CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-34621 Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321) 11.04.2026 9.6
CVE-2026-4149 Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability 11.04.2026 10
CVE-2026-5058 aws-mcp-server Command Injection Remote Code Execution Vulnerability 11.04.2026 9.8
CVE-2026-5059 aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability 11.04.2026 9.8
CVE-2026-40189 goshs has a file-based ACL authorization bypass in goshs state-changing routes 10.04.2026 9.3
CVE-2026-40175 Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain 10.04.2026 10
CVE-2026-40177 Password bypass when 2FA is activated 10.04.2026 9.3
CVE-2026-33707 Weak Password Recovery Mechanism for Forgotten Password in chamilo/chamilo-lms 10.04.2026 9.4
CVE-2026-33698 Chamilo LMS affected by unauthenticated RCE in main/install folder 10.04.2026 9.3
CVE-2026-32892 OS Command Injection in Chamilo LMS 1.11.36 10.04.2026 9.1
CVE-2026-40157 PraisonAI affected by arbitrary file write via path traversal in `praisonai recipe unpack` 10.04.2026 9.4
CVE-2026-5412 Juju CloudSpec API could leak senstive information 10.04.2026 9.9
CVE-2026-1115 Stored XSS in parisneo/lollms 10.04.2026 9.6
CVE-2026-6028 Totolink A7100RU CGI cstecgi.cgi setPptpServerCfg os command injection 10.04.2026 9.3
CVE-2026-6029 Totolink A7100RU CGI cstecgi.cgi setVpnAccountCfg os command injection 10.04.2026 9.3
CVE-2026-6026 Totolink A7100RU CGI cstecgi.cgi setPortalConfWeChat os command injection 10.04.2026 9.3
CVE-2026-6027 Totolink A7100RU CGI cstecgi.cgi setUrlFilterRules os command injection 10.04.2026 9.3
CVE-2026-6025 Totolink A7100RU CGI cstecgi.cgi setSyslogCfg os command injection 10.04.2026 9.3
CVE-2026-5996 Totolink A7100RU CGI cstecgi.cgi setAdvancedInfoShow os command injection 10.04.2026 9.3
CVE-2026-5997 Totolink A7100RU CGI cstecgi.cgi setLoginPasswordCfg os command injection 10.04.2026 9.3
CVE-2026-5993 Totolink A7100RU CGI cstecgi.cgi setWiFiGuestCfg os command injection 10.04.2026 9.3
CVE-2026-5994 Totolink A7100RU CGI cstecgi.cgi setTelnetCfg os command injection 10.04.2026 9.3
CVE-2026-5995 Totolink A7100RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection 10.04.2026 9.3
CVE-2026-34424 Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Access Toolkit 09.04.2026 9.3
CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords 09.04.2026 9.1
CVE-2026-33784 JSI Virtual Lightweight Collector: Default password is not required to be changed which allows unauthorized high-privileged access 09.04.2026 9.3
CVE-2026-40154 PraisonAI Affected by Untrusted Remote Template Code Execution 10.04.2026 9.3
CVE-2026-40111 PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py) 09.04.2026 9.3
CVE-2026-5977 Totolink A7100RU CGI cstecgi.cgi setWiFiBasicCfg os command injection 09.04.2026 9.3
CVE-2026-5978 Totolink A7100RU CGI cstecgi.cgi setWiFiAclRules os command injection 09.04.2026 9.3
CVE-2026-5976 Totolink A7100RU CGI cstecgi.cgi setStorageCfg os command injection 09.04.2026 9.3
CVE-2025-13926 Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision 10.04.2026 9.3
CVE-2026-40088 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in praisonai 09.04.2026 9.7
CVE-2026-40089 Sonicverse has Server-Side Request Forgery via user-controlled URLs in dashboard API client 09.04.2026 9.9
CVE-2026-5194 wolfSSL ECDSA Certificate Verification 10.04.2026 9.3
CVE-2026-5975 Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection 09.04.2026 9.3
CVE-2026-28205 Initialization of a resource with an insecure default in OpenPLC_V3 10.04.2026 9.2
CVE-2026-34971 Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift 09.04.2026 9
CVE-2026-34987 Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access 10.04.2026 9
CVE-2026-35556 Plaintext storage of a password in OpenPLC_V3 10.04.2026 9.2
CVE-2026-39912 v2board / Xboard Authentication Token Exposure via loginWithMailLink 09.04.2026 9.1
CVE-2026-39980 OpenCTI affected by RCE via notifier template 09.04.2026 9.1
CVE-2026-39987 marimo Affected by Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass 09.04.2026 9.3
CVE-2025-62718 Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF 09.04.2026 9.3
CVE-2026-34177 VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf 09.04.2026 9.1
CVE-2026-34178 Importing a crafted backup leads to project restriction bypass 09.04.2026 9.1
CVE-2026-34179 Update of type field in restricted TLS certificate allows privilege escalation to cluster admin 09.04.2026 9.1
CVE-2026-5852 Totolink A7100RU CGI cstecgi.cgi setIptvCfg os command injection 09.04.2026 9.3
CVE-2026-5853 Totolink A7100RU CGI cstecgi.cgi setIpv6LanCfg os command injection 09.04.2026 9.3
CVE-2026-5854 Totolink A7100RU CGI cstecgi.cgi setWiFiEasyCfg os command injection 09.04.2026 9.3
CVE-2026-5850 Totolink A7100RU CGI cstecgi.cgi setVpnPassCfg os command injection 09.04.2026 9.3
CVE-2026-5851 Totolink A7100RU CGI cstecgi.cgi setUPnPCfg os command injection 09.04.2026 9.3
CVE-2026-1830 Quick Playground <= 1.3.1 - Missing Authorization to Unauthenticated Arbitrary File Upload 09.04.2026 9.8
CVE-2026-3199 Nexus Repository 3 - Authenticated Remote Code Execution via Task Property Injection 09.04.2026 9.4
CVE-2026-40035 Unfurl - Werkzeug Debugger Exposure via String Config Parsing 09.04.2026 9.3
CVE-2026-39860 Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination 09.04.2026 9
CVE-2026-39888 PraisonAIAgents has a sandbox escape via exception frame traversal in `execute_code` (subprocess mode) 09.04.2026 10
CVE-2026-39890 PraisonAI Affected by Remote Code Execution via YAML Deserialization in Agent Definition Loading 09.04.2026 9.8
CVE-2026-2942 ProSolution WP Client <= 1.9.9 - Unauthenticated Arbitrary File Upload via proSol_fileUploadProcess 08.04.2026 9.8
CVE-2025-14815 Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64 08.04.2026 9.3
CVE-2025-14816 Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64 08.04.2026 9.3
CVE-2026-25776 08.04.2026 9.3
CVE-2026-3535 DSGVO Google Web Fonts GDPR <= 1.1 - Unauthenticated Arbitrary File Upload via 'fonturl' Parameter 08.04.2026 9.8
CVE-2026-4003 Users manager – PN <= 1.1.15 - Unauthenticated Privilege Escalation via Account Takeover via 'userspn_form_save' AJAX Action 08.04.2026 9.8
CVE-2026-3296 Everest Forms <= 3.4.3 - Unauthenticated PHP Object Injection via Form Entry Metadata 08.04.2026 9.8
CVE-2026-1346 Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access 09.04.2026 9.3
CVE-2026-34078 Flatpak has a complete sandbox escape leading to host file access and code execution in the host context 11.04.2026 9.3
CVE-2026-39846 SiYuan affected by Remote Code Execution in the Electron desktop client via stored XSS in synced table captions 08.04.2026 9.1
CVE-2026-39847 Emmett has a path traversal in internal assets handler 08.04.2026 9.1
CVE-2026-34580 Botan has a certificate authentication bypass due to trust anchor confusion 09.04.2026 9.3
CVE-2026-33439 Pre-Authentication Remote Code Execution via `jato.clientSession` Deserialization in OpenAM 08.04.2026 9.3
CVE-2026-39397 @delmaredigital/payload-puc is missing authorization on /api/puck/* CRUD endpoints allows unauthenticated access to Puck-registered collections 07.04.2026 9.4
CVE-2026-39382 dbt has a Command Injection in Reusable Workflow via Unsanitized comment-body Output 08.04.2026 9.3
CVE-2026-39322 PolarLearn: Any password authenticates banned accounts and grants API access 09.04.2026 9.2
CVE-2026-39355 Genealogy is Missing Authorization in `TeamController::transferOwnership()` Allows Any Authenticated User to Hijack Any Team (Broken Access Control) 08.04.2026 10
CVE-2026-39324 Rack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserialization 08.04.2026 9.3
CVE-2026-39337 ChurchCRM Affected by Unauthenticated RCE in Install Wizard 07.04.2026 10
CVE-2026-39339 ChurchCRM has an API Authentication Bypass 07.04.2026 9.1
CVE-2026-39342 ChurchCRM has a SQL injection searchwhat parameter via QueryView.php 09.04.2026 9.4
CVE-2026-35573 ChurchCRM has a Path traversal leads to RCE 08.04.2026 9.1
CVE-2026-23696 Windmill < 1.603.3 File Ownership Handling SQLi RCE 08.04.2026 9.4
CVE-2026-35614 Frappe has a SQL injection in bulk_update 09.04.2026 9.3
CVE-2026-35615 PraisonAI has a Path Traversal in FileTools 09.04.2026 9.2
CVE-2026-39305 Arbitrary File Write / Path Traversal in Action Orchestrator 07.04.2026 9
CVE-2026-4631 Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection 10.04.2026 9.8
CVE-2026-35580 Emissary has GitHub Actions Shell Injection via Workflow Inputs 07.04.2026 9.1
CVE-2026-35490 changedetection.io has an Authentication Bypass via Decorator Ordering 09.04.2026 9.8
CVE-2026-20889 08.04.2026 9.8
CVE-2026-20911 08.04.2026 9.8
CVE-2026-21413 08.04.2026 9.8
CVE-2026-5627 Path Traversal in mintplex-labs/anything-llm 07.04.2026 9.1
CVE-2021-4473 Tianxin Internet Behavior Management System Command Injection via toQuery.php 08.04.2026 9.3
CVE-2026-22679 Weaver E-cology 10.0 Unauthenticated RCE via dubboApi Debug Endpoint 07.04.2026 9.3
CVE-2025-39666 omd: Local privilege escalation when executing omd commands as root 07.04.2026 9.3
CVE-2026-1114 Improper Access Control via Weak JWT Token in parisneo/lollms 07.04.2026 9.8
CVE-2026-0740 Ninja Forms - File Upload <= 3.3.26 - Unauthenticated Arbitrary File Upload 08.04.2026 9.8
CVE-2026-35471 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs 07.04.2026 9.8
CVE-2026-35392 goshs has an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs PUT Upload 07.04.2026 9.8
CVE-2026-35393 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs POST multipart upload 08.04.2026 9.8
CVE-2026-35459 pyLoad has SSRF fix bypass via HTTP redirect 07.04.2026 9.3
CVE-2026-35022 Anthropic Claude Code & Agent SDK OS Command Injection via Authentication Helper 07.04.2026 9.3
CVE-2026-35178 Workbench Affected by Remote Code Execution (RCE) via Malicious Cookie in Timezone Conversion 07.04.2026 9.3
CVE-2026-35174 Chyrp Lite has a Path Traversal to Remote Code Execution 07.04.2026 9.1
CVE-2026-35050 text-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml". 07.04.2026 9.1
CVE-2026-35171 Arbitrary Code Execution via Malicious Logging Configuration in Kedro 07.04.2026 9.8
CVE-2026-35047 Brave CMS has Unrestricted File Upload in BraveCMS via CKEditor Endpoint 07.04.2026 9.3
CVE-2026-35030 LiteLLM has an authentication bypass via OIDC userinfo cache key collision 07.04.2026 9.4
CVE-2026-35039 fast-jwt Affected by Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup) 08.04.2026 9.1
CVE-2026-34989 CI4MS affected by Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 07.04.2026 9.4
CVE-2026-34841 Axios npm Supply Chain Incident Impacting @usebruno/cli 08.04.2026 9.8
CVE-2026-34976 Dgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization 07.04.2026 10
CVE-2026-34977 Aperi'Solve Affected by Unauthenticated RCE via JPSeek Analyzer Command 07.04.2026 9.3
CVE-2026-34950 fast-jwt has an incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key 06.04.2026 9.1
CVE-2026-34208 SandboxJS: Sandbox integrity escape 06.04.2026 10
CVE-2026-26026 GLPI has a Server-Side Template Injection via Double-Compilation 07.04.2026 9.1
CVE-2019-25687 Pegasus CMS 1.0 Remote Code Execution via extra_fields.php 06.04.2026 9.3

Latest Updates

CVE Title Updated Score
CVE-2026-23900 Extension - phoca.cz - Stored XSS vectors in Phoca Maps component 5.0.0 - 6.0.2 for Joomla 11.04.2026
CVE-2026-32146 Improper Path Validation in Git Dependency Handling Allows Arbitrary File System Modification 11.04.2026
CVE-2026-5809 wpForo Forum <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion via 'data[body][fileurl]' Parameter 11.04.2026 7.1
CVE-2026-34621 Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321) 11.04.2026 9.6
CVE-2026-3358 Tutor LMS <= 3.9.7 - Missing Authorization to Authenticated (Subscriber+) Unauthorized Private Course Enrollment 11.04.2026 5.4
CVE-2026-3371 Tutor LMS <= 3.9.7 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Course Content Modification 11.04.2026 4.3
CVE-2026-3498 BlockArt Blocks <= 2.2.15 - Authenticated (Author+) Stored Cross-Site Scripting via 'clientId' Block Attribute 11.04.2026 6.4
CVE-2026-4895 Greenshift <= 12.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via disablelazy Attribute 11.04.2026 6.4
CVE-2026-4979 UsersWP <= 1.2.58 - Authenticated (Subscriber+) Server-Side Request Forgery via 'uwp_crop' Parameter 11.04.2026 5
CVE-2026-5144 BuddyPress Groupblog <= 1.9.3 - Authenticated (Subscriber+) Privilege Escalation to Administrator via Group Blog IDOR 11.04.2026 8.8
CVE-2026-5207 LifterLMS <= 9.2.1 - Authenticated (Custom+) SQL Injection via 'order' Parameter 11.04.2026 6.5
CVE-2026-5217 Optimole <= 4.2.2 - Unauthenticated Stored Cross-Site Scripting via Srcset Descriptor Parameter 11.04.2026 7.2
CVE-2026-5226 Optimole <= 4.2.3 - Reflected Cross-Site Scripting via Page Profiler URL 11.04.2026 6.1
CVE-2026-3689 OpenClaw Canvas Path Traversal Information Disclosure Vulnerability 11.04.2026
CVE-2026-3690 OpenClaw Canvas Authentication Bypass Vulnerability 11.04.2026
CVE-2026-3691 OpenClaw Client PKCE Verifier Information Disclosure Vulnerability 11.04.2026
CVE-2026-40354 11.04.2026 2.9
CVE-2026-4149 Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability 11.04.2026
CVE-2026-4150 GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability 11.04.2026
CVE-2026-4151 GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability 11.04.2026
CVE-2026-4152 GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability 11.04.2026
CVE-2026-4153 GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability 11.04.2026
CVE-2026-4154 GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability 11.04.2026
CVE-2026-4155 ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability 11.04.2026
CVE-2026-4156 ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability 11.04.2026
CVE-2026-4157 ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability 11.04.2026
CVE-2026-4158 KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability 11.04.2026
CVE-2026-5053 NoMachine External Control of File Path Arbitrary File Deletion Vulnerability 11.04.2026
CVE-2026-5054 NoMachine External Control of File Path Local Privilege Escalation Vulnerability 11.04.2026
CVE-2026-5055 NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability 11.04.2026
CVE-2026-5058 aws-mcp-server Command Injection Remote Code Execution Vulnerability 11.04.2026
CVE-2026-5059 aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability 11.04.2026
CVE-2026-5493 Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 11.04.2026
CVE-2026-5494 Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 11.04.2026
CVE-2026-5495 Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 11.04.2026
CVE-2026-5496 Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability 11.04.2026
CVE-2026-40198 Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass 10.04.2026
CVE-2026-40199 Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass 10.04.2026
CVE-2026-33118 Microsoft Edge (Chromium-based) Spoofing Vulnerability 10.04.2026 4.3
CVE-2026-33119 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability 10.04.2026 5.4
CVE-2026-5724 Missing Authentication on Streaming gRPC Replication Endpoint 10.04.2026
CVE-2026-40252 Broken Access Control (IDOR) Leading to Cross-Tenant Application Access in FastGPT 10.04.2026
CVE-2026-40194 phpseclib has a variable-time HMAC comparison in SSH2::get_binary_packet() using != instead of hash_equals() 10.04.2026 3.7
CVE-2026-40242 Arcane Unauthenticated SSRF with Conditional Response Reflection in Template Fetch Endpoint 10.04.2026 7.2
CVE-2026-40191 ClearanceKit has a policy bypass via dual-path Endpoint Security events checking only source path 10.04.2026
CVE-2026-39921 GeoNode < 4.4.5, 5.0.2 SSRF via Document Upload 10.04.2026
CVE-2026-39922 GeoNode < 4.4.5, 5.0.2 SSRF via Service Registration 10.04.2026
CVE-2026-40180 Zip Slip Path Traversal in quarkus-openapi-generator ApicurioCodegenWrapper class 10.04.2026
CVE-2026-40184 Unauthenticated Access to Uploaded Files in TREK 10.04.2026 3.7
CVE-2026-40185 Missing Authorization on Immich Trip Photo Routes in TREK 10.04.2026 7.1
CVE-2026-40188 goshs is Missing Write Protection for Parametric Data Values 10.04.2026 7.7
CVE-2026-40189 goshs has a file-based ACL authorization bypass in goshs state-changing routes 10.04.2026
CVE-2026-40190 LangSmith Client SDKs has Prototype Pollution in langsmith-sdk via Incomplete `__proto__` Guard in Internal lodash `set()` 10.04.2026 5.6
CVE-2026-30232 Chartbrew has SSRF in API Data Connection - No IP Validation on User-Provided URLs 10.04.2026
CVE-2026-32252 Chartbrew Cross-Tenant Template Export and Secret Disclosure in `GET /team/:team_id/template/generate/:project_id` 10.04.2026 7.7
CVE-2026-40168 Postiz has Server-Side Request Forgery via Redirect Bypass in /api/public/stream 10.04.2026 8.2
CVE-2026-40175 Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain 10.04.2026 10
CVE-2026-40177 Password bypass when 2FA is activated 10.04.2026
CVE-2026-40178 ajenti.plugin.core has a race conditions in 2FA 10.04.2026
CVE-2026-27460 Tandoor Recipes Affected by Denial of Service via Recipe Import 10.04.2026 6.5
CVE-2026-33706 Chamilo LMS has a REST API Self-Privilege Escalation (Student → Teacher) 10.04.2026 7.1
CVE-2026-33707 Weak Password Recovery Mechanism for Forgotten Password in chamilo/chamilo-lms 10.04.2026 9.4
CVE-2026-33708 Chamilo LMS has REST API PII Exposure via get_user_info_from_username 10.04.2026 6.5
CVE-2026-33710 Chamilo LMS has Weak REST API Key Generation (Predictable) 10.04.2026 7.5
CVE-2026-33736 Chamilo LMS has an Insecure Direct Object Reference (IDOR) - User Data Exposure 10.04.2026 6.5
CVE-2026-33737 Chamilo LMS has an XML External Entity (XXE) Injection 10.04.2026 5.3
CVE-2026-33704 Chamilo LMS Affected by Authenticated Arbitrary File Write via BigUpload endpoint 10.04.2026 7.1
CVE-2026-33705 Chamilo LMS has unauthenticated access to Twig template source files exposes application logic 10.04.2026 5.3
CVE-2026-33702 Chamilo LMS has an Insecure Direct Object Reference (IDOR) 10.04.2026 7.1
CVE-2026-33703 Chamilo LMS Critical IDOR: Any Authenticated User Can Extract All Users’ Personal Data and API Tokens 10.04.2026
CVE-2026-3446 Base64 decoding stops at first padded quad by default 10.04.2026