| CVE-2026-2582 |
Germanized for WooCommerce <= 3.20.5 - Unauthenticated Arbitrary Shortcode Execution |
14.04.2026 |
6.5 |
| CVE-2026-3017 |
Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts <= 3.0.12 - Authenticated (Administrator+) PHP Object Injection |
14.04.2026 |
7.2 |
| CVE-2026-1607 |
Surbma | Booking.com <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode |
14.04.2026 |
6.4 |
| CVE-2026-40287 |
PraisonAI has RCE via Automatic tools.py Import |
14.04.2026 |
8.4 |
| CVE-2026-40288 |
PraisonAI: Critical RCE via `type: job` workflow YAML |
14.04.2026 |
9.8 |
| CVE-2026-40289 |
PraisonAI Browser Server allows unauthenticated WebSocket clients to hijack connected extension sessions |
14.04.2026 |
9.1 |
| CVE-2026-40313 |
PraisonAI: ArtiPACKED Vulnerability via GitHub Actions Credential Persistence |
14.04.2026 |
9.1 |
| CVE-2026-40315 |
PraisonAI: SQLiteConversationStore didn't validate table_prefix when constructing SQL queries |
14.04.2026 |
|
| CVE-2026-4059 |
ShopLentor <= 3.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'button_text' Shortcode Attribute |
14.04.2026 |
6.4 |
| CVE-2026-4479 |
WholeSale Products Dynamic Pricing Management WooCommerce <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings |
14.04.2026 |
4.4 |
| CVE-2026-34984 |
External Secrets Operator has DNS exfiltration via getHostByName in its v2 template engine |
14.04.2026 |
|
| CVE-2026-4388 |
Form Maker by 10Web <= 1.15.40 - Unauthenticated Stored Cross-Site Scripting via Matrix Field Text Box |
14.04.2026 |
7.2 |
| CVE-2026-6227 |
BackWPup <= 5.6.6 - Authenticated (Administrator+) Local File Inclusion via 'block_name' Parameter |
14.04.2026 |
7.2 |
| CVE-2026-6264 |
Critical Security fix for the Talend JobServer and Talend Runtime |
14.04.2026 |
9.8 |
| CVE-2026-34225 |
Open WebUI has Blind Server Side Request Forgery in its Image Edit Functionality |
14.04.2026 |
4.3 |
| CVE-2026-39419 |
MaxKB: Sandbox Result Validation Bypass via Tool Output Spoofing |
14.04.2026 |
3.1 |
| CVE-2026-39425 |
MaxKB: Stored XSS via Unsanitized html_rander Tags in Markdown Rendering |
14.04.2026 |
|
| CVE-2026-39426 |
MaxKB: Stored XSS via Unsanitized iframe_render Parsing |
14.04.2026 |
|
| CVE-2026-4352 |
JetEngine <= 3.8.6.1 - Unauthenticated SQL Injection via '_cct_search' Parameter |
14.04.2026 |
7.5 |
| CVE-2026-4365 |
LearnPress <= 4.3.2.8 - Missing Authorization to Unauthenticated Arbitrary Quiz Answer Deletion |
14.04.2026 |
9.1 |
| CVE-2026-34256 |
Missing Authorization check in SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise) |
14.04.2026 |
7.1 |
| CVE-2026-34257 |
Open Redirect vulnerability in SAP NetWeaver Application Server ABAP |
14.04.2026 |
6.1 |
| CVE-2026-34261 |
Missing Authorization check in SAP Business Analytics and SAP Content Management |
14.04.2026 |
6.5 |
| CVE-2026-34262 |
Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer |
14.04.2026 |
5 |
| CVE-2026-34264 |
Information Disclosure vulnerability in SAP Human Capital Management for SAP S/4HANA |
14.04.2026 |
6.5 |
| CVE-2026-39418 |
MaxKB: SSRF via sandbox network hook bypass |
14.04.2026 |
5 |
| CVE-2026-39420 |
MaxKB: Sandbox escape via LD_PRELOAD bypass |
14.04.2026 |
6.3 |
| CVE-2026-39421 |
MaxKB: Sandbox escape via ctypes and unhooked SYS_pkey_mprotect |
14.04.2026 |
6.3 |
| CVE-2026-39422 |
MaxKB has Stored XSS via ChatHeadersMiddleware |
14.04.2026 |
|
| CVE-2026-39423 |
Stored XSS via Eval Injection in EchartsRander Component |
14.04.2026 |
|
| CVE-2026-39424 |
MaxKB has CSV Injection in its Application Chat Export Functionality |
14.04.2026 |
|
| CVE-2026-0512 |
Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog) |
14.04.2026 |
6.1 |
| CVE-2026-24318 |
Insecure Session Management vulnerability in SAP BusinessObjects Business Intelligence Platform |
14.04.2026 |
4.2 |
| CVE-2026-27672 |
Missing Authorization check in Material Master Application |
14.04.2026 |
4.3 |
| CVE-2026-27673 |
Missing Authorization Check in SAP S/4HANA (Private Cloud and On-Premise) |
14.04.2026 |
4.9 |
| CVE-2026-27674 |
Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java) |
14.04.2026 |
6.1 |
| CVE-2026-27675 |
Code Injection vulnerability in SAP Landscape Transformation |
14.04.2026 |
2 |
| CVE-2026-27676 |
Missing Authorization check in SAP S/4HANA OData Service (Manage Technical Object Structures) |
14.04.2026 |
4.3 |
| CVE-2026-27677 |
Missing Authorization check in SAP S/4HANA OData Service (Manage Reference Equipment) |
14.04.2026 |
6.5 |
| CVE-2026-27678 |
Missing Authorization check in SAP S/4HANA Backend OData Service (Manage Reference Structures) |
14.04.2026 |
6.5 |
| CVE-2026-27679 |
Missing Authorization check in SAP S/4HANA Frontend OData Service (Manage Reference Structures) |
14.04.2026 |
6.5 |
| CVE-2026-27681 |
SQL Injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse |
14.04.2026 |
9.9 |
| CVE-2026-27683 |
Reflected cross site scripting vulnerability in SAP BusinessObjects Business Intelligence Platform |
14.04.2026 |
4.1 |
| CVE-2026-34069 |
nimiq-consensus panics via RequestMacroChain micro-block locator |
13.04.2026 |
5.3 |
| CVE-2026-39417 |
MaxKB: RCE via MCP stdio command injection in workflow engine |
14.04.2026 |
4.6 |
| CVE-2026-33948 |
jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input |
13.04.2026 |
|
| CVE-2026-40164 |
jq: Algorithmic complexity DoS via hardcoded MurmurHash3 seed |
13.04.2026 |
7.5 |
| CVE-2026-5086 |
Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks |
14.04.2026 |
|
| CVE-2026-39979 |
jq: Out-of-Bounds Read in jv_parse_sized() Error Formatting for Non-NUL-Terminated Counted Buffers |
13.04.2026 |
|
| CVE-2026-6203 |
User Registration & Membership <= 5.1.4 - Unauthenticated Open Redirect via 'redirect_to_on_logout' Parameter |
13.04.2026 |
6.1 |
| CVE-2026-39956 |
jq: Missing runtime type checks for _strindices lead to crash and limited memory disclosure |
13.04.2026 |
6.1 |
| CVE-2026-33947 |
jq: Unbounded Recursion in jv_setpath(), jv_getpath() and delpaths_sorted() |
13.04.2026 |
6.2 |
| CVE-2026-40311 |
ImageMagick: Heap-use-after-free via XMP profile could result in a crash when printing values |
13.04.2026 |
5.5 |
| CVE-2026-40312 |
ImageMagick: Off-by-One in MSL decoder could result in crash |
13.04.2026 |
6.2 |
| CVE-2026-4786 |
Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open() |
13.04.2026 |
|
| CVE-2026-22562 |
|
13.04.2026 |
9.8 |
| CVE-2026-22563 |
|
13.04.2026 |
9.8 |
| CVE-2026-22564 |
|
13.04.2026 |
9.8 |
| CVE-2026-22565 |
|
13.04.2026 |
|
| CVE-2026-22566 |
|
13.04.2026 |
7.5 |
| CVE-2026-40169 |
ImageMagick: Heap buffer overflow (WRITE) in the YAML and JSON encoders |
13.04.2026 |
6.2 |
| CVE-2026-40183 |
ImageMagick: Heap buffer overflow when encoding JXL image with a 16-bit float |
13.04.2026 |
5.5 |
| CVE-2026-40310 |
ImageMagick: Heap out-of-bounds write in JP2 encoder |
13.04.2026 |
5.5 |
| CVE-2026-33902 |
ImageMagick: Stack Overflow via Recursive FX Expression Parsing |
13.04.2026 |
5.5 |
| CVE-2026-33905 |
ImageMagick has an Out-of-Bounds read via -sample operation |
13.04.2026 |
5.5 |
| CVE-2026-33908 |
ImageMagick is vulnerable to Stack Overflow in DestroyXMLTree() |
13.04.2026 |
7.5 |
| CVE-2026-34238 |
ImageMagick: Integer overflow in despeckle operation causes heap buffer overflow on 32-bit builds |
13.04.2026 |
5.1 |
| CVE-2026-6220 |
HummerRisk Video File Download URL ServerService.java ServerService.addServer server-side request forgery |
13.04.2026 |
|
| CVE-2026-6224 |
nocobase plugin-workflow-javascript Vm.js createSafeConsole sandbox |
13.04.2026 |
|
| CVE-2025-70936 |
|
13.04.2026 |
|
| CVE-2026-26460 |
|
13.04.2026 |
|
| CVE-2026-33740 |
EspoCRM: Email importEml can import and delete another user's attachment by raw fileId |
13.04.2026 |
5.4 |
| CVE-2026-33899 |
ImageMagick: Heap BufferOverflow write of single zero byte when parsing XML |
13.04.2026 |
5.3 |
| CVE-2026-33900 |
ImageMagick has a Heap overflow caused by integer overflow/wraparound in viff encoder on 32-bit builds |
13.04.2026 |
5.9 |
| CVE-2026-33901 |
ImageMagick has a Heap Buffer Overflow via MVG decoder |
13.04.2026 |
7.5 |
| CVE-2026-6219 |
aandrew-me ytDownloader Compressor Feature compressor.js child_process.exec command injection |
13.04.2026 |
|
| CVE-2025-51414 |
|
13.04.2026 |
|
| CVE-2026-31280 |
|
13.04.2026 |
|
| CVE-2026-32271 |
Craft Commerce: SQL Injection can lead to Remote Code Execution via TotalRevenue Widget |
13.04.2026 |
|
| CVE-2026-32272 |
Craft Commerce: Blind SQL Injection via hasVariant/hasProduct |
13.04.2026 |
|
| CVE-2026-33659 |
EspoCRM: SSRF via DNS Rebinding in Attachment fromImageUrl Endpoint Allows Internal Network Access |
13.04.2026 |
3.5 |
| CVE-2026-6216 |
DbGate SVG Icon String FontIcon.svelte cross site scripting |
13.04.2026 |
|
| CVE-2026-6218 |
aandrew-me ytDownloader Error Details Panel createTextNode cross site scripting |
13.04.2026 |
|
| CVE-2026-32270 |
Craft Commerce: Unauthenticated information disclosure in `commerce/payments/pay` can leak some customer order data on anonymous payments |
13.04.2026 |
|
| CVE-2026-33534 |
EspoCRM has authenticated SSRF via internal-host validation bypass using alternative IPv4 notation |
13.04.2026 |
4.3 |
| CVE-2026-33657 |
EspoCRM: Stored HTML injection in email notifications about stream notes via unescaped post field |
13.04.2026 |
4.6 |
| CVE-2026-6215 |
DbGate REST/GraphQL openApiDriver.ts apiServerUrl1 server-side request forgery |
13.04.2026 |
|
| CVE-2026-31048 |
|
13.04.2026 |
|
| CVE-2026-32605 |
Nimiq: Remote crash via off-by-one signer bounds check in proposal buffer |
13.04.2026 |
7.5 |
| CVE-2026-6201 |
CodeAstro Online Job Portal Delete Job Posting job-delete.php access control |
13.04.2026 |
|
| CVE-2026-6202 |
code-projects Easy Blog Site post.php sql injection |
13.04.2026 |
|
| CVE-2026-6199 |
Tenda F456 qossetting fromqossetting stack-based overflow |
13.04.2026 |
|
| CVE-2026-6200 |
Tenda F456 webtypelibrary formwebtypelibrary stack-based overflow |
13.04.2026 |
|
| CVE-2026-29955 |
|
13.04.2026 |
|
| CVE-2026-40038 |
Pachno 1.0.6 Stored Cross-Site Scripting via Multiple Parameters |
13.04.2026 |
|
| CVE-2026-40039 |
Pachno 1.0.6 Open Redirection via return_to Parameter |
13.04.2026 |
|
| CVE-2026-40040 |
Pachno 1.0.6 Unrestricted File Upload Remote Code Execution |
13.04.2026 |
|
| CVE-2026-40041 |
Pachno 1.0.6 Cross-Site Request Forgery via State-Changing Endpoints |
13.04.2026 |
|
| CVE-2026-40042 |
Pachno 1.0.6 Wiki TextParser XML External Entity Injection |
13.04.2026 |
|
| CVE-2026-40043 |
Pachno 1.0.6 Authentication Bypass via runSwitchUser() |
13.04.2026 |
|
| CVE-2026-40044 |
Pachno 1.0.6 FileCache Deserialization Remote Code Execution |
13.04.2026 |
|
| CVE-2026-6197 |
Tenda F456 AdvSetWrlsafeset formWrlsafeset stack-based overflow |
13.04.2026 |
|
| CVE-2026-6198 |
Tenda F456 NatStaticSetting fromNatStaticSetting stack-based overflow |
13.04.2026 |
|
| CVE-2026-32316 |
jq: Integer overflow in jvp_string_append() allows Heap-based Buffer Overflow |
13.04.2026 |
8.2 |
| CVE-2026-6196 |
Tenda F456 exeCommand fromexeCommand stack-based overflow |
13.04.2026 |
|
| CVE-2025-3756 |
Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850 |
13.04.2026 |
|
| CVE-2026-28291 |
simple-git has Command Execution via Option-Parsing Bypass |
13.04.2026 |
8.1 |
| CVE-2026-6100 |
Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure |
13.04.2026 |
|
| CVE-2026-6194 |
Totolink A3002MU HTTP Request formWlanSetup sub_410188 stack-based overflow |
13.04.2026 |
|
| CVE-2026-6195 |
Totolink A7100RU CGI cstecgi.cgi setPasswordCfg os command injection |
13.04.2026 |
|
| CVE-2026-23891 |
Decidim has a Cross-site scripting (XSS) vulnerability via user name field |
13.04.2026 |
|
| CVE-2026-6192 |
uclouvain openjpeg pi.c opj_pi_initialise_encode integer overflow |
13.04.2026 |
|
| CVE-2026-6193 |
PHPGurukul Daily Expense Tracking System register.php sql injection |
13.04.2026 |
|
| CVE-2026-33555 |
|
13.04.2026 |
4 |
| CVE-2026-36948 |
|
13.04.2026 |
|
| CVE-2026-36950 |
|
13.04.2026 |
|
| CVE-2026-36952 |
|
13.04.2026 |
|
| CVE-2026-39940 |
ChurchCRM has an Open Redirect via the ‘linkBack’ URL Parameter in DonatedItemEditor.php |
13.04.2026 |
|
| CVE-2026-6189 |
SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection |
13.04.2026 |
|
| CVE-2026-6190 |
itsourcecode Construction Management System employees.php sql injection |
13.04.2026 |
|
| CVE-2026-6191 |
itsourcecode Construction Management System equipments.php sql injection |
13.04.2026 |
|
| CVE-2025-31991 |
HCL DevOps Velocity is susceptible to brute-force attacks |
13.04.2026 |
6.8 |
| CVE-2025-63743 |
|
13.04.2026 |
|
| CVE-2026-30804 |
Unrestricted File Upload in Extension Uploader leads to Remote Code Execution |
13.04.2026 |
|
| CVE-2026-30806 |
OS Command Injection in Network Report leads to Remote Code Execution |
13.04.2026 |
|
| CVE-2026-30809 |
OS Command Injection in WebServerModuleDebug via Blacklist Bypass leads to Remote Code Execution |
13.04.2026 |
|
| CVE-2026-30811 |
Missing Authorization in Configuration Ajax Endpoint leads to Information Disclosure |
13.04.2026 |
|
| CVE-2026-30812 |
Stored Cross-Site Scripting in Event Comments via Filter Bypass |
13.04.2026 |
|
| CVE-2026-30813 |
SQL Injection in Module Search leads to Database Compromise |
13.04.2026 |
|
| CVE-2026-34186 |
SQL Injection in Custom Fields leads to Database Compromise |
13.04.2026 |
|
| CVE-2026-34188 |
OS Command Injection in Event Response Execution |
13.04.2026 |
|
| CVE-2026-36937 |
|
13.04.2026 |
|
| CVE-2026-36938 |
|
13.04.2026 |
|
| CVE-2026-6187 |
SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection |
13.04.2026 |
|
| CVE-2026-6188 |
SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection |
13.04.2026 |
|
| CVE-2026-6231 |
bson_validate may skip validation when processing certain inputs |
13.04.2026 |
|
| CVE-2025-66769 |
|
13.04.2026 |
|
| CVE-2025-69624 |
|
13.04.2026 |
|
| CVE-2025-69627 |
|
13.04.2026 |
|
| CVE-2026-6184 |
code-projects Simple Content Management System welcome.php cross site scripting |
13.04.2026 |
|
| CVE-2026-6186 |
UTT HiPER 1200GW formNatStaticMap strcpy buffer overflow |
13.04.2026 |
|
| CVE-2025-66236 |
Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI |
13.04.2026 |
|
| CVE-2026-1462 |
Safe Mode Bypass in keras-team/keras |
13.04.2026 |
|
| CVE-2026-30997 |
|
13.04.2026 |
|
| CVE-2026-30998 |
|
13.04.2026 |
|
| CVE-2026-30999 |
|
13.04.2026 |
|
| CVE-2026-33858 |
Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys (__type/__var) Bypass in XCom API |
14.04.2026 |
|
| CVE-2026-36941 |
|
13.04.2026 |
|
| CVE-2026-6182 |
code-projects Simple Content Management System login.php sql injection |
13.04.2026 |
|
| CVE-2026-6183 |
code-projects Simple Content Management System index.php sql injection |
13.04.2026 |
|
| CVE-2026-29628 |
|
13.04.2026 |
|
| CVE-2026-31281 |
|
13.04.2026 |
|
| CVE-2026-31282 |
|
13.04.2026 |
|
| CVE-2026-31283 |
|
13.04.2026 |
|
| CVE-2026-36942 |
|
13.04.2026 |
|
| CVE-2026-36943 |
|
13.04.2026 |
|
| CVE-2026-36944 |
|
13.04.2026 |
|
| CVE-2026-36945 |
|
13.04.2026 |
|
| CVE-2026-31414 |
netfilter: nf_conntrack_expect: use expect->helper |
13.04.2026 |
|
| CVE-2026-31415 |
ipv6: avoid overflows in ip6_datagram_send_ctl() |
13.04.2026 |
|
| CVE-2026-31416 |
netfilter: nfnetlink_log: account for netlink header size |
13.04.2026 |
|
| CVE-2026-31417 |
net/x25: Fix overflow when accumulating packets |
13.04.2026 |
|
| CVE-2026-31418 |
netfilter: ipset: drop logically empty buckets in mtype_del |
13.04.2026 |
|
| CVE-2026-31419 |
net: bonding: fix use-after-free in bond_xmit_broadcast() |
13.04.2026 |
|
| CVE-2026-31420 |
bridge: mrp: reject zero test interval to avoid OOM panic |
13.04.2026 |
|
| CVE-2026-31421 |
net/sched: cls_fw: fix NULL pointer dereference on shared blocks |
13.04.2026 |
|
| CVE-2026-31422 |
net/sched: cls_flow: fix NULL pointer dereference on shared blocks |
13.04.2026 |
|
| CVE-2026-31423 |
net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() |
13.04.2026 |
|
| CVE-2026-31424 |
netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP |
13.04.2026 |
|
| CVE-2026-31425 |
rds: ib: reject FRMR registration before IB connection is established |
13.04.2026 |
|
| CVE-2026-31426 |
ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() |
13.04.2026 |
|
| CVE-2026-31427 |
netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp |
13.04.2026 |
|
| CVE-2026-31428 |
netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD |
13.04.2026 |
|
| CVE-2026-36946 |
|
13.04.2026 |
|
| CVE-2026-36947 |
|
13.04.2026 |
|
| CVE-2026-34476 |
Apache SkyWalking MCP: Server-Side Request Forgery via SW-URL Header in MCP Server |
13.04.2026 |
|
| CVE-2026-36922 |
|
13.04.2026 |
|
| CVE-2026-36923 |
|
13.04.2026 |
|