CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-35490 changedetection.io has an Authentication Bypass via Decorator Ordering 07.04.2026 9.8
CVE-2026-20889 07.04.2026 9.8
CVE-2026-20911 07.04.2026 9.8
CVE-2026-21413 07.04.2026 9.8
CVE-2026-5627 Path Traversal in mintplex-labs/anything-llm 07.04.2026 9.1
CVE-2021-4473 Tianxin Internet Behavior Management System Command Injection via toQuery.php 07.04.2026 9.3
CVE-2026-22679 Weaver E-cology 10.0 Unauthenticated RCE via dubboApi Debug Endpoint 07.04.2026 9.3
CVE-2025-39666 omd: Local privilege escalation when executing omd commands as root 07.04.2026 9.3
CVE-2026-1114 Improper Access Control via Weak JWT Token in parisneo/lollms 07.04.2026 9.8
CVE-2026-0740 Ninja Forms - File Upload <= 3.3.26 - Unauthenticated Arbitrary File Upload 07.04.2026 9.8
CVE-2026-35471 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs 06.04.2026 9.8
CVE-2026-35392 goshs has an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs PUT Upload 06.04.2026 9.8
CVE-2026-35393 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs POST multipart upload 06.04.2026 9.8
CVE-2026-35459 pyLoad has SSRF fix bypass via HTTP redirect 06.04.2026 9.3
CVE-2026-35022 Anthropic Claude Code & Agent SDK OS Command Injection via Authentication Helper 06.04.2026 9.3
CVE-2026-35178 Workbench Affected by Remote Code Execution (RCE) via Malicious Cookie in Timezone Conversion 07.04.2026 9.3
CVE-2026-35174 Chyrp Lite has a Path Traversal to Remote Code Execution 07.04.2026 9.1
CVE-2026-35050 text-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml". 07.04.2026 9.1
CVE-2026-35171 Arbitrary Code Execution via Malicious Logging Configuration in Kedro 07.04.2026 9.8
CVE-2026-35047 Brave CMS has Unrestricted File Upload in BraveCMS via CKEditor Endpoint 07.04.2026 9.3
CVE-2026-35030 LiteLLM has an authentication bypass via OIDC userinfo cache key collision 07.04.2026 9.4
CVE-2026-35039 fast-jwt Affected by Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup) 07.04.2026 9.1
CVE-2026-34989 CI4MS affected by Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 06.04.2026 9.4
CVE-2026-34841 Axios npm Supply Chain Incident Impacting @usebruno/cli 06.04.2026 9.8
CVE-2026-34976 Dgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization 06.04.2026 10
CVE-2026-34977 Aperi'Solve Affected by Unauthenticated RCE via JPSeek Analyzer Command 07.04.2026 9.3
CVE-2026-34950 fast-jwt has an incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key 06.04.2026 9.1
CVE-2026-34208 SandboxJS: Sandbox integrity escape 06.04.2026 10
CVE-2026-26026 GLPI has a Server-Side Template Injection via Double-Compilation 07.04.2026 9.1
CVE-2019-25687 Pegasus CMS 1.0 Remote Code Execution via extra_fields.php 06.04.2026 9.3
CVE-2016-20052 Snews CMS 1.7 Unrestricted File Upload via snews_files 06.04.2026 9.3
CVE-2018-25254 NICO-FTP 3.0.1.19 Buffer Overflow SEH 06.04.2026 9.3
CVE-2026-35616 07.04.2026 9.1
CVE-2017-20236 ProSoft Technology ICX35-HWC Command Injection via Web Interface 06.04.2026 9.3
CVE-2026-34938 PraisonAI: Python Sandbox Escape via str Subclass startswith() Override in execute_code 06.04.2026 10
CVE-2026-34952 PraisonAI: Missing Authentication in WebSocket Gateway 06.04.2026 9.1
CVE-2026-34953 PraisonAI: Authentication Bypass in OAuthManager.validate_token() 06.04.2026 9.1
CVE-2017-20234 GarrettCom Magnum 6K and 10K Authentication Bypass via Hardcoded String 06.04.2026 9.3
CVE-2018-25236 Hirschmann HiOS HiSecOS Authentication Bypass via HTTP Management 06.04.2026 9.3
CVE-2021-4477 Hirschmann HiLCOS OpenBAT BAT450 IPv6 IPsec Firewall Bypass 06.04.2026 9.3
CVE-2026-34612 Kestra: Remote Code Execution via SQL Injection 06.04.2026 10
CVE-2026-34934 PraisonAI: Second-Order SQL Injection in `get_all_user_threads` 06.04.2026 9.8
CVE-2026-34935 PraisonAI: OS Command Injection in MCPHandler.parse_mcp_command() 06.04.2026 9.8
CVE-2018-25237 Hirschmann HiSecOS Buffer Overflow via HTTPS Login 06.04.2026 9.3
CVE-2017-20237 Hirschmann Industrial HiVision Authentication Bypass Remote Code Execution 06.04.2026 9.3
CVE-2026-25197 Gardyn Cloud API Authorization Bypass Through User-Controlled Key 07.04.2026 9.3
CVE-2026-28766 Gardyn Cloud API Missing Authentication for Critical Function 07.04.2026 9.2
CVE-2026-35560 Improper certificate validation in identity provider connection components in Amazon Athena ODBC driver 07.04.2026 9.1
CVE-2026-35561 Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver 07.04.2026 9.1
CVE-2026-28798 Arbitrary internal service access via /v1/sys/proxy when Cloudflare Tunnel is enabled on ZimaOS 06.04.2026 9.1
CVE-2026-32186 Microsoft Bing Elevation of Privilege Vulnerability 07.04.2026 10
CVE-2026-0545 Missing Authentication for Critical Function in mlflow/mlflow 03.04.2026 9.1
CVE-2026-35216 Budibase: Unauthenticated Remote Code Execution via Webhook Trigger and Bash Automation Step 03.04.2026 9.1
CVE-2026-31818 Budibase: Server-Side Request Forgery via REST Connector with Empty Default Blacklist 03.04.2026 9.6
CVE-2026-5463 03.04.2026 9.3
CVE-2026-26135 Azure Custom Locations Resource Provider (RP) Elevation of Privilege Vulnerability 07.04.2026 9.6
CVE-2026-32211 Azure MCP Server Information Disclosure Vulnerability 07.04.2026 9.1
CVE-2026-32213 Azure AI Foundry Elevation of Privilege Vulnerability 07.04.2026 10
CVE-2026-33105 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability 07.04.2026 10
CVE-2026-33107 Azure Databricks Elevation of Privilege Vulnerability 07.04.2026 10
CVE-2025-15620 HiOS Switch Platform Denial-of-Service via Web Interface 03.04.2026 9.2
CVE-2024-14034 Hirschmann HiEOS Authentication Bypass via HTTP Management Module 03.04.2026 9.3
CVE-2026-34838 Group-Office: Authenticated Remote Code Execution via PHP Insecure Deserialization in `AbstractSettingsCollection` 03.04.2026 10
CVE-2026-35053 OneUptime: Unauthenticated Workflow Execution via ManualAPI 03.04.2026 9.2
CVE-2026-34745 Unauthenticated Path Traversal Arbitrary File Write in /api/uploadChunked/public 02.04.2026 9.1
CVE-2026-34758 OneUptime: Missing Authentication on Notification Endpoints 03.04.2026 9.1
CVE-2026-34759 OneUptime: Unauthenticated notification API endpoints - financial abuse via phone number purchase, service disruption, and SMTP credential exposure 03.04.2026 9.2
CVE-2026-34717 OpenProject: SQL Injection in Cost Reporting =n Operator via parse_number_string 03.04.2026 9.9
CVE-2026-33950 signalk-server: Privilege Escalation by Admin Role Injection via /enableSecurity 03.04.2026 9.4
CVE-2026-33746 Convoy: JWT Signature Verification Bypass Allows Authentication as Arbitrary Users 02.04.2026 9.8
CVE-2026-32871 FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability 02.04.2026 10
CVE-2026-35002 Agno < 2.3.24 field_type Eval Injection Arbitrary Code Execution 02.04.2026 9.3
CVE-2026-2699 EAR vulnerability in Progress ShareFile Storage Zones Controller (SZC) 03.04.2026 9.8
CVE-2026-2701 RCE vulnerability in Progress ShareFile Storage Zones Controller (SZC) 03.04.2026 9.1
CVE-2026-33615 MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the setinfo Endpoint 02.04.2026 9.1
CVE-2026-34563 CI4MS: Backup Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM Blind XSS 02.04.2026 9.1
CVE-2026-34564 CI4MS: Menu Management (Pages) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 02.04.2026 9.1
CVE-2026-34565 CI4MS: Menu Management (Posts) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 02.04.2026 9.1
CVE-2026-34566 CI4MS: Pages Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 04.04.2026 9.1
CVE-2026-34567 CI4MS: Blogs Posts (Categories) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 02.04.2026 9.1
CVE-2026-34568 CI4MS: Blogs Posts Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 02.04.2026 9.1
CVE-2026-34569 CI4MS: Blogs Categories Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 02.04.2026 10
CVE-2026-34571 CI4MS: Stored Cross‑Site Scripting (Stored XSS) in Backend User Management Allows Session Hijacking and Full Administrative Account Compromise 02.04.2026 10
CVE-2026-34559 CI4MS: Blogs Tags Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 02.04.2026 9.1
CVE-2026-34560 CI4MS: Logs Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS 02.04.2026 9.1
CVE-2026-34456 Reviactyl: OAuth account takeover via auto-linking 02.04.2026 9.1
CVE-2026-34751 Payload has Unvalidated Input in Password Recovery Endpoints 04.04.2026 9.1
CVE-2026-34159 llama.cpp: Unauthenticated RCE via GRAPH_COMPUTE buffer=0 bypass in llama.cpp RPC backend 02.04.2026 9.8
CVE-2026-20093 Cisco Integrated Management Controller Authentication Bypass Vulnerability 02.04.2026 9.8
CVE-2026-20160 Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability 02.04.2026 9.8
CVE-2026-29014 MetInfo CMS Unauthenticated PHP Code Injection RCE 03.04.2026 9.3
CVE-2026-4370 Improper TLS Client/Server authentication and certificate verification on Database Cluster 01.04.2026 10
CVE-2025-71279 XenForo Passkey Security Bypass 01.04.2026 9.3
CVE-2026-34448 SiYuan: Stored XSS in Attribute View gallery/kanban cover rendering allows arbitrary command execution in the desktop client 03.04.2026 9.1
CVE-2026-34449 SiYuan: Cross-Origin RCE via Permissive CORS Policy and JavaScript Snippet Injection 01.04.2026 9.7
CVE-2026-34406 APTRS: Privilege Escalation via Mass Assignment of is_superuser in User Edit Endpoint 03.04.2026 9.4
CVE-2026-1579 PX4 Autopilot Missing authentication for critical function 31.03.2026 9.3

Latest Updates

CVE Title Updated Score
CVE-2026-33815 CVE-2026-33815 in github.com/jackc/pgx 07.04.2026
CVE-2026-33816 CVE-2026-33816 in github.com/jackc/pgx 07.04.2026
CVE-2026-35519 Pi-hole FTL affected by Remote Code Execution (RCE) via dns.hostRecord Newline Injection 07.04.2026 8.8
CVE-2026-35520 Pi-hole FTL affected by Remote Code Execution (RCE) via dhcp.leaseTime Newline Injection 07.04.2026 8.8
CVE-2026-35521 Pi-hole FTL affected by Remote Code Execution (RCE) via dhcp.hosts Newline Injection 07.04.2026 8.8
CVE-2026-35526 Strawberry GraphQL affected by a Denial of Service via unbounded WebSocket subscriptions 07.04.2026 7.5
CVE-2026-35534 ChurchCRM has Stored XSS in PersonView.php via Facebook Field Attribute Injection 07.04.2026 7.6
CVE-2026-35566 ChurchCRM has a SQL Injection via Unquoted Session Value in FundRaiserStatement.php 07.04.2026 8.8
CVE-2026-35567 SQL Injection in MemberRoleChange.php 07.04.2026 8.8
CVE-2026-35571 Emissary has Stored XSS via Navigation Template Link Injection 07.04.2026 4.8
CVE-2026-4931 CVE-2026-4931 07.04.2026
CVE-2024-36057 07.04.2026
CVE-2025-24817 An OS Command Injection vulnerability in Nokia MantaRay NM 07.04.2026
CVE-2025-24818 An OS Command Injection vulnerability in Nokia MantaRay NM 07.04.2026
CVE-2025-24819 A Relative Path Traversal vulnerability in Nokia MantaRay NM 07.04.2026
CVE-2025-52908 07.04.2026
CVE-2026-1078 An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robotic Automation version 22.1 or R25 users who are running automations that work with Google Chrome or Microsoft Edge. 07.04.2026
CVE-2026-1079 A native messaging host vulnerability in Pega Browser Extension (PBE) affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension. 07.04.2026
CVE-2026-30460 07.04.2026
CVE-2026-35486 text-generation-webui has a SSRF in superbooga/superboogav2 extensions — no URL validation 07.04.2026 7.5
CVE-2026-35487 text-generation-webui has a Path Traversal in load_prompt() — .txt file read without authentication 07.04.2026 5.3
CVE-2026-35488 Tandoor Recipes — CustomIsShared permits DELETE/PUT on RecipeBook by shared (read-only) users 07.04.2026 8.1
CVE-2026-35489 Tandoor Recipes — `amount`/`unit` bypass serializer in `food/{id}/shopping/` 07.04.2026 7.3
CVE-2026-35490 changedetection.io has an Authentication Bypass via Decorator Ordering 07.04.2026 9.8
CVE-2026-35491 Pi-hole FTL: CLI API sessions can import Teleporter archives and modify configuration 07.04.2026 6.1
CVE-2026-35492 Kedro-Datasets has a path traversal vulnerability in PartitionedDataset allows arbitrary file write 07.04.2026 6.5
CVE-2026-35515 @nestjs/core Improperly Neutralizes Special Elements in Output Used by a Downstream Component ('Injection') 07.04.2026
CVE-2026-35516 LinkAce has SSRF via CheckLinksCommand - Link URL Update Bypasses laravel-html-meta Protection 07.04.2026 5
CVE-2026-35517 Pi-hole FTL affected by Remote Code Execution (RCE) via dns.upstreams Newline Injection 07.04.2026 8.8
CVE-2026-35518 Pi-hole FTL affected by Remote Code Execution (RCE) via dns.cnameRecords Newline Injection 07.04.2026 8.8
CVE-2026-5359 07.04.2026
CVE-2026-5745 Libarchive: a null pointer dereference vulnerability exists in the acl parser of libarchive 07.04.2026
CVE-2025-52909 07.04.2026
CVE-2025-62818 07.04.2026
CVE-2026-30079 07.04.2026
CVE-2026-33033 Potential denial-of-service vulnerability in MultiPartParser via base64-encoded file upload 07.04.2026
CVE-2026-33034 Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass 07.04.2026
CVE-2026-35405 libp2p-rendezvous: Unlimited namespace registrations per peer enables OOM DoS on rendezvous servers 07.04.2026 7.5
CVE-2026-35457 libp2p-rust has unbounded rendezvous DISCOVER cookies enable remote memory exhaustion 07.04.2026 8.2
CVE-2026-35458 Gotenberg has a ReDoS via extraHttpHeaders scope feature 07.04.2026
CVE-2026-35460 Papra has an HTML Injection in Transactional Emails via Unescaped User Display Name 07.04.2026 4.3
CVE-2026-35461 Papra has a Blind Server-Side Request Forgery (SSRF) via Webhook URL 07.04.2026 5
CVE-2026-35462 Papra Does Not Reject Expired API Keys 07.04.2026 4.3
CVE-2026-35463 pyLoad has Improper Neutralization of Special Elements used in an OS Command 07.04.2026 8.8
CVE-2026-35464 pyLoad has an incomplete fix for CVE-2026-33509: unprotected storage_folder enables arbitrary file write to Flask session store and code execution 07.04.2026 7.5
CVE-2026-35480 go-ipld-prime's DAG-CBOR decoder unbounded memory allocation from CBOR headers 07.04.2026 6.2
CVE-2026-35481 07.04.2026
CVE-2026-35483 text-generation-webui has a Path Traversal in load_template() — .jinja/.yaml/.yml file read without authentication 07.04.2026 5.3
CVE-2026-35484 text-generation-webui has a Path Traversal in load_preset() — .yaml file read without authentication 07.04.2026 5.3
CVE-2026-35485 text-generation-webui has a Path Traversal in load_grammar() — arbitrary file read without authentication 07.04.2026 7.5
CVE-2026-3902 ASGI header spoofing via underscore/hyphen conflation 07.04.2026
CVE-2026-4277 Privilege abuse in GenericInlineModelAdmin 07.04.2026
CVE-2026-4292 Privilege abuse in ModelAdmin.list_editable 07.04.2026
CVE-2026-4740 Rhacm: open cluster management (ocm): cross-cluster privilege escalation via improper kubernetes client certificate renewal validation 07.04.2026
CVE-2026-5376 runZero Platform session timeout failure 07.04.2026 5.9
CVE-2026-5378 runZero Platform user creation leak 07.04.2026 5.8
CVE-2026-5379 runZero Platform MCP certification information leak 07.04.2026 3
CVE-2026-5380 runZero Platform cleartext secret exposure 07.04.2026 5.3
CVE-2026-5381 runZero Platform task information leak 07.04.2026 2.2
CVE-2026-5382 runZero Platform MCP endpoint information leak 07.04.2026 3
CVE-2026-5383 runZero Explorer missing authorization check 07.04.2026 4.4
CVE-2026-5384 runZero Platform incorrect credential scope 07.04.2026 5.8
CVE-2026-20884 07.04.2026 8.1
CVE-2026-20889 07.04.2026 9.8
CVE-2026-20911 07.04.2026 9.8
CVE-2026-21413 07.04.2026 9.8
CVE-2026-24450 07.04.2026 8.1
CVE-2026-24660 07.04.2026 8.1
CVE-2026-5372 runZero Platform SQL injection in saved queries 07.04.2026 6.4
CVE-2026-5373 runZero Platform superuser privilege escalation 07.04.2026 8.1
CVE-2026-5374 runZero Platform MCP information leak 07.04.2026 5.8
CVE-2026-5375 runZero Platform API credential information leak 07.04.2026 2.7
CVE-2026-35554 Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition 07.04.2026
CVE-2026-5627 Path Traversal in mintplex-labs/anything-llm 07.04.2026
CVE-2021-4473 Tianxin Internet Behavior Management System Command Injection via toQuery.php 07.04.2026
CVE-2026-22666 Dolibarr ERP/CRM < 23.0.2 Authenticated RCE via dol_eval_standard() 07.04.2026
CVE-2026-22679 Weaver E-cology 10.0 Unauthenticated RCE via dubboApi Debug Endpoint 07.04.2026
CVE-2026-33865 Stored XSS via unsafe YAML parsing in MLflow 07.04.2026
CVE-2026-33866 Authorization Bypass in MLflow AJAX Endpoint 07.04.2026
CVE-2026-5731 Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 07.04.2026
CVE-2026-5732 Incorrect boundary conditions, integer overflow in the Graphics: Text component 07.04.2026
CVE-2026-5733 Incorrect boundary conditions in the Graphics: WebGPU component 07.04.2026
CVE-2026-5734 Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 07.04.2026
CVE-2026-5735 Memory safety bugs fixed in Firefox 149.0.2 and Thunderbird 149.0.2 07.04.2026
CVE-2025-39666 omd: Local privilege escalation when executing omd commands as root 07.04.2026
CVE-2026-23818 Open Redirect Vulnerability in HPE Aruba Networking Private 5G Core On-Prem 07.04.2026 8.8
CVE-2026-28808 ScriptAlias CGI targets bypass directory auth in inets httpd (mod_auth vs mod_cgi path mismatch) 07.04.2026
CVE-2026-32144 OCSP designated-responder authorization bypass via missing signature verification 07.04.2026
CVE-2026-3466 Cross-site scripting in dashlet title 07.04.2026
CVE-2026-31842 Tinyproxy HTTP request parsing desynchronization via case-sensitive Transfer-Encoding handling 07.04.2026
CVE-2026-4420 Stored XSS via Page Creating functionality in Bludit 07.04.2026
CVE-2026-34903 WordPress Ocean Extra plugin <= 2.5.3 - Broken Access Control vulnerability 07.04.2026 5.4
CVE-2026-34896 WordPress Under Construction, Coming Soon & Maintenance Mode plugin <= 2.1.1 - Cross Site Request Forgery (CSRF) vulnerability 07.04.2026 7.5
CVE-2026-34899 WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.2.1 - Broken Access Control vulnerability 07.04.2026 5.3
CVE-2026-34904 WordPress Simple Social Media Share Buttons plugin <= 6.2.0 - Cross Site Request Forgery (CSRF) vulnerability 07.04.2026 7.5
CVE-2026-28810 Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver 07.04.2026
CVE-2026-33227 Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ Web: Improper Limitation of a Pathname to a Restricted Classpath Directory 07.04.2026
CVE-2026-34197 Apache ActiveMQ Broker, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans 07.04.2026
CVE-2026-3177 Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.9.7 - Insufficient Verification of Data Authenticity to Unauthenticated Donation Status Forgery via Stripe Webhook 07.04.2026 5.3
CVE-2026-5465 Amelia <= 2.1.3 - Insecure Direct Object Reference to Authenticated (Employee+) Privilege Escalation via 'externalId' Parameter 07.04.2026 8.8
CVE-2025-15611 Popup Box AYS Pro < 5.5.0 - Admin+ Stored Cross-Site Scripting (XSS) via CSRF 07.04.2026
CVE-2026-1114 Improper Access Control via Weak JWT Token in parisneo/lollms 07.04.2026
CVE-2026-1900 Link Whisper Free < 0.9.1 - Unauthenticated Settings and User Meta Update 07.04.2026
CVE-2026-4079 SQL Chart Builder < 2.3.8 - Unauthenticated SQL Injection 07.04.2026
CVE-2025-65116 Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 and JP1/NETM/DM 07.04.2026 5.5
CVE-2025-65115 Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 and JP1/NETM/DM 07.04.2026 8.8
CVE-2026-1839 Arbitrary Code Execution via Unsafe torch.load() in Trainer Checkpoint Loading in huggingface/transformers 07.04.2026
CVE-2026-0740 Ninja Forms - File Upload <= 3.3.26 - Unauthenticated Arbitrary File Upload 07.04.2026 9.8
CVE-2026-20431 07.04.2026
CVE-2026-20432 07.04.2026
CVE-2026-20433 07.04.2026
CVE-2026-20446 07.04.2026
CVE-2026-5719 itsourcecode Construction Management System borrowedtool.php sql injection 07.04.2026
CVE-2025-13044 Multiple Vulnerabilities in IBM Concert Software 07.04.2026 6.2
CVE-2026-5705 code-projects Online Hotel Booking Booking Endpoint booknow.php cross site scripting 06.04.2026
CVE-2026-5692 Totolink A7100RU cstecgi.cgi setGameSpeedCfg os command injection 07.04.2026
CVE-2026-5691 Totolink A7100RU cstecgi.cgi setFirewallType os command injection 06.04.2026
CVE-2026-5690 Totolink A7100RU cstecgi.cgi setRemoteCfg os command injection 07.04.2026
CVE-2026-5689 Totolink A7100RU cstecgi.cgi setNtpCfg os command injection 07.04.2026
CVE-2026-5688 Totolink A7100RU cstecgi.cgi setDdnsCfg os command injection 06.04.2026
CVE-2026-5687 Tenda CX12L NatStaticSetting fromNatStaticSetting stack-based overflow 07.04.2026
CVE-2026-35444 SDL_image has a heap buffer overflow READ via unchecked colormap index in XCF loader 06.04.2026 7.1
CVE-2026-35448 WWBN AVideo Provides Unauthenticated Access to Payment Order Data via BlockonomicsYPT check.php 07.04.2026 3.7
CVE-2026-35449 WWBN AVideo has Unauthenticated Information Disclosure via Disabled CLI Guard in install/test.php 07.04.2026 5.3
CVE-2026-35450 WWBN AVideo has Unauthenticated FFmpeg Remote Server Status Disclosure via check.ffmpeg.json.php 06.04.2026 5.3
CVE-2026-35452 WWBN AVideo has Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.php 06.04.2026 5.3
CVE-2026-35454 Code Extension Marketplace has a Zip Slip Path Traversal 07.04.2026
CVE-2026-5686 Tenda CX12L RouteStatic fromRouteStatic stack-based overflow 06.04.2026
CVE-2026-35408 Directus is Missing Cross-Origin Opener Policy 06.04.2026 8.7
CVE-2026-35409 Directus has a SSRF Protection Bypass via IPv4-Mapped IPv6 Addresses in File Import 06.04.2026 7.7
CVE-2026-35410 Directus has an Open Redirect via Parser Bypass in OAuth2/SAML Authentication Flow 07.04.2026 6.1
CVE-2026-35411 Directus is an Open Redirect in Admin 2FA Setup Page 07.04.2026 4.3
CVE-2026-35412 Directus has a TUS Upload Authorization Bypass Allows Arbitrary File Overwrite 06.04.2026 7.1
CVE-2026-35413 Directus GraphQL Schema SDL Disclosure Setting 06.04.2026 5.3
CVE-2026-35441 Directus Affected by GraphQL Alias Amplification Denial-of-Service Due to Missing Query Cost/Complexity Limits 07.04.2026 6.5
CVE-2026-35442 Directus: Authenticated Users Can Extract Concealed Fields via Aggregate Queries 07.04.2026 8.1
CVE-2026-35471 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs 06.04.2026
CVE-2026-5685 Tenda CX12L addressNat fromAddressNat stack-based overflow 07.04.2026
CVE-2026-5707 Command Injection via Virtual Desktop Session Name in AWS Research and Engineering Studio (RES) 07.04.2026 8.8
CVE-2026-5708 Improper Control of User-Modifiable Attributes in RES CreateSession API 07.04.2026 8.8
CVE-2026-5709 AWS Research and Engineering Studio (RES) FileBrowser Command Injection 07.04.2026 8.8
CVE-2026-22675 OCS Inventory NG Server Stored XSS via User-Agent 07.04.2026
CVE-2026-35404 Open edX Platform has an Open Redirect in Survey Views via Unvalidated redirect_url Parameter 06.04.2026 4.7
CVE-2026-35473 WeGIA - Open Redirect - IentradaControle - listarId() - Unvalidated $_GET['nextPage'] 06.04.2026
CVE-2026-35474 WeGIA - Open Redirect - atualizacao redirection - Unvalidated $_GET['redirect'] 06.04.2026
CVE-2026-35475 WeGIA - Open Redirect - backup redirection — Unvalidated $_GET['redirect'] 07.04.2026
CVE-2026-5684 Tenda CX12L webExcptypemanFilter fromwebExcptypemanFilter stack-based overflow 07.04.2026
CVE-2026-35395 WeGIA has a SQL Injection in DespachoDAO.php via id_memorando parameter 07.04.2026 8.8
CVE-2026-35396 WeGIA - Open Redirect - IsaidaControle - listarId() - Unvalidated $_GET['nextPage'] 06.04.2026
CVE-2026-35398 WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage'] 06.04.2026
CVE-2026-35399 WeGIA has Stored XSS in backup file names 07.04.2026
CVE-2026-35472 WeGIA - Open Redirect - EstoqueControle - listarTodos() - Unvalidated $_GET['nextPage'] 07.04.2026
CVE-2026-34972 OpenFGA's BatchCheck within-request deduplication produces incorrect authorization decisions via list-value cache-key collision 07.04.2026 5
CVE-2026-35392 goshs has an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs PUT Upload 06.04.2026
CVE-2026-35393 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs POST multipart upload 06.04.2026
CVE-2026-35394 Mobile Next has Arbitrary Android Intent Execution via mobile_open_url 07.04.2026 8.3
CVE-2026-5683 Tenda CX12L P2pListFilter fromP2pListFilter stack-based overflow 06.04.2026
CVE-2025-54601 07.04.2026
CVE-2026-35208 lichess.org has an Unsanitized Stream Title Injection on /streamer 07.04.2026
CVE-2026-35213 Regular Expression Denial of Service (ReDoS) in @hapi/content HTTP header parsing 07.04.2026
CVE-2026-35389 Bulwark Webmail S/MIME signature verification accepted self-signed certificates 06.04.2026
CVE-2026-35390 Content-Security-Policy was set to Report-Only mode, failing to block XSS attacks 06.04.2026
CVE-2026-35391 Bulwark Webmail getClientIP() trusted client-controlled X-Forwarded-For value, enabling rate limit bypass and audit log forgery 07.04.2026
CVE-2026-35199 SymCrypt SymCryptXmssSign function - Heap overflow via 64->32-bit leaf-count truncation 07.04.2026 6.1
CVE-2026-35200 Parse Server has a file upload Content-Type override via extension mismatch 07.04.2026
CVE-2026-35201 Discount has an Out-of-bounds Read in rdiscount 06.04.2026 5.9
CVE-2026-35203 ZLMediaKit VP9 RTP Parser Out-of-Bounds Read 06.04.2026 7.5
CVE-2026-5682 Meesho Online Shopping App com.meesho.supply endpoint risky encryption 07.04.2026
CVE-2025-57834 06.04.2026
CVE-2026-35184 EcclesiaCRM has a Critical SQL Injection 06.04.2026
CVE-2026-35185 HAX CMS's public /server-status endpoint exposes authentication tokens, user activity, and client IP addresses 07.04.2026
CVE-2026-35187 pyLoad has SSRF in parse_urls API endpoint via unvalidated URL parameter 07.04.2026 7.7
CVE-2026-35197 Code injection in dye template expressions 06.04.2026 6.6
CVE-2026-35459 pyLoad has SSRF fix bypass via HTTP redirect 06.04.2026
CVE-2025-54328 06.04.2026
CVE-2025-54602 06.04.2026
CVE-2026-35020 Anthropic Claude Code & Agent SDK OS Command Injection via TERMINAL Environment Variable 06.04.2026
CVE-2026-35021 Anthropic Claude Code & Agent SDK OS Command Injection via promptEditor.ts 07.04.2026
CVE-2026-35022 Anthropic Claude Code & Agent SDK OS Command Injection via Authentication Helper 06.04.2026
CVE-2026-35170 openFPGALoader has a heap buffer overflow in BitParser::parseHeader() via crafted .bit file 07.04.2026 7.1
CVE-2026-35172 Distribution has stale blob access resurrection via repo-scoped redis descriptor cache invalidation 07.04.2026 7.5
CVE-2026-35176 openFPGALoader has a heap buffer overflow in POFParser::parseSection() via crafted .pof file 07.04.2026 7.1
CVE-2026-35178 Workbench Affected by Remote Code Execution (RCE) via Malicious Cookie in Timezone Conversion 07.04.2026
CVE-2026-35179 WWBN AVideo Unauthenticated Instagram Graph API Proxy via publishInstagram.json.php 06.04.2026 5.3
CVE-2026-35180 WWBN AVideo affected by CSRF on Site Customization Endpoint Enables Logo Overwrite via Base64 File Write 07.04.2026 4.3
CVE-2026-35181 WWBN AVideo Affected by CSRF on Player Skin Configuration via admin/playerUpdate.json.php 07.04.2026 4.3
CVE-2026-35182 Missing Authorization Privilege Escalation 07.04.2026 8.8
CVE-2026-35183 Brave CMS has an Insecure Direct Object Reference in Article Image Deletion 06.04.2026 7.1
CVE-2026-5679 Totolink A3300R cstecgi.cgi vsetTr069Cfg os command injection 07.04.2026
CVE-2026-5681 itsourcecode sanitize or validate this input Parameter borrowedequip.php sql injection 06.04.2026
CVE-2025-54324 07.04.2026