reflected Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Business Server Pages)	12.05.2026	4.7
CVE-2026-34258	Content Spoofing vulnerability in SAPUI5 (Search UI)	12.05.2026	4.7
CVE-2026-34259	OS Command Injection Vulnerability in SAP Forecasting & Replenishment	12.05.2026	8.2
CVE-2026-34260	SQL injection vulnerability in SAP S/4HANA (SAP Enterprise Search for ABAP)	12.05.2026	9.6
CVE-2026-34263	Missing authentication check in SAP Commerce cloud configuration	12.05.2026	9.6
CVE-2026-40129	Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform	12.05.2026	4.3
CVE-2026-40131	SQL Injection vulnerability in SAP HANA Deployment Infrastructure (HDI) deploy library	12.05.2026	3.4
CVE-2026-40132	Missing Authorization Check in SAP Strategic Enterprise Management (BSP application Balanced Scorecard Wizard)	12.05.2026	5.4
CVE-2026-40133	Missing Authorization check in SAP S/4HANA Condition Maintenance	12.05.2026	6.3
CVE-2026-40134	Missing Authorization Check in SAP Incentive and Commission Management	12.05.2026	4.3
CVE-2026-40135	OS Command Injection vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform	12.05.2026	6.5
CVE-2026-40136	Denial of service (DoS) in SAP Financial Consolidation	12.05.2026	4.3
CVE-2026-40137	Cross-Site Scripting (XSS) vulnerability in Business Server Pages Application (TAF_APPLAUNCHER)	12.05.2026	6.1
CVE-2026-45391		12.05.2026
CVE-2026-45392		12.05.2026
CVE-2026-45393		12.05.2026
CVE-2026-45321	Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys	12.05.2026	9.6
CVE-2026-45362		12.05.2026	3.2
CVE-2026-8349	omec-project amf NGAP Message memory corruption	11.05.2026
CVE-2026-8346	D-Link DIR-816 portForward command injection	11.05.2026
CVE-2026-34963	barebox EFI PE Loader Memory Safety Vulnerabilities	11.05.2026	8.4
CVE-2026-34962	barebox ext4 Directory Parsing Infinite Loop Denial of Service	11.05.2026	6.2
CVE-2026-42554	Fiber: XSS in AutoFormat Content Negotiation	11.05.2026
CVE-2026-43899	DeepChat: Incomplete Fix for CVE-2025-55733 leads to Remote Code Execution via Markdown Links bypassing `isValidExternalUrl`	11.05.2026	9.6
CVE-2026-43900	DeepChat: Persistent DOM XSS via HTML Entity Encoding in `<antArtifact>` SVG Rendering (Bypass of `svgSanitizer.ts`)	11.05.2026	9.3
CVE-2026-43901	Wireshark MCP: Arbitrary file write via export_objects when WIRESHARK_MCP_ALLOWED_DIRS is not configured	11.05.2026	6.8
CVE-2026-43911	Vaultwarden: Refresh tokens not invalidated on security stamp rotation	11.05.2026	6.8
CVE-2026-43912	Vaultwarden: Cross-Org Group Binding Enables Unauthorized Read And Write Access Into Another Organization	11.05.2026	8.7
CVE-2026-43913	Vaultwarden: Unconfirmed Owner Can Purge Entire Organization Vault	11.05.2026	8.1
CVE-2026-43914	Vaultwarden: Brute-force protection bypass vulnerability	11.05.2026	7.3
CVE-2026-8345	D-Link DIR-816 singlePortForward sub_445E7C command injection	11.05.2026
CVE-2026-34961	barebox ext4 Extent Parsing Out-of-Bounds Read	11.05.2026	6.2
CVE-2026-42046	libcaca: Heap OOB write in canvas import functions caused by int overflow	11.05.2026	7.8
CVE-2026-42188	Geyser: Server-Side Request Forgery (SSRF) via Player Head Texture URL	11.05.2026	2.4
CVE-2026-42564	jotty·page: Unauthenticated Path Traversal leads to sensitive file disclosure and session-token reuse impact	11.05.2026	8.2
CVE-2026-43886	Outline: OAuth Scope Validation Logic Error Allows Privilege Escalation to Wildcard API Access	11.05.2026	8.2
CVE-2026-43887	Outline: Stored XSS via Comment Mentions	11.05.2026	7.3
CVE-2026-43888	Outline: Zip Extraction Path Escape via PATH_MAX Truncation in Collection Import	11.05.2026	8.7
CVE-2026-43889	Outline: Unauthorized Document Publication via Mixed collectionId+documentId Share	11.05.2026	6.5
CVE-2026-43890	Outline: IDOR in subscriptions.create allows cross-tenant subscription on private documents (sibling of GHSA-23jj-rp48-w7q7)	11.05.2026	7.7
CVE-2026-43897	Link Preview JS: vunerable to IPv6 and internal loopback attacks	11.05.2026
CVE-2026-44695	Outline: Slack OAuth state can link a victim Outline account to an attacker Slack identity	11.05.2026	5.8
CVE-2026-7010	HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values	11.05.2026
CVE-2026-8344	D-Link DIR-816 formDMZ.cgi sub_445E7C command injection	11.05.2026
CVE-2026-34960	barebox Out-of-Bounds Read in DHCP Option Parsing	11.05.2026	6.5
CVE-2026-42600	MinIO: Path Traversal via msgpack Body in `ReadMultiple` Storage-REST Endpoint	11.05.2026
CVE-2026-43873	WWBN AVideo: Unauthenticated Disclosure of CloneSite `myKey` via Error Echo in `cloneClient.json.php` Enables Cross-Site DB Dump of the Configured Clone Server	11.05.2026	7.5
CVE-2026-43875	WWBN AVideo: Password Hash Leaked in MobileManager OAuth Redirect URL Enables Account Takeover	11.05.2026	6.8
CVE-2026-43876	WWBN AVideo: HTML Injection in notifySubscribers.json.php Enables Platform-Branded Phishing Emails to Channel Subscribers	11.05.2026	6.4
CVE-2026-43877	WWBN AVideo: CSRF in userSavePhoto.php Allows Cross-Origin Overwrite of Any Logged-in User's Profile Photo with Arbitrary Bytes	11.05.2026	5.4
CVE-2026-43878	WWBN AVideo: Reflected XSS in plugin/Meet/iframe.php via Unescaped `user`/`pass` Parameters Reflected into JavaScript String Literal	11.05.2026	6.1
CVE-2026-43879	WWBN AVideo: Blind SSRF in YPTWallet Donation Webhook via Missing isSSRFSafeURL() Check and CURLOPT_FOLLOWLOCATION Redirect Bypass	11.05.2026	5.4
CVE-2026-43880	WWBN AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Allows Phishing from Site's Legitimate From Address	11.05.2026	5.3
CVE-2026-43881	WWBN AVideo: Unauthenticated User Enumeration in `objects/users.json.php` via `isCompany` Parameter Flips `$ignoreAdmin = true` and Defeats Admin-Only Listing Guard	11.05.2026	5.3
CVE-2026-43882	WWBN AVideo: Unauthenticated CRLF/ICS Injection in Scheduler downloadICS.php Allows Calendar Event Spoofing	11.05.2026	4.3
CVE-2026-43883	WWBN AVideo: IDOR in PayPalYPT agreementCancel.json.php Allows Any Authenticated User to Cancel Arbitrary PayPal Subscription Agreements	11.05.2026	4.2
CVE-2026-43884	WWBN AVideo: SSRF Protection Bypass via HTTP Redirect and DNS Rebinding in isSSRFSafeURL()	11.05.2026	7.7
CVE-2026-43885	WWBN AVideo: Exposure of Sensitive Information to an Unauthorized Actor and Missing Authorization	11.05.2026
CVE-2026-43893	exiftool-vendored: Argument injection via newline characters in tag names	11.05.2026	8.2
CVE-2026-20696		11.05.2026
CVE-2026-28819		11.05.2026
CVE-2026-28830		11.05.2026
CVE-2026-28840		11.05.2026
CVE-2026-28846		11.05.2026
CVE-2026-28847		11.05.2026
CVE-2026-28848		11.05.2026
CVE-2026-28860		11.05.2026
CVE-2026-28872		11.05.2026
CVE-2026-28873		11.05.2026
CVE-2026-28883		11.05.2026
CVE-2026-28897		11.05.2026
CVE-2026-28901		11.05.2026
CVE-2026-28902		11.05.2026
CVE-2026-28903		11.05.2026
CVE-2026-28904		11.05.2026
CVE-2026-28905		11.05.2026
CVE-2026-28906		11.05.2026
CVE-2026-28907		11.05.2026
CVE-2026-28908		11.05.2026
CVE-2026-28910		11.05.2026
CVE-2026-28913		11.05.2026
CVE-2026-28914		11.05.2026
CVE-2026-28915		11.05.2026
CVE-2026-28917		11.05.2026
CVE-2026-28918		11.05.2026
CVE-2026-28919		11.05.2026
CVE-2026-28920		11.05.2026
CVE-2026-28922		11.05.2026
CVE-2026-28923		11.05.2026
CVE-2026-28924		11.05.2026
CVE-2026-28925		11.05.2026
CVE-2026-28929		11.05.2026
CVE-2026-28930		11.05.2026
CVE-2026-28936		11.05.2026
CVE-2026-28940		11.05.2026
CVE-2026-28941		11.05.2026
CVE-2026-28942		11.05.2026
CVE-2026-28943		11.05.2026
CVE-2026-28944		11.05.2026
CVE-2026-28946		11.05.2026
CVE-2026-28947		11.05.2026
CVE-2026-28951		11.05.2026
CVE-2026-28952		11.05.2026
CVE-2026-28953		11.05.2026
CVE-2026-28954		11.05.2026
CVE-2026-28955		11.05.2026
CVE-2026-28956		11.05.2026
CVE-2026-28957		11.05.2026
CVE-2026-28958		11.05.2026
CVE-2026-28959		11.05.2026
CVE-2026-28961		11.05.2026
CVE-2026-28962		11.05.2026
CVE-2026-28963		11.05.2026
CVE-2026-28964		11.05.2026
CVE-2026-28965		11.05.2026
CVE-2026-28967		11.05.2026
CVE-2026-28969		11.05.2026
CVE-2026-28971		11.05.2026
CVE-2026-28972		11.05.2026
CVE-2026-28974		11.05.2026
CVE-2026-28976		11.05.2026
CVE-2026-28977		11.05.2026
CVE-2026-28978		11.05.2026
CVE-2026-28983		11.05.2026
CVE-2026-28985		11.05.2026
CVE-2026-28986		11.05.2026
CVE-2026-28987		11.05.2026
CVE-2026-28988		11.05.2026
CVE-2026-28990		11.05.2026
CVE-2026-28991		11.05.2026
CVE-2026-28992		11.05.2026
CVE-2026-28993		11.05.2026
CVE-2026-28994		11.05.2026
CVE-2026-28995		11.05.2026
CVE-2026-28996		11.05.2026
CVE-2026-37630		11.05.2026
CVE-2026-39869		11.05.2026
CVE-2026-39870		11.05.2026
CVE-2026-39871		11.05.2026
CVE-2026-41489	Pi-hole: Local privilege escalation via config-controlled path in root-executed service hooks	11.05.2026	8.8
CVE-2026-42888	Audiobookshelf: Path Traversal vulnerability in the audiobookshelf project	11.05.2026
CVE-2026-43652		11.05.2026
CVE-2026-43653		11.05.2026
CVE-2026-43654		11.05.2026
CVE-2026-43655		11.05.2026
CVE-2026-43656		11.05.2026
CVE-2026-43658		11.05.2026
CVE-2026-43659		11.05.2026
CVE-2026-43660		11.05.2026
CVE-2026-43661		11.05.2026
CVE-2026-43666		11.05.2026
CVE-2026-43668		11.05.2026
CVE-2026-43874	WWBN AVideo: Incomplete Fix for YPTSocket autoEvalCodeOnHTML Strip: Unauthenticated Cross-User JavaScript Execution via `$msg['json']` Relay Bypass	11.05.2026	7.2
CVE-2026-36734		11.05.2026
CVE-2026-42050	ImageMagick: Stack buffer overflow in XTileImage	11.05.2026	5.5
CVE-2026-42882	oxyno-zeta/s3-proxy: Security Issues in Resource Path Matching	11.05.2026	9.4
CVE-2026-42883	Audiobookshelf: Cross-library file exfiltration via unscoped bulk download endpoint	11.05.2026	6.5
CVE-2026-42884	Audiobookshelf: Collection endpoints bypass library access controls exposing restricted library data	11.05.2026	4.3
CVE-2026-42885	Audiobookshelf: Path prefix bypass in filesystem existence check leaks out-of-scope file existence	11.05.2026	4.3
CVE-2026-42886	Audiobookshelf: Memory amplification DoS via oversized compressed details entry in backup upload	11.05.2026	4.9
CVE-2026-42887	Audiobookshelf: Stored Cross-Site Scripting in Login Page Custom Message	11.05.2026	4.5
CVE-2026-8320	jishenghua jshERP updatePlatformConfigByKey Endpoint UserService.java getUserByWeixinCode server-side request forgery	11.05.2026
CVE-2026-8321	inkeep agents runAuth Middleware runAuth.ts createDevContext authentication bypass	11.05.2026
CVE-2022-4988	Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries	11.05.2026
CVE-2026-2614	Arbitrary File Read via Prompt Tag Source Validation Bypass in mlflow/mlflow	11.05.2026
CVE-2026-42565	@workos/authkit-session: Open Redirect via state-derived redirect target	11.05.2026	4.3
CVE-2026-42869	SOCFortress CoPilot: Hardcoded JWT secret allows unauthenticated full admin compromise and lateral movement into all integrated SOC tools	11.05.2026	10
CVE-2026-42870	WeGIA: Cross-Site Scripting (XSS) Stored endpoint 'informacao_adicional.php' parameter 'descricao'	11.05.2026
CVE-2026-42872	WeGIA: Reflected XSS in listar_arquivos_etapa.php	11.05.2026	6.1
CVE-2026-42873	WeGIA: Error Handling Upload DocDependente	11.05.2026	0
CVE-2026-42874	Microdot: HTTP response splitting in Response.set_cookie()	11.05.2026	3.7
CVE-2026-42875	External Secrets Operator: Namespace Isolation Bypass in CAProvider ConfigMap Resolution for SecretStore	11.05.2026
CVE-2026-42876	External Secrets Operator: Priviledge escalation with secret overwriting	11.05.2026	4.9
CVE-2026-45025	WeGIA: Stored XSS in html/atendido/etapa_processo.php	11.05.2026	6.8
CVE-2026-45026	WeGIA: Stored XSS in html/atendido/processo_aceitacao.php	11.05.2026	6.8
CVE-2026-6146	Amazon::Credentials versions through 1.2.0 for Perl uses rand to generate encryption keys	11.05.2026
CVE-2026-8319	aiwaves-cn agents cheshire_cat_core stray_cat.py recall_relevant_memories_to_working_memory resource consumption	11.05.2026
CVE-2026-42864	FireFighter: Unauthenticated SSRF in Raid jira_bot endpoint allows IAM credential theft	11.05.2026	9.9
CVE-2026-42866	Tookie: Arbitrary file write via path traversal in -u username / -U userfile output filename	11.05.2026
CVE-2026-42871	WeGIA: Error Handling familiar_docfamiliar	11.05.2026
CVE-2026-43968	CR Injection in SSE Encoder Enables Event Splitting via cow_sse:event/1	12.05.2026
CVE-2026-43969	Cookie Request Header Injection via Unvalidated Encoder in cow_cookie:cookie/1	12.05.2026
CVE-2026-45222	Summarize Insecure Daemon Configuration File Permissions	11.05.2026
CVE-2026-45223	Crabbox < 0.9.0 Authentication Bypass via Admin Claim Injection	11.05.2026
CVE-2026-45224	Crabbox < 0.9.0 Path Traversal via Islo Provider Workspace Resolution	11.05.2026
CVE-2026-7790	Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS	12.05.2026
CVE-2026-8318	VectifyAI PageIndex PDF Table of Contents page_index.py toc_transformer infinite loop	11.05.2026
CVE-2026-30635		11.05.2026
CVE-2026-40612	jq: Stack overflow via unbounded recursion in jv_contains	11.05.2026
CVE-2026-41256	jq: Embedded NUL truncates top-level jq programs loaded with -f	11.05.2026	5.5
CVE-2026-41257	jq: Signed-int overflow in `stack_reallocate` (jq VM stack)	11.05.2026
CVE-2026-42856	Network-AI: Missing authentication on MCP HTTP endpoint allows unauthenticated privileged tool calls	11.05.2026
CVE-2026-42857	Open edX Platform: Stored CSS Injection in Email Notifications via Incomplete HTML Sanitization	11.05.2026	4.6
CVE-2026-42858	Open edX Platform: Server-Side Request Forgery (SSRF) in SAML Provider Data Sync Endpoint	11.05.2026	8.5
CVE-2026-42859	Neat VNC: Buffer overflow due to oversized RSA public keys	11.05.2026
CVE-2026-42860	Open edx Enterprise Service: SSRF via SAML metadata URL in sync_provider_data endpoint	11.05.2026	8.5
CVE-2026-42865	Inbox Zero: Cross-account cleaner email stream exposure	11.05.2026
CVE-2026-43639	Bitwarden Server < 2026.4.0 Missing Authorization via Provider Clients	11.05.2026
CVE-2026-43640	Bitwarden Server < 2026.4.1 Authentication Bypass via SCIM API Key	11.05.2026
CVE-2026-43894	jq: Wild stack write via signed-integer overflow in decNumber D2U() macro	11.05.2026	6.2
CVE-2026-43895	jq: Embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts	11.05.2026	4.4
CVE-2026-43896	jq: Stack Overflow in Recursive Object Merge	11.05.2026	6.2
CVE-2026-43995	Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)	11.05.2026
CVE-2026-44413		11.05.2026	8.2
CVE-2026-44777	jq: stack overflow in module loading on mutual `include`	11.05.2026
CVE-2026-7210	The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection	11.05.2026
CVE-2026-7308	Nexus Repository 3 - Stored Cross-Site Scripting (XSS) via HTML Browse Page	11.05.2026
CVE-2026-2291	CVE-2026-2291	11.05.2026
CVE-2026-2393	Server-Side Request Forgery (SSRF) in mlflow/mlflow	11.05.2026
CVE-2026-34093	Special:UserRights allows viewing user rights from private wiki	11.05.2026
CVE-2026-34094	Customized help link for page protection indicator is relative to subpage name, because the link target is missing the "/wiki/" prefix	11.05.2026
CVE-2026-34095	action=raw with Special:Mypage subpage title responds with "Content-Type: text/html" on ctype=text/javascript request	11.05.2026
CVE-2026-36962		11.05.2026
CVE-2026-36983		11.05.2026
CVE-2026-38566		11.05.2026
CVE-2026-38567		11.05.2026
CVE-2026-38568		11.05.2026
CVE-2026-38569		11.05.2026
CVE-2026-3048	Nexus Repository 3 - Improper LDAP Referral Handling	11.05.2026
CVE-2026-3609	XIGNCODE3 xhunter1.sys kernel driver contains a Privilege Escalation Vulnerability	11.05.2026
CVE-2026-41250	XSS in taiga-front	11.05.2026	5.7
CVE-2026-41431	Zen Browser MAR updater ships with signature verification removed — unsigned updates accepted	11.05.2026	8
CVE-2026-42312	pyload-ng: non-admin SETTINGS users can disable outbound TLS peer verification	11.05.2026	6.8
CVE-2026-42313	pyload-ng: non-admin SETTINGS users can redirect all outbound traffic through an attacker-controlled proxy	11.05.2026	8.3
CVE-2026-42314	pyLoad: Path Traversal via Package Folder Name	11.05.2026	6.5
CVE-2026-42315	pyLoad: Path Traversal via Package Folder Name in set_package_data	11.05.2026	8.1
CVE-2026-42316	KQL injection via kusto.tables.topics.mapping in kafka-sink-azure-kusto	11.05.2026	5.9
CVE-2026-43638	Bitwarden Server < 2026.4.1 Missing Authorization via Organization Cipher Import	11.05.2026
CVE-2026-44226	pyLoad: Unauthenticated traceback disclosure via global exception handler in WebUI	11.05.2026	5.3
CVE-2026-44658	Zen Browser: RSS Live-Folder Item URLs Are Not Scheme-Restricted Before Trusted Tab Creation	11.05.2026	2.4
CVE-2026-44659	Zen Browser Mac - Address Bar Spoofing via Long Subdomain	11.05.2026	4.7
CVE-2026-44991	OpenClaw < 2026.4.21 - Authorization Bypass in Owner-Enforced Commands via Wildcard Channel Senders	11.05.2026
CVE-2026-44992	OpenClaw 2026.4.5 < 2026.4.20 - MiniMax API Host Override via Workspace dotenv	11.05.2026
CVE-2026-44993	OpenClaw < 2026.4.20 - Direct Message Misclassification in Feishu Card Actions	11.05.2026
CVE-2026-44994	OpenClaw < 2026.4.22 - Authentication Bypass in Gateway Control UI Bootstrap Config Endpoint	11.05.2026
CVE-2026-44995	OpenClaw < 2026.4.20 - Arbitrary Code Execution via MCP stdio Environment Variables	11.05.2026
CVE-2026-44996	OpenClaw < 2026.4.15 - Arbitrary Local File Read via Webchat Audio Embedding	11.05.2026
CVE-2026-44997	OpenClaw < 2026.4.22 - Security Envelope Constraint Bypass in ACP Child Sessions	11.05.2026
CVE-2026-44998	OpenClaw < 2026.4.20 - Tool Policy Bypass via Bundled MCP/LSP Tools	11.05.2026
CVE-2026-44999	OpenClaw < 2026.4.20 - Improper Trust Labeling in Isolated Cron Awareness Events	11.05.2026
CVE-2026-45000	OpenClaw < 2026.4.20 - Server-Side Request Forgery via Browser CDP Profile Creation	11.05.2026
CVE-2026-45001	OpenClaw < 2026.4.20 - Gateway Config Mutation Guard Bypass via Agent Tool Access	11.05.2026
CVE-2026-45002	OpenClaw < 2026.4.20 - Hook Session-Key Bypass via Template Mapping	11.05.2026
CVE-2026-45003	OpenClaw < 2026.4.22 - Connector Endpoint Host Override via Workspace dotenv Files	11.05.2026
CVE-2026-45004	OpenClaw < 2026.4.23 - Arbitrary Code Execution via setup-api.js in Current Working Directory	11.05.2026
CVE-2026-45005	OpenClaw < 2026.4.23 - Webhook Route Secret Cache Not Invalidated After Rotation	11.05.2026
CVE-2026-45006	OpenClaw < 2026.4.23 - Unsafe Config Mutation via Gateway Tool Denylist Bypass	11.05.2026
CVE-2026-4890	CVE-2026-4890	11.05.2026
CVE-2026-4891	CVE-2026-4891	11.05.2026
CVE-2026-4892	CVE-2026-4892	11.05.2026
CVE-2026-4893	CVE-2026-4893	11.05.2026
CVE-2026-5172	CVE-2026-5172	11.05.2026
CVE-2026-5266		11.05.2026
CVE-2026-8305	OpenClaw bluebubbles Webhook monitor.ts handleBlueBubblesWebhookRequest improper authentication	11.05.2026
CVE-2026-31248		11.05.2026
CVE-2026-31249		11.05.2026
CVE-2026-31250		11.05.2026
CVE-2026-31251		11.05.2026
CVE-2026-31252		11.05.2026
CVE-2026-31253		11.05.2026
CVE-2026-31254		11.05.2026
CVE-2026-33356	Meari MQTT broker missing per-device subscribe ACL	11.05.2026	7.7
CVE-2026-33357	Meari OpenAPI device status IDOR	11.05.2026	7.5
CVE-2026-33359	Meari unauthenticated alert image access in cloud object storage	11.05.2026	7.5
CVE-2026-33361	Meari weak XOR obfuscation	11.05.2026	7.5
CVE-2026-33362	Meari SDK hardcoded cryptographic keys	11.05.2026	8.6
CVE-2026-36906		11.05.2026
CVE-2026-42349	Clerk: Authorization bypass when combining organization, billing, or reverification checks	11.05.2026
CVE-2026-42603	OWASP BLT: pre-commit-fix.yaml executes untrusted fork code via pull_request_target	11.05.2026	8.8
CVE-2026-42842	grav-plugin-form: XSS via Taxonomy Field Values in Admin Panel	11.05.2026	5.4
CVE-2026-42843	grav-plugin-api: Grav API Privilege Escalation to Super Admin	11.05.2026	8.8
CVE-2026-42845	Grav: Anonymous Page Content Overwrite via Form File Upload filename Override	11.05.2026
CVE-2026-44737	grav-plugin-admin: Stored Cross-Site Scripting (XSS) Reflected endpoint /admin/pages/[page], parameter data[header][title]	11.05.2026
CVE-2026-44738	Grav: Twig sandbox allows editor-role users to exfiltrate all plugin secrets via Config::toArray()	11.05.2026	7.7
CVE-2025-61305		11.05.2026
CVE-2025-61306		11.05.2026
CVE-2025-61307		11.05.2026
CVE-2025-61308		11.05.2026
CVE-2025-61309		11.05.2026
CVE-2025-61310		11.05.2026
CVE-2025-61311		11.05.2026
CVE-2025-61312		11.05.2026
CVE-2025-61313		11.05.2026
CVE-2025-61314		11.05.2026
CVE-2025-63750		11.05.2026
CVE-2025-65415		11.05.2026
CVE-2025-65416		11.05.2026
CVE-2025-65417		11.05.2026
CVE-2025-65418		11.05.2026
CVE-2026-31246		11.05.2026
CVE-2026-31247		11.05.2026
CVE-2026-34086	AbuseFilter misuses ::userCanBitfield, exposing access-controlled information	11.05.2026
CVE-2026-34087	Users API leaks whether privileged users have their user groups disabled for lack of 2FA	11.05.2026
CVE-2026-34088	RecentChanges entries expose suppressed content via generated log page html	11.05.2026
CVE-2026-34089	Memory leak in Scribunto causes runJobs.php to run out of memory	11.05.2026
CVE-2026-34090	Suggested investigations: Handle suppressed usernames	11.05.2026
CVE-2026-34091	User localization leaked by AbuseFilter + EventStream	11.05.2026
CVE-2026-34092	Block UI elements in 'tools'-sidebar shows presence of an autoblocked IP	11.05.2026
CVE-2026-3319	Multiple vulnerabilities in Cradle e-commerce	11.05.2026
CVE-2026-3320	Multiple vulnerabilities in Cradle e-commerce	11.05.2026
CVE-2026-42607	Grav: Remote Code Execution (RCE) via Malicious Plugin ZIP Upload in Direct Install Feature	11.05.2026	9.1
CVE-2026-42608	Grav: Unauthenticated Path Traversal & Arbitrary File Write in FormFlash component.	11.05.2026
CVE-2026-42609	Grav: Administrative Account Disruption and Privilege De-escalation via User Overwrite Logic	11.05.2026	8.1
CVE-2026-42610	Grav: Sensitive Information Disclosure via Accounts Service Bypass	11.05.2026	6.5
CVE-2026-42611	Grav: Stored XSS via Tag Injection	11.05.2026	8.9
CVE-2026-42612	Grav: Publisher-Level Stored XSS via Unquoted Event Attributes	11.05.2026	8.5
CVE-2026-42613	Grav: Privilege Escalation via Missing Server-Side Validation of groups/access	11.05.2026	9.4
CVE-2026-42841	Grav: Stored XSS via Markdown media attribute() action in Grav CMS	11.05.2026
CVE-2026-44197	Wagtail: Improper permission handling when comparing revisions	11.05.2026	6.5
CVE-2026-44198	Wagtail: Improper permission handling when viewing page history	11.05.2026	4.3
CVE-2026-44199	Wagtail: Improper permission handling when deleting form submissions	11.05.2026	6.5
CVE-2026-44200	Wagtail: Improper permission handling when copying pages	11.05.2026	6.5
CVE-2026-44201	Wagtail: Improper restriction handling on Documents and Images API	11.05.2026	5.3
CVE-2026-44643	Angular Expressions - Remote Code Execution using filters	11.05.2026
CVE-2026-6093	Corteza 2024.9.8 - SQL Injection in MSSQL JSON-path meta filter via incorrect T-SQL string escaping	11.05.2026
CVE-2026-6815	CVE-2026-6815	11.05.2026
CVE-2026-7813	pgAdmin 4: Cross-user data access and shared-server privilege escalation in server mode	11.05.2026	9.9
CVE-2026-7814	pgAdmin 4: Stored XSS via crafted PostgreSQL object names in Browser Tree and Explain Visualizer	11.05.2026	4.8
CVE-2026-7815	pgAdmin 4: SQL injection in Maintenance tool option values leading to remote code execution	11.05.2026	8.8
CVE-2026-7816	pgAdmin 4: OS command injection in Import/Export query export via psql metacommand breakout	11.05.2026	8.8
CVE-2026-7817	pgAdmin 4: Local file inclusion and server-side request forgery in LLM API configuration endpoints	11.05.2026	6.5
CVE-2026-7818	pgAdmin 4: Unsafe deserialization (CWE-502) in file-backed session manager leads to remote code execution	11.05.2026	7
CVE-2026-7819	pgAdmin 4: Symbolic-link path traversal in File Manager allows arbitrary file write	11.05.2026	8.1
CVE-2026-7820	pgAdmin 4: Account-lockout bypass via Flask-Security default /login view	11.05.2026	6.5
CVE-2026-8291	Open5GS NRF nnrf-handler.c ogs_nnrf_nfm_handle_nf_profile denial of service	11.05.2026
CVE-2026-8292	Open5GS NRF conv.c yuarel_parse denial of service	11.05.2026
CVE-2026-4802	Cockpit: cockpit: arbitrary command execution via crafted links in system logs ui	12.05.2026
CVE-2026-8289	Open5GS SMF nsmf-handler.c smf_nsmf_handle_update_data_in_vsmf denial of service	11.05.2026
CVE-2026-8290	Open5GS SMF nsmf-handler.c smf_nsmf_handle_update_data_in_vsmf denial of service	11.05.2026
CVE-2026-8288	Open5GS SMF gsm-handler.c denial of service	11.05.2026