CVE Field Guide

Critical CVEs

CVE	Title	Updated	Score
CVE-2026-41446	WattBox 800 & 820 Series < 2.10.0.0 RCE via Diagnostic Endpoints	28.04.2026	9.2
CVE-2026-24178		28.04.2026	9.8
CVE-2026-3893	Carlson Software VASCO-B GNSS Receiver Missing Authentication for Critical Function	28.04.2026	9.4
CVE-2026-41386	OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes	28.04.2026	9.1
CVE-2026-27760	OpenCATS PHP Code Injection via installer AJAX endpoint	28.04.2026	9.2
CVE-2026-5779	Multiple vulnerabilities in MphRx's Minerva	28.04.2026	9.4
CVE-2026-7241	Totolink A8000RU CGI cstecgi.cgi setWiFiBasicCfg os command injection	28.04.2026	9.3
CVE-2026-7242	Totolink A8000RU CGI cstecgi.cgi setOpenVpnClientCfg os command injection	28.04.2026	9.3
CVE-2026-7243	Totolink A8000RU CGI cstecgi.cgi setRadvdCfg os command injection	28.04.2026	9.3
CVE-2026-7244	Totolink A8000RU CGI cstecgi.cgi setWiFiEasyGuestCfg os command injection	28.04.2026	9.3
CVE-2026-7248	D-Link DI-8100 CGI Endpoint tgfile.htm tgfile_htm buffer overflow	28.04.2026	9.3
CVE-2026-7240	Totolink A8000RU CGI cstecgi.cgi setVpnAccountCfg os command injection	28.04.2026	9.3
CVE-2026-32644	Milesight Cameras Use of Hard-coded Cryptographic Key	28.04.2026	9.2
CVE-2026-7202	Totolink A8000RU CGI cstecgi.cgi setWiFiWpsStart os command injection	27.04.2026	9.3
CVE-2026-7203	Totolink A8000RU CGI cstecgi.cgi setUrlFilterRules os command injection	28.04.2026	9.3
CVE-2026-7204	Totolink A8000RU CGI cstecgi.cgi setPptpServerCfg os command injection	28.04.2026	9.3
CVE-2026-40976		29.04.2026	9.1
CVE-2026-7156	Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection	28.04.2026	9.3
CVE-2026-7154	Totolink A8000RU CGI cstecgi.cgi setAdvancedInfoShow os command injection	28.04.2026	9.3
CVE-2026-7155	Totolink A8000RU CGI cstecgi.cgi setLoginPasswordCfg os command injection	28.04.2026	9.3
CVE-2026-7152	Totolink A8000RU CGI cstecgi.cgi setTelnetCfg os command injection	28.04.2026	9.3
CVE-2026-7153	Totolink A8000RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection	28.04.2026	9.3
CVE-2026-7139	Totolink A8000RU CGI cstecgi.cgi setWiFiAclRules os command injection	27.04.2026	9.3
CVE-2026-7140	Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection	27.04.2026	9.3
CVE-2026-7136	Totolink A8000RU CGI cstecgi.cgi setDmzCfg os command injection	27.04.2026	9.3
CVE-2026-7137	Totolink A8000RU CGI cstecgi.cgi setStorageCfg os command injection	27.04.2026	9.3
CVE-2026-7138	Totolink A8000RU CGI cstecgi.cgi setNtpCfg os command injection	27.04.2026	9.3
CVE-2026-41462	ProjeQtor < 12.4.4 Unauthenticated SQL Injection via Login	27.04.2026	9.3
CVE-2026-7123	Totolink A8000RU CGI cstecgi.cgi setIptvCfg os command injection	27.04.2026	9.3
CVE-2026-7124	Totolink A8000RU CGI cstecgi.cgi setIpv6LanCfg os command injection	27.04.2026	9.3
CVE-2026-7125	Totolink A8000RU CGI cstecgi.cgi setWiFiEasyCfg os command injection	27.04.2026	9.3
CVE-2026-7121	Totolink A8000RU CGI cstecgi.cgi setWizardCfg os command injection	27.04.2026	9.3
CVE-2026-7122	Totolink A8000RU CGI cstecgi.cgi setUPnPCfg os command injection	27.04.2026	9.3
CVE-2026-22336	WordPress Directorist Booking plugin < 3.0.2 - SQL Injection vulnerability	28.04.2026	9.3
CVE-2026-22337	WordPress Directorist Social Login plugin < 2.1.4 - Privilege Escalation vulnerability	28.04.2026	9.8
CVE-2026-41409	Apache MINA: CWE-502 Deserialization of Untrusted Data	27.04.2026	9.8
CVE-2026-41635	Apache MINA: AbstractIoBuffer.resolveClass() null-clazz Branch Skips acceptMatchers Filter — Full Object Deserialization RCE	28.04.2026	9.8
CVE-2026-42363	GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability	27.04.2026	9.3
CVE-2026-7037	Totolink A8000RU CGI cstecgi.cgi setVpnPassCfg os command injection	27.04.2026	9.3
CVE-2026-31682	bridge: br_nd_send: linearize skb before parsing ND options	27.04.2026	9.1
CVE-2026-31685	netfilter: ip6t_eui64: reject invalid MAC header for all packets	27.04.2026	9.4
CVE-2026-6951		25.04.2026	9.2
CVE-2026-41248	Official Clerk JavaScript SDKs: Middleware-based route protection bypass	27.04.2026	9.1
CVE-2026-41478	Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)	27.04.2026	10
CVE-2026-41428	Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints	24.04.2026	9.1
CVE-2026-41327	Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field	24.04.2026	9.1
CVE-2026-41492	Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars in Dgraph	24.04.2026	9.8
CVE-2026-41328	Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field	24.04.2026	9.1
CVE-2026-6911	Authentication Bypass via Missing JWT Signature Verification in AWS Ops Wheel	24.04.2026	9.3
CVE-2026-39920	BridgeHead FileStore < 24A Apache Axis2 Default Credentials RCE	24.04.2026	9.3
CVE-2026-31536	smb: server: let send_done handle a completion without IB_SEND_SIGNALED	27.04.2026	9.8
CVE-2026-31589	mm: call ->free_folio() directly in folio_unmap_invalidate()	27.04.2026	9.8
CVE-2026-31607	usbip: validate number_of_packets in usbip_pack_ret_submit()	27.04.2026	9.8
CVE-2026-31608	smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()	27.04.2026	9.8
CVE-2026-31609	smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush()	27.04.2026	9.8
CVE-2026-31633	rxrpc: Fix integer overflow in rxgk_verify_response()	27.04.2026	9.8
CVE-2026-31636	rxrpc: fix RESPONSE authenticator parser OOB read	27.04.2026	9.1
CVE-2026-31637	rxrpc: reject undecryptable rxkad response tickets	27.04.2026	9.8
CVE-2026-31649	net: stmmac: fix integer underflow in chain mode	27.04.2026	9.8
CVE-2026-31657	batman-adv: hold claim backbone gateways by reference	27.04.2026	9.8
CVE-2026-31659	batman-adv: reject oversized global TT response buffers	27.04.2026	9.8
CVE-2026-31668	seg6: separate dst_cache for input and output paths in seg6 lwtunnel	27.04.2026	9.8
CVE-2026-31669	mptcp: fix slab-use-after-free in __inet_lookup_established	27.04.2026	9.8
CVE-2026-25660	Authentication bypass for certain API calls	24.04.2026	9.3
CVE-2026-21515	Azure IoT Central Elevation of Privilege Vulnerability	28.04.2026	9.9
CVE-2026-1950	No checking of the length of the buffer with the file name in AS320T	24.04.2026	9.8
CVE-2026-1951	No checking of the length of the buffer with the directory name in AS320T	24.04.2026	9.8
CVE-2026-1952	Denial of service via the undocumented subfunction in AS320T	24.04.2026	9.8
CVE-2026-1949	Incorrect calculation of buffer size on the stack in AS320T	24.04.2026	9.8
CVE-2026-25775	SenseLive X3050 Missing authentication for critical function	24.04.2026	9.3
CVE-2026-27843	SenseLive X3050 Missing authentication for critical function	24.04.2026	9.2
CVE-2026-35503	SenseLive X3050 Use of Hard-coded Credentials	24.04.2026	9.3
CVE-2026-39462	SenseLive X3050 Insufficiently Protected Credentials	24.04.2026	9.3
CVE-2026-40620	SenseLive X3050 Missing authentication for critical function	24.04.2026	9.3
CVE-2026-40630	SenseLive X3050 Authentication bypass using an alternate path or channel	24.04.2026	9.3
CVE-2026-24303	Microsoft Partner Center Elevation of Privilege Vulnerability	28.04.2026	9.6
CVE-2026-32210	Microsoft Dynamics 365 (online) Spoofing Vulnerability	28.04.2026	9.3
CVE-2026-33102	Microsoft 365 Copilot Elevation of Privilege Vulnerability	28.04.2026	9.3
CVE-2026-33819	Microsoft Bing Remote Code Execution Vulnerability	28.04.2026	10
CVE-2026-35431	Microsoft Entra ID Entitlement Management Spoofing Vulnerability	28.04.2026	10
CVE-2026-26210	KTransformers Unsafe Deserialization RCE via balance_serve	24.04.2026	9.3
CVE-2026-41274	Flowise: Cypher Injection in GraphCypherQAChain	24.04.2026	9.3
CVE-2026-6942	radare2-mcp <=1.6.0 OS Command Injection via Shell Metacharacter Bypass	24.04.2026	9.3
CVE-2026-25874	LeRobot Unsafe Deserialization Remote Code Execution via gRPC	24.04.2026	9.3
CVE-2026-41264	Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability	24.04.2026	9.2
CVE-2026-41265	Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability	23.04.2026	9.2
CVE-2026-41137	Flowise: Code Injection in CSVAgent leads to Authenticated RCE	23.04.2026	9.4
CVE-2026-6074	Path traversal: '.../...//' in Intrado 911 Emergency Gateway (EGW)	23.04.2026	9.3
CVE-2026-31533	net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption	27.04.2026	9.8
CVE-2025-62373	Pipecat vulnerable to Remote Code Execution by Pickle Deserialization via LivekitFrameSerializer	23.04.2026	9.8
CVE-2026-23751	Kofax Capture 6.0.0.0 Unauthenticated File Read/Write & SMB Coercion via .NET Remoting	25.04.2026	9.3
CVE-2026-40470	Hackage package and doc upload stored XSS vulnerability	23.04.2026	9.9
CVE-2026-40471	Hackage CSRF vulnerability	23.04.2026	9.6
CVE-2026-40472	Hackage package metadata stored XSS vulnerability	23.04.2026	9.9
CVE-2026-41460	SocialEngine <= 7.8.0 SQL Injection via activity/index/get-memberall	23.04.2026	9.3
CVE-2026-39440	WordPress FunnelFormsPro plugin <= 3.8.1 - Remote Code Execution (RCE) vulnerability	23.04.2026	9.9
CVE-2026-6885	BorG Technology Corporation｜Borg SPM 2007 - Arbitrary File Upload	23.04.2026	9.3
CVE-2026-6886	BorG Technology Corporation｜Borg SPM 2007 - Authentication Bypass	23.04.2026	9.3
CVE-2026-6887	BorG Technology Corporation｜Borg SPM 2007 - SQL Injection	23.04.2026	9.3
CVE-2026-41228	Froxlor has Local File Inclusion via path traversal in API `def_language` parameter that leads to Remote Code Execution	23.04.2026	10
CVE-2026-41229	Froxlor has a PHP Code Injection via Unescaped Single Quotes in userdata.inc.php Generation (MysqlServer API)	23.04.2026	9.1
CVE-2026-3844	Breeze Cache <= 2.4.4 - Unauthenticated Arbitrary File Upload via fetch_gravatar_from_remote	23.04.2026	9.8
CVE-2026-41196	Luanti has a mod security sandbox escape	23.04.2026	9
CVE-2026-41197	Brillig: Heap corruption in foreign call results with nested tuple arrays	25.04.2026	9.3
CVE-2026-41679	Paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass	23.04.2026	10
CVE-2026-41176	Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution	28.04.2026	9.2
CVE-2026-41179	RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution	28.04.2026	9.2
CVE-2026-41167	Jellystat has SQL Injection that leads to to Remote Code Execution	23.04.2026	9.1
CVE-2026-33656	EspoCRM vulnerable to authenticated RCE via Formula with path traversal in attachment `sourceId`, exploitable by admin user	23.04.2026	9.1
CVE-2026-33471	nimiq-block has skip block quorum bypass via out-of-range BitSet indices & u16 truncation	23.04.2026	9.6
CVE-2026-34415	Xerte Online Toolkits File Upload RCE via elfinder Connector	24.04.2026	9.3
CVE-2026-41468	Beghelli Sicuro24 SicuroWeb AngularJS Sandbox Escape via Template Injection	22.04.2026	9.3
CVE-2018-25270	ThinkPHP 5.0.23 Remote Code Execution via invokefunction	22.04.2026	9.3
CVE-2018-25272	ELBA5 5.8.0 Remote Code Execution via Database Access	22.04.2026	9.3
CVE-2026-31436	dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc()	27.04.2026	9.8
CVE-2026-31444	ksmbd: fix use-after-free and NULL deref in smb_grant_oplock()	27.04.2026	9.8
CVE-2026-31448	ext4: avoid infinite loops caused by residual data	27.04.2026	9.4
CVE-2026-31463	iomap: fix invalid folio access when i_blkbits differs from I/O granularity	27.04.2026	9.8
CVE-2026-31478	ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len()	27.04.2026	9.8
CVE-2026-31501	net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path	27.04.2026	9.8

Latest Updates

CVE	Title	Updated	Score
CVE-2026-42377	WordPress SureForms Pro plugin <= 2.8.0 - Broken Access Control vulnerability	29.04.2026	7.3
CVE-2026-21023		29.04.2026
CVE-2026-35155		29.04.2026	7.1
CVE-2026-23773		29.04.2026	4.3
CVE-2026-42615		29.04.2026	7.2
CVE-2026-40560	Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence	29.04.2026
CVE-2026-7333		28.04.2026
CVE-2026-7334		28.04.2026
CVE-2026-7335		28.04.2026
CVE-2026-7336		28.04.2026
CVE-2026-7337		28.04.2026
CVE-2026-7338		28.04.2026
CVE-2026-7339		28.04.2026
CVE-2026-7340		28.04.2026
CVE-2026-7341		28.04.2026
CVE-2026-7342		28.04.2026
CVE-2026-7343		28.04.2026
CVE-2026-7344		28.04.2026
CVE-2026-7345		28.04.2026
CVE-2026-7346		28.04.2026
CVE-2026-7347		28.04.2026
CVE-2026-7348		28.04.2026
CVE-2026-7349		28.04.2026
CVE-2026-7350		28.04.2026
CVE-2026-7351		28.04.2026
CVE-2026-7352		28.04.2026
CVE-2026-7353		28.04.2026
CVE-2026-7354		28.04.2026
CVE-2026-7355		28.04.2026
CVE-2026-7356		28.04.2026
CVE-2026-7357		28.04.2026
CVE-2026-7358		28.04.2026
CVE-2026-7359		28.04.2026
CVE-2026-7360		28.04.2026
CVE-2026-7361		28.04.2026
CVE-2026-7363		28.04.2026
CVE-2026-42167		28.04.2026	8.1
CVE-2026-5822		28.04.2026
CVE-2026-33467	Improper Verification of Cryptographic Signature in Elastic Package Registry Leading to Package Integrity Bypass	28.04.2026	5.9
CVE-2026-37750		28.04.2026
CVE-2026-41446	WattBox 800 & 820 Series < 2.10.0.0 RCE via Diagnostic Endpoints	28.04.2026
CVE-2026-41649	Outline has IDOR in document share creation that allows unauthorized access to private documents across workspaces	28.04.2026	7.7
CVE-2026-7296	SourceCodester Pizzafy Ecommerce System ajax.php save_order cross site scripting	28.04.2026
CVE-2026-7297	SourceCodester Pizzafy Ecommerce System ajax.php save_user cross site scripting	28.04.2026
CVE-2026-7303	Xuxueli xxl-job Execution Log JobLogController.java logDetailCat resource injection	28.04.2026
CVE-2026-7305	Xuxueli xxl-job trigger Endpoint XxlJobServiceImpl.java triggerJob server-side request forgery	28.04.2026
CVE-2026-7306	Xuxueli xxl-job OpenAPI Endpoint OpenApiController.java hard-coded key	28.04.2026
CVE-2026-7314	eiceblue spire-doc-mcp-server base.py get_doc_path path traversal	28.04.2026
CVE-2026-7315	eiceblue spire-pdf-mcp-server PDF File server.py get_pdf_path path traversal	28.04.2026
CVE-2026-7316	eiliyaabedini aider-mcp code_with_ai aider_mcp.py command injection	28.04.2026
CVE-2026-7317	Grav CMS Cache Value FileCache.php doGet deserialization	28.04.2026
CVE-2026-7318	elie mcp-project research_server.py search_papers path traversal	28.04.2026
CVE-2026-7319	elinsky execution-system-mcp add_action Tool server.py _get_context_file_path path traversal	28.04.2026
CVE-2026-24178		28.04.2026	9.8
CVE-2026-24186		28.04.2026	8.8
CVE-2026-24204		28.04.2026	6.5
CVE-2026-24222		28.04.2026	8.6
CVE-2026-24231		28.04.2026	6.3
CVE-2026-3893	Carlson Software VASCO-B GNSS Receiver Missing Authentication for Critical Function	28.04.2026	9.4
CVE-2026-41373	OpenClaw < 2026.3.31 - Compiler Binary Substitution via Environment Variable Override in Host Execution Policy	28.04.2026
CVE-2026-41374	OpenClaw < 2026.3.31 - Resource Consumption via Discord Audio Preflight Before Member Authorization	28.04.2026
CVE-2026-41375	OpenClaw < 2026.3.28 - Authorization Bypass in /phone arm and /phone disarm Endpoints	28.04.2026
CVE-2026-41376	OpenClaw < 2026.3.31 - Matrix Thread Context Allowlist Bypass via Sender Validation	28.04.2026
CVE-2026-41377	OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation	28.04.2026
CVE-2026-41378	OpenClaw < 2026.3.31 - Privilege Escalation to Remote Code Execution via Unrestricted node.event Agent Dispatch	28.04.2026
CVE-2026-41379	OpenClaw < 2026.3.28 - Privilege Escalation via chat.send to Admin-Class Talk Voice Config	28.04.2026
CVE-2026-41380	OpenClaw < 2026.3.28 - Arbitrary Execution Allowlist via Wrapper Carrier Executables	28.04.2026
CVE-2026-41381	OpenClaw < 2026.3.31 - Access Control Bypass in Discord Voice Manager via Channel Allowlist	28.04.2026
CVE-2026-41382	OpenClaw < 2026.3.31 - Discord Voice Ingress Authorization Bypass via Channel and Role Validation Gaps	28.04.2026
CVE-2026-41383	OpenClaw < 2026.4.2 - Arbitrary Remote Directory Deletion via Mis-scoped Mirror Mode Paths	28.04.2026
CVE-2026-41384	OpenClaw < 2026.3.24 - Environment Variable Injection via Workspace Config in CLI Backend	28.04.2026
CVE-2026-41385	OpenClaw < 2026.3.31 - Nostr Private Key Exposure via config.get Redaction Bypass	28.04.2026
CVE-2026-41386	OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes	28.04.2026
CVE-2026-41387	OpenClaw < 2026.3.22 - Supply Chain Redirection via Incomplete Host Environment Sanitization	28.04.2026
CVE-2026-41388	OpenClaw < 2026.3.31 - Configuration Rehydration via Empty-Array Revocation Handling	28.04.2026
CVE-2026-41390	OpenClaw < 2026.3.28 - Exec Allowlist Bypass via Unregistered /usr/bin/script Wrapper	28.04.2026
CVE-2026-41391	OpenClaw < 2026.3.31 - Environment Variable Bypass in Package Index URL Handling	28.04.2026
CVE-2026-41392	OpenClaw < 2026.3.31 - Exec Allowlist Bypass via Shell Init-File Options	28.04.2026
CVE-2026-41393	OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery	28.04.2026
CVE-2026-41394	OpenClaw < 2026.3.31 - Unauthorized Operator Scope Access in Unauthenticated Plugin-Auth Routes	28.04.2026
CVE-2026-41395	OpenClaw < 2026.3.28 - Webhook Replay via Query Parameter Reordering in Plivo V3	28.04.2026
CVE-2026-41396	OpenClaw < 2026.3.31 - Environment Variable Override of Plugin Trust Root	28.04.2026
CVE-2026-41397	OpenClaw < 2026.3.31 - Sandbox Escape via Unrestricted File Sync and Symlink Traversal	28.04.2026
CVE-2026-41398	OpenClaw - Unauthorized Agent Request Dispatch via Untrusted Local-Network Pages in iOS A2UI Bridge	28.04.2026
CVE-2026-41399	OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades	28.04.2026
CVE-2026-41400	OpenClaw < 2026.3.31 - Resource Consumption via Oversized WebSocket Frames in voice-call	28.04.2026
CVE-2026-41402	OpenClaw < 2026.3.31 - Webhook Replay Cache Cross-Target messageId Scope Bypass	28.04.2026
CVE-2026-41403	OpenClaw < 2026.3.31 - Access Control Bypass via Proxied Remote Request Misclassification	28.04.2026
CVE-2026-41404	OpenClaw < 2026.3.31 - Operator Admin Privilege Escalation via Trusted-Proxy Authentication	28.04.2026
CVE-2026-41405	OpenClaw < 2026.3.31 - Resource Exhaustion via Unauthenticated MS Teams Webhook Body Parsing	28.04.2026
CVE-2026-41406	OpenClaw < 2026.3.31 - Sender Allowlist Bypass via Thread History and Quoted Messages	28.04.2026
CVE-2026-41407	OpenClaw < 2026.4.2 - Timing Side Channel in Shared-Secret Comparison	28.04.2026
CVE-2026-41408	OpenClaw < 2026.3.31 - Disk Exhaustion via Media Download Bypass	28.04.2026
CVE-2026-41910	OpenClaw < 2026.4.8 - Missing Owner-Only Enforcement in /allowlist Cross-Channel Writes	28.04.2026
CVE-2026-41911	OpenClaw < 2026.4.8 - Workspace-Only Filesystem Policy Bypass via docx upload_file/upload_image	28.04.2026
CVE-2026-41912	OpenClaw < 2026.4.8 - Server-Side Request Forgery Policy Bypass via Interaction-Triggered Navigation	28.04.2026
CVE-2026-41913	OpenClaw < 2026.4.4 - Rate-Limit Bypass via Concurrent Async Authentication Attempts	28.04.2026
CVE-2026-41914	OpenClaw < 2026.4.8 - Server-Side Request Forgery in QQ Bot Media Fetch Paths	28.04.2026
CVE-2026-41915	OpenClaw < 2026.4.8 - Git Environment Variable Injection via Unfiltered Exec Environment	28.04.2026
CVE-2026-41916	OpenClaw < 2026.4.8 - Stale Authentication State via Config Reload	28.04.2026
CVE-2026-42420	OpenClaw < 2026.4.8 - Improper Base64 Decoding Size Validation	28.04.2026
CVE-2026-42421	OpenClaw < 2026.4.8 - WebSocket Session Persistence via Shared Gateway Token Rotation	28.04.2026
CVE-2026-42422	OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function	28.04.2026
CVE-2026-42423	OpenClaw < 2026.4.8 - strictInlineEval Approval Boundary Bypass via Approval-Timeout Fallback	28.04.2026
CVE-2026-42424	OpenClaw < 2026.4.8 - Local File Exfiltration via Shared Reply MEDIA Paths	28.04.2026
CVE-2026-42426	OpenClaw < 2026.4.8 - Improper Authorization in node.pair.approve via operator.write Scope	28.04.2026
CVE-2026-42427	OpenClaw < 2026.4.8 - Remote Code Execution via Build Tool Environment Variable Injection	28.04.2026
CVE-2026-42428	OpenClaw < 2026.4.8 - Missing Integrity Verification in Package Downloads	28.04.2026
CVE-2026-42429	OpenClaw < 2026.4.8 - Privilege Escalation via Gateway Plugin HTTP Authentication	28.04.2026
CVE-2026-42430	OpenClaw < 2026.4.8 - Strict Browser SSRF Bypass via Playwright Redirect Handling	28.04.2026
CVE-2026-42431	OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass	28.04.2026
CVE-2026-42432	OpenClaw < 2026.4.8 - Command Escalation via Node Pairing Reconnect Bypass	28.04.2026
CVE-2026-6807	NSA GRASSMARLIN Improper Restriction of XML External Entity Reference	28.04.2026	5.5
CVE-2026-7292	o2oa NodeAgent NodeAgent.java syncFile improper authorization	28.04.2026
CVE-2026-7293	SourceCodester Pizzafy Ecommerce System ajax.php delete_category sql injection	28.04.2026
CVE-2026-7294	SourceCodester Pizzafy Ecommerce System index.php save_settings cross site scripting	28.04.2026
CVE-2026-7295	SourceCodester Pizzafy Ecommerce System ajax.php save_menu cross site scripting	28.04.2026
CVE-2026-38949		28.04.2026
CVE-2026-5794	Vulnerability in Cryptobox allows an authenticated user to trigger an account lockout	28.04.2026
CVE-2026-6238	Buffer overread in ns_printrrf with corrupted RDATA field	28.04.2026
CVE-2026-7290	JeecgBoot loadDict Endpoint SqlInjectionUtil.java SqlInjectionUtil sql injection	28.04.2026
CVE-2026-7291	o2oa URL Fetching FileAction.java FileAction server-side request forgery	28.04.2026
CVE-2025-60887		28.04.2026	5.3
CVE-2025-60889		28.04.2026
CVE-2026-38651		28.04.2026
CVE-2026-38948		28.04.2026
CVE-2026-41873	Pony Mail: Admin account takeover via request smuggling	28.04.2026
CVE-2025-67223		28.04.2026
CVE-2026-40969	Spring gRPC AuthenticationException message reflected to remote client	28.04.2026	3.7
CVE-2026-7283	SourceCodester Pharmacy Sales and Inventory System ajax.php save_expired sql injection	28.04.2026
CVE-2026-7288	D-Link DIR-825M formVpnConfigSetup sub_4151FC buffer overflow	28.04.2026
CVE-2026-7289	D-Link DIR-825M formWanConfigSetup sub_414BA8 buffer overflow	28.04.2026
CVE-2026-27760	OpenCATS PHP Code Injection via installer AJAX endpoint	28.04.2026
CVE-2026-40556		29.04.2026
CVE-2026-40968	Spring gRPC SecurityContext leaks across requests on authorization failure	28.04.2026	4.3
CVE-2026-7282	SourceCodester Pharmacy Sales and Inventory System ajax.php delete_expired sql injection	28.04.2026
CVE-2026-7320	Information disclosure due to incorrect boundary conditions in the Audio/Video component	28.04.2026
CVE-2026-7321	Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component	29.04.2026
CVE-2026-7322	Memory safety bugs fixed in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1	28.04.2026
CVE-2026-7323	Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1	28.04.2026
CVE-2026-7324	Memory safety bugs fixed in Firefox 150.0.1	28.04.2026
CVE-2026-40550	Privilege Escalation in mpGabinet	28.04.2026
CVE-2026-40551	Use of Client-Side Authentication in mpGabinet	28.04.2026
CVE-2026-40552	Remote Code Execution in mpGabinet	28.04.2026
CVE-2026-5944	Cisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API Access	28.04.2026
CVE-2026-6706		28.04.2026
CVE-2026-7272	WilliamCloudQi matlab-mcp-server MCP index.ts execute_matlab_code path traversal	28.04.2026
CVE-2026-7281	SourceCodester Pharmacy Sales and Inventory System index.php supplier cross site scripting	28.04.2026
CVE-2026-5435	Potential buffer overflow in ns_sprintrrf TSIG handling path	28.04.2026
CVE-2026-5779	Multiple vulnerabilities in MphRx's Minerva	28.04.2026
CVE-2026-5780	Multiple vulnerabilities in MphRx's Minerva	28.04.2026
CVE-2026-5781	Multiple vulnerabilities in MphRx's Minerva	28.04.2026
CVE-2026-7269	SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting	28.04.2026
CVE-2026-7271	DV0x creative-ad-agent creative-ad-agent-server sdk-server.ts path traversal	28.04.2026
CVE-2026-7309	Openshift-controller-manager: openshift container platform: information disclosure via environment variable injection	28.04.2026
CVE-2026-7267	SourceCodester Pizzafy Ecommerce System view_prod.php sql injection	28.04.2026
CVE-2026-7268	SourceCodester Pizzafy Ecommerce System ajax.php save_category sql injection	28.04.2026