CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-41446 WattBox 800 & 820 Series < 2.10.0.0 RCE via Diagnostic Endpoints 28.04.2026 9.2
CVE-2026-24178 28.04.2026 9.8
CVE-2026-3893 Carlson Software VASCO-B GNSS Receiver Missing Authentication for Critical Function 28.04.2026 9.4
CVE-2026-41386 OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes 28.04.2026 9.1
CVE-2026-27760 OpenCATS PHP Code Injection via installer AJAX endpoint 28.04.2026 9.2
CVE-2026-5779 Multiple vulnerabilities in MphRx's Minerva 28.04.2026 9.4
CVE-2026-7241 Totolink A8000RU CGI cstecgi.cgi setWiFiBasicCfg os command injection 28.04.2026 9.3
CVE-2026-7242 Totolink A8000RU CGI cstecgi.cgi setOpenVpnClientCfg os command injection 28.04.2026 9.3
CVE-2026-7243 Totolink A8000RU CGI cstecgi.cgi setRadvdCfg os command injection 28.04.2026 9.3
CVE-2026-7244 Totolink A8000RU CGI cstecgi.cgi setWiFiEasyGuestCfg os command injection 28.04.2026 9.3
CVE-2026-7248 D-Link DI-8100 CGI Endpoint tgfile.htm tgfile_htm buffer overflow 28.04.2026 9.3
CVE-2026-7240 Totolink A8000RU CGI cstecgi.cgi setVpnAccountCfg os command injection 28.04.2026 9.3
CVE-2026-32644 Milesight Cameras Use of Hard-coded Cryptographic Key 28.04.2026 9.2
CVE-2026-7202 Totolink A8000RU CGI cstecgi.cgi setWiFiWpsStart os command injection 27.04.2026 9.3
CVE-2026-7203 Totolink A8000RU CGI cstecgi.cgi setUrlFilterRules os command injection 28.04.2026 9.3
CVE-2026-7204 Totolink A8000RU CGI cstecgi.cgi setPptpServerCfg os command injection 28.04.2026 9.3
CVE-2026-40976 29.04.2026 9.1
CVE-2026-7156 Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection 28.04.2026 9.3
CVE-2026-7154 Totolink A8000RU CGI cstecgi.cgi setAdvancedInfoShow os command injection 28.04.2026 9.3
CVE-2026-7155 Totolink A8000RU CGI cstecgi.cgi setLoginPasswordCfg os command injection 28.04.2026 9.3
CVE-2026-7152 Totolink A8000RU CGI cstecgi.cgi setTelnetCfg os command injection 28.04.2026 9.3
CVE-2026-7153 Totolink A8000RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection 28.04.2026 9.3
CVE-2026-7139 Totolink A8000RU CGI cstecgi.cgi setWiFiAclRules os command injection 27.04.2026 9.3
CVE-2026-7140 Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection 27.04.2026 9.3
CVE-2026-7136 Totolink A8000RU CGI cstecgi.cgi setDmzCfg os command injection 27.04.2026 9.3
CVE-2026-7137 Totolink A8000RU CGI cstecgi.cgi setStorageCfg os command injection 27.04.2026 9.3
CVE-2026-7138 Totolink A8000RU CGI cstecgi.cgi setNtpCfg os command injection 27.04.2026 9.3
CVE-2026-41462 ProjeQtor < 12.4.4 Unauthenticated SQL Injection via Login 27.04.2026 9.3
CVE-2026-7123 Totolink A8000RU CGI cstecgi.cgi setIptvCfg os command injection 27.04.2026 9.3
CVE-2026-7124 Totolink A8000RU CGI cstecgi.cgi setIpv6LanCfg os command injection 27.04.2026 9.3
CVE-2026-7125 Totolink A8000RU CGI cstecgi.cgi setWiFiEasyCfg os command injection 27.04.2026 9.3
CVE-2026-7121 Totolink A8000RU CGI cstecgi.cgi setWizardCfg os command injection 27.04.2026 9.3
CVE-2026-7122 Totolink A8000RU CGI cstecgi.cgi setUPnPCfg os command injection 27.04.2026 9.3
CVE-2026-22336 WordPress Directorist Booking plugin < 3.0.2 - SQL Injection vulnerability 28.04.2026 9.3
CVE-2026-22337 WordPress Directorist Social Login plugin < 2.1.4 - Privilege Escalation vulnerability 28.04.2026 9.8
CVE-2026-41409 Apache MINA: CWE-502 Deserialization of Untrusted Data 27.04.2026 9.8
CVE-2026-41635 Apache MINA: AbstractIoBuffer.resolveClass() null-clazz Branch Skips acceptMatchers Filter — Full Object Deserialization RCE 28.04.2026 9.8
CVE-2026-42363 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability 27.04.2026 9.3
CVE-2026-7037 Totolink A8000RU CGI cstecgi.cgi setVpnPassCfg os command injection 27.04.2026 9.3
CVE-2026-31682 bridge: br_nd_send: linearize skb before parsing ND options 27.04.2026 9.1
CVE-2026-31685 netfilter: ip6t_eui64: reject invalid MAC header for all packets 27.04.2026 9.4
CVE-2026-6951 25.04.2026 9.2
CVE-2026-41248 Official Clerk JavaScript SDKs: Middleware-based route protection bypass 27.04.2026 9.1
CVE-2026-41478 Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId) 27.04.2026 10
CVE-2026-41428 Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints 24.04.2026 9.1
CVE-2026-41327 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field 24.04.2026 9.1
CVE-2026-41492 Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars in Dgraph 24.04.2026 9.8
CVE-2026-41328 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field 24.04.2026 9.1
CVE-2026-6911 Authentication Bypass via Missing JWT Signature Verification in AWS Ops Wheel 24.04.2026 9.3
CVE-2026-39920 BridgeHead FileStore < 24A Apache Axis2 Default Credentials RCE 24.04.2026 9.3
CVE-2026-31536 smb: server: let send_done handle a completion without IB_SEND_SIGNALED 27.04.2026 9.8
CVE-2026-31589 mm: call ->free_folio() directly in folio_unmap_invalidate() 27.04.2026 9.8
CVE-2026-31607 usbip: validate number_of_packets in usbip_pack_ret_submit() 27.04.2026 9.8
CVE-2026-31608 smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() 27.04.2026 9.8
CVE-2026-31609 smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush() 27.04.2026 9.8
CVE-2026-31633 rxrpc: Fix integer overflow in rxgk_verify_response() 27.04.2026 9.8
CVE-2026-31636 rxrpc: fix RESPONSE authenticator parser OOB read 27.04.2026 9.1
CVE-2026-31637 rxrpc: reject undecryptable rxkad response tickets 27.04.2026 9.8
CVE-2026-31649 net: stmmac: fix integer underflow in chain mode 27.04.2026 9.8
CVE-2026-31657 batman-adv: hold claim backbone gateways by reference 27.04.2026 9.8
CVE-2026-31659 batman-adv: reject oversized global TT response buffers 27.04.2026 9.8
CVE-2026-31668 seg6: separate dst_cache for input and output paths in seg6 lwtunnel 27.04.2026 9.8
CVE-2026-31669 mptcp: fix slab-use-after-free in __inet_lookup_established 27.04.2026 9.8
CVE-2026-25660 Authentication bypass for certain API calls 24.04.2026 9.3
CVE-2026-21515 Azure IoT Central Elevation of Privilege Vulnerability 28.04.2026 9.9
CVE-2026-1950 No checking of the length of the buffer with the file name in AS320T 24.04.2026 9.8
CVE-2026-1951 No checking of the length of the buffer with the directory name in AS320T 24.04.2026 9.8
CVE-2026-1952 Denial of service via the undocumented subfunction in AS320T 24.04.2026 9.8
CVE-2026-1949 Incorrect calculation of buffer size on the stack in AS320T 24.04.2026 9.8
CVE-2026-25775 SenseLive X3050 Missing authentication for critical function 24.04.2026 9.3
CVE-2026-27843 SenseLive X3050 Missing authentication for critical function 24.04.2026 9.2
CVE-2026-35503 SenseLive X3050 Use of Hard-coded Credentials 24.04.2026 9.3
CVE-2026-39462 SenseLive X3050 Insufficiently Protected Credentials 24.04.2026 9.3
CVE-2026-40620 SenseLive X3050 Missing authentication for critical function 24.04.2026 9.3
CVE-2026-40630 SenseLive X3050 Authentication bypass using an alternate path or channel 24.04.2026 9.3
CVE-2026-24303 Microsoft Partner Center Elevation of Privilege Vulnerability 28.04.2026 9.6
CVE-2026-32210 Microsoft Dynamics 365 (online) Spoofing Vulnerability 28.04.2026 9.3
CVE-2026-33102 Microsoft 365 Copilot Elevation of Privilege Vulnerability 28.04.2026 9.3
CVE-2026-33819 Microsoft Bing Remote Code Execution Vulnerability 28.04.2026 10
CVE-2026-35431 Microsoft Entra ID Entitlement Management Spoofing Vulnerability 28.04.2026 10
CVE-2026-26210 KTransformers Unsafe Deserialization RCE via balance_serve 24.04.2026 9.3
CVE-2026-41274 Flowise: Cypher Injection in GraphCypherQAChain 24.04.2026 9.3
CVE-2026-6942 radare2-mcp <=1.6.0 OS Command Injection via Shell Metacharacter Bypass 24.04.2026 9.3
CVE-2026-25874 LeRobot Unsafe Deserialization Remote Code Execution via gRPC 24.04.2026 9.3
CVE-2026-41264 Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability 24.04.2026 9.2
CVE-2026-41265 Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability 23.04.2026 9.2
CVE-2026-41137 Flowise: Code Injection in CSVAgent leads to Authenticated RCE 23.04.2026 9.4
CVE-2026-6074 Path traversal: '.../...//' in Intrado 911 Emergency Gateway (EGW) 23.04.2026 9.3
CVE-2026-31533 net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption 27.04.2026 9.8
CVE-2025-62373 Pipecat vulnerable to Remote Code Execution by Pickle Deserialization via LivekitFrameSerializer 23.04.2026 9.8
CVE-2026-23751 Kofax Capture 6.0.0.0 Unauthenticated File Read/Write & SMB Coercion via .NET Remoting 25.04.2026 9.3
CVE-2026-40470 Hackage package and doc upload stored XSS vulnerability 23.04.2026 9.9
CVE-2026-40471 Hackage CSRF vulnerability 23.04.2026 9.6
CVE-2026-40472 Hackage package metadata stored XSS vulnerability 23.04.2026 9.9
CVE-2026-41460 SocialEngine <= 7.8.0 SQL Injection via activity/index/get-memberall 23.04.2026 9.3
CVE-2026-39440 WordPress FunnelFormsPro plugin <= 3.8.1 - Remote Code Execution (RCE) vulnerability 23.04.2026 9.9
CVE-2026-6885 BorG Technology Corporation|Borg SPM 2007 - Arbitrary File Upload 23.04.2026 9.3
CVE-2026-6886 BorG Technology Corporation|Borg SPM 2007 - Authentication Bypass 23.04.2026 9.3
CVE-2026-6887 BorG Technology Corporation|Borg SPM 2007 - SQL Injection 23.04.2026 9.3
CVE-2026-41228 Froxlor has Local File Inclusion via path traversal in API `def_language` parameter that leads to Remote Code Execution 23.04.2026 10
CVE-2026-41229 Froxlor has a PHP Code Injection via Unescaped Single Quotes in userdata.inc.php Generation (MysqlServer API) 23.04.2026 9.1
CVE-2026-3844 Breeze Cache <= 2.4.4 - Unauthenticated Arbitrary File Upload via fetch_gravatar_from_remote 23.04.2026 9.8
CVE-2026-41196 Luanti has a mod security sandbox escape 23.04.2026 9
CVE-2026-41197 Brillig: Heap corruption in foreign call results with nested tuple arrays 25.04.2026 9.3
CVE-2026-41679 Paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass 23.04.2026 10
CVE-2026-41176 Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution 28.04.2026 9.2
CVE-2026-41179 RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution 28.04.2026 9.2
CVE-2026-41167 Jellystat has SQL Injection that leads to to Remote Code Execution 23.04.2026 9.1
CVE-2026-33656 EspoCRM vulnerable to authenticated RCE via Formula with path traversal in attachment `sourceId`, exploitable by admin user 23.04.2026 9.1
CVE-2026-33471 nimiq-block has skip block quorum bypass via out-of-range BitSet indices & u16 truncation 23.04.2026 9.6
CVE-2026-34415 Xerte Online Toolkits File Upload RCE via elfinder Connector 24.04.2026 9.3
CVE-2026-41468 Beghelli Sicuro24 SicuroWeb AngularJS Sandbox Escape via Template Injection 22.04.2026 9.3
CVE-2018-25270 ThinkPHP 5.0.23 Remote Code Execution via invokefunction 22.04.2026 9.3
CVE-2018-25272 ELBA5 5.8.0 Remote Code Execution via Database Access 22.04.2026 9.3
CVE-2026-31436 dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() 27.04.2026 9.8
CVE-2026-31444 ksmbd: fix use-after-free and NULL deref in smb_grant_oplock() 27.04.2026 9.8
CVE-2026-31448 ext4: avoid infinite loops caused by residual data 27.04.2026 9.4
CVE-2026-31463 iomap: fix invalid folio access when i_blkbits differs from I/O granularity 27.04.2026 9.8
CVE-2026-31478 ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len() 27.04.2026 9.8
CVE-2026-31501 net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path 27.04.2026 9.8

Latest Updates

CVE Title Updated Score
CVE-2026-42377 WordPress SureForms Pro plugin <= 2.8.0 - Broken Access Control vulnerability 29.04.2026 7.3
CVE-2026-21023 29.04.2026
CVE-2026-35155 29.04.2026 7.1
CVE-2026-23773 29.04.2026 4.3
CVE-2026-42615 29.04.2026 7.2
CVE-2026-40560 Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence 29.04.2026
CVE-2026-7333 28.04.2026
CVE-2026-7334 28.04.2026
CVE-2026-7335 28.04.2026
CVE-2026-7336 28.04.2026
CVE-2026-7337 28.04.2026
CVE-2026-7338 28.04.2026
CVE-2026-7339 28.04.2026
CVE-2026-7340 28.04.2026
CVE-2026-7341 28.04.2026
CVE-2026-7342 28.04.2026
CVE-2026-7343 28.04.2026
CVE-2026-7344 28.04.2026
CVE-2026-7345 28.04.2026
CVE-2026-7346 28.04.2026
CVE-2026-7347 28.04.2026
CVE-2026-7348 28.04.2026
CVE-2026-7349 28.04.2026
CVE-2026-7350 28.04.2026
CVE-2026-7351 28.04.2026
CVE-2026-7352 28.04.2026
CVE-2026-7353 28.04.2026
CVE-2026-7354 28.04.2026
CVE-2026-7355 28.04.2026
CVE-2026-7356 28.04.2026
CVE-2026-7357 28.04.2026
CVE-2026-7358 28.04.2026
CVE-2026-7359 28.04.2026
CVE-2026-7360 28.04.2026
CVE-2026-7361 28.04.2026
CVE-2026-7363 28.04.2026
CVE-2026-42167 28.04.2026 8.1
CVE-2026-5822 28.04.2026
CVE-2026-33467 Improper Verification of Cryptographic Signature in Elastic Package Registry Leading to Package Integrity Bypass 28.04.2026 5.9
CVE-2026-37750 28.04.2026
CVE-2026-41446 WattBox 800 & 820 Series < 2.10.0.0 RCE via Diagnostic Endpoints 28.04.2026
CVE-2026-41649 Outline has IDOR in document share creation that allows unauthorized access to private documents across workspaces 28.04.2026 7.7
CVE-2026-7296 SourceCodester Pizzafy Ecommerce System ajax.php save_order cross site scripting 28.04.2026
CVE-2026-7297 SourceCodester Pizzafy Ecommerce System ajax.php save_user cross site scripting 28.04.2026
CVE-2026-7303 Xuxueli xxl-job Execution Log JobLogController.java logDetailCat resource injection 28.04.2026
CVE-2026-7305 Xuxueli xxl-job trigger Endpoint XxlJobServiceImpl.java triggerJob server-side request forgery 28.04.2026
CVE-2026-7306 Xuxueli xxl-job OpenAPI Endpoint OpenApiController.java hard-coded key 28.04.2026
CVE-2026-7314 eiceblue spire-doc-mcp-server base.py get_doc_path path traversal 28.04.2026
CVE-2026-7315 eiceblue spire-pdf-mcp-server PDF File server.py get_pdf_path path traversal 28.04.2026
CVE-2026-7316 eiliyaabedini aider-mcp code_with_ai aider_mcp.py command injection 28.04.2026
CVE-2026-7317 Grav CMS Cache Value FileCache.php doGet deserialization 28.04.2026
CVE-2026-7318 elie mcp-project research_server.py search_papers path traversal 28.04.2026
CVE-2026-7319 elinsky execution-system-mcp add_action Tool server.py _get_context_file_path path traversal 28.04.2026
CVE-2026-24178 28.04.2026 9.8
CVE-2026-24186 28.04.2026 8.8
CVE-2026-24204 28.04.2026 6.5
CVE-2026-24222 28.04.2026 8.6
CVE-2026-24231 28.04.2026 6.3
CVE-2026-3893 Carlson Software VASCO-B GNSS Receiver Missing Authentication for Critical Function 28.04.2026 9.4
CVE-2026-41373 OpenClaw < 2026.3.31 - Compiler Binary Substitution via Environment Variable Override in Host Execution Policy 28.04.2026
CVE-2026-41374 OpenClaw < 2026.3.31 - Resource Consumption via Discord Audio Preflight Before Member Authorization 28.04.2026
CVE-2026-41375 OpenClaw < 2026.3.28 - Authorization Bypass in /phone arm and /phone disarm Endpoints 28.04.2026
CVE-2026-41376 OpenClaw < 2026.3.31 - Matrix Thread Context Allowlist Bypass via Sender Validation 28.04.2026
CVE-2026-41377 OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation 28.04.2026
CVE-2026-41378 OpenClaw < 2026.3.31 - Privilege Escalation to Remote Code Execution via Unrestricted node.event Agent Dispatch 28.04.2026
CVE-2026-41379 OpenClaw < 2026.3.28 - Privilege Escalation via chat.send to Admin-Class Talk Voice Config 28.04.2026
CVE-2026-41380 OpenClaw < 2026.3.28 - Arbitrary Execution Allowlist via Wrapper Carrier Executables 28.04.2026
CVE-2026-41381 OpenClaw < 2026.3.31 - Access Control Bypass in Discord Voice Manager via Channel Allowlist 28.04.2026
CVE-2026-41382 OpenClaw < 2026.3.31 - Discord Voice Ingress Authorization Bypass via Channel and Role Validation Gaps 28.04.2026
CVE-2026-41383 OpenClaw < 2026.4.2 - Arbitrary Remote Directory Deletion via Mis-scoped Mirror Mode Paths 28.04.2026
CVE-2026-41384 OpenClaw < 2026.3.24 - Environment Variable Injection via Workspace Config in CLI Backend 28.04.2026
CVE-2026-41385 OpenClaw < 2026.3.31 - Nostr Private Key Exposure via config.get Redaction Bypass 28.04.2026
CVE-2026-41386 OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes 28.04.2026
CVE-2026-41387 OpenClaw < 2026.3.22 - Supply Chain Redirection via Incomplete Host Environment Sanitization 28.04.2026
CVE-2026-41388 OpenClaw < 2026.3.31 - Configuration Rehydration via Empty-Array Revocation Handling 28.04.2026
CVE-2026-41390 OpenClaw < 2026.3.28 - Exec Allowlist Bypass via Unregistered /usr/bin/script Wrapper 28.04.2026
CVE-2026-41391 OpenClaw < 2026.3.31 - Environment Variable Bypass in Package Index URL Handling 28.04.2026
CVE-2026-41392 OpenClaw < 2026.3.31 - Exec Allowlist Bypass via Shell Init-File Options 28.04.2026
CVE-2026-41393 OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery 28.04.2026
CVE-2026-41394 OpenClaw < 2026.3.31 - Unauthorized Operator Scope Access in Unauthenticated Plugin-Auth Routes 28.04.2026
CVE-2026-41395 OpenClaw < 2026.3.28 - Webhook Replay via Query Parameter Reordering in Plivo V3 28.04.2026
CVE-2026-41396 OpenClaw < 2026.3.31 - Environment Variable Override of Plugin Trust Root 28.04.2026
CVE-2026-41397 OpenClaw < 2026.3.31 - Sandbox Escape via Unrestricted File Sync and Symlink Traversal 28.04.2026
CVE-2026-41398 OpenClaw - Unauthorized Agent Request Dispatch via Untrusted Local-Network Pages in iOS A2UI Bridge 28.04.2026
CVE-2026-41399 OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades 28.04.2026
CVE-2026-41400 OpenClaw < 2026.3.31 - Resource Consumption via Oversized WebSocket Frames in voice-call 28.04.2026
CVE-2026-41402 OpenClaw < 2026.3.31 - Webhook Replay Cache Cross-Target messageId Scope Bypass 28.04.2026
CVE-2026-41403 OpenClaw < 2026.3.31 - Access Control Bypass via Proxied Remote Request Misclassification 28.04.2026
CVE-2026-41404 OpenClaw < 2026.3.31 - Operator Admin Privilege Escalation via Trusted-Proxy Authentication 28.04.2026
CVE-2026-41405 OpenClaw < 2026.3.31 - Resource Exhaustion via Unauthenticated MS Teams Webhook Body Parsing 28.04.2026
CVE-2026-41406 OpenClaw < 2026.3.31 - Sender Allowlist Bypass via Thread History and Quoted Messages 28.04.2026
CVE-2026-41407 OpenClaw < 2026.4.2 - Timing Side Channel in Shared-Secret Comparison 28.04.2026
CVE-2026-41408 OpenClaw < 2026.3.31 - Disk Exhaustion via Media Download Bypass 28.04.2026
CVE-2026-41910 OpenClaw < 2026.4.8 - Missing Owner-Only Enforcement in /allowlist Cross-Channel Writes 28.04.2026
CVE-2026-41911 OpenClaw < 2026.4.8 - Workspace-Only Filesystem Policy Bypass via docx upload_file/upload_image 28.04.2026
CVE-2026-41912 OpenClaw < 2026.4.8 - Server-Side Request Forgery Policy Bypass via Interaction-Triggered Navigation 28.04.2026
CVE-2026-41913 OpenClaw < 2026.4.4 - Rate-Limit Bypass via Concurrent Async Authentication Attempts 28.04.2026
CVE-2026-41914 OpenClaw < 2026.4.8 - Server-Side Request Forgery in QQ Bot Media Fetch Paths 28.04.2026
CVE-2026-41915 OpenClaw < 2026.4.8 - Git Environment Variable Injection via Unfiltered Exec Environment 28.04.2026
CVE-2026-41916 OpenClaw < 2026.4.8 - Stale Authentication State via Config Reload 28.04.2026
CVE-2026-42420 OpenClaw < 2026.4.8 - Improper Base64 Decoding Size Validation 28.04.2026
CVE-2026-42421 OpenClaw < 2026.4.8 - WebSocket Session Persistence via Shared Gateway Token Rotation 28.04.2026
CVE-2026-42422 OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function 28.04.2026
CVE-2026-42423 OpenClaw < 2026.4.8 - strictInlineEval Approval Boundary Bypass via Approval-Timeout Fallback 28.04.2026
CVE-2026-42424 OpenClaw < 2026.4.8 - Local File Exfiltration via Shared Reply MEDIA Paths 28.04.2026
CVE-2026-42426 OpenClaw < 2026.4.8 - Improper Authorization in node.pair.approve via operator.write Scope 28.04.2026
CVE-2026-42427 OpenClaw < 2026.4.8 - Remote Code Execution via Build Tool Environment Variable Injection 28.04.2026
CVE-2026-42428 OpenClaw < 2026.4.8 - Missing Integrity Verification in Package Downloads 28.04.2026
CVE-2026-42429 OpenClaw < 2026.4.8 - Privilege Escalation via Gateway Plugin HTTP Authentication 28.04.2026
CVE-2026-42430 OpenClaw < 2026.4.8 - Strict Browser SSRF Bypass via Playwright Redirect Handling 28.04.2026
CVE-2026-42431 OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass 28.04.2026
CVE-2026-42432 OpenClaw < 2026.4.8 - Command Escalation via Node Pairing Reconnect Bypass 28.04.2026
CVE-2026-6807 NSA GRASSMARLIN Improper Restriction of XML External Entity Reference 28.04.2026 5.5
CVE-2026-7292 o2oa NodeAgent NodeAgent.java syncFile improper authorization 28.04.2026
CVE-2026-7293 SourceCodester Pizzafy Ecommerce System ajax.php delete_category sql injection 28.04.2026
CVE-2026-7294 SourceCodester Pizzafy Ecommerce System index.php save_settings cross site scripting 28.04.2026
CVE-2026-7295 SourceCodester Pizzafy Ecommerce System ajax.php save_menu cross site scripting 28.04.2026
CVE-2026-38949 28.04.2026
CVE-2026-5794 Vulnerability in Cryptobox allows an authenticated user to trigger an account lockout 28.04.2026
CVE-2026-6238 Buffer overread in ns_printrrf with corrupted RDATA field 28.04.2026
CVE-2026-7290 JeecgBoot loadDict Endpoint SqlInjectionUtil.java SqlInjectionUtil sql injection 28.04.2026
CVE-2026-7291 o2oa URL Fetching FileAction.java FileAction server-side request forgery 28.04.2026
CVE-2025-60887 28.04.2026 5.3
CVE-2025-60889 28.04.2026
CVE-2026-38651 28.04.2026
CVE-2026-38948 28.04.2026
CVE-2026-41873 Pony Mail: Admin account takeover via request smuggling 28.04.2026
CVE-2025-67223 28.04.2026
CVE-2026-40969 Spring gRPC AuthenticationException message reflected to remote client 28.04.2026 3.7
CVE-2026-7283 SourceCodester Pharmacy Sales and Inventory System ajax.php save_expired sql injection 28.04.2026
CVE-2026-7288 D-Link DIR-825M formVpnConfigSetup sub_4151FC buffer overflow 28.04.2026
CVE-2026-7289 D-Link DIR-825M formWanConfigSetup sub_414BA8 buffer overflow 28.04.2026
CVE-2026-27760 OpenCATS PHP Code Injection via installer AJAX endpoint 28.04.2026
CVE-2026-40556 29.04.2026
CVE-2026-40968 Spring gRPC SecurityContext leaks across requests on authorization failure 28.04.2026 4.3
CVE-2026-7282 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_expired sql injection 28.04.2026
CVE-2026-7320 Information disclosure due to incorrect boundary conditions in the Audio/Video component 28.04.2026
CVE-2026-7321 Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component 29.04.2026
CVE-2026-7322 Memory safety bugs fixed in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1 28.04.2026
CVE-2026-7323 Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 28.04.2026
CVE-2026-7324 Memory safety bugs fixed in Firefox 150.0.1 28.04.2026
CVE-2026-40550 Privilege Escalation in mpGabinet 28.04.2026
CVE-2026-40551 Use of Client-Side Authentication in mpGabinet 28.04.2026
CVE-2026-40552 Remote Code Execution in mpGabinet 28.04.2026
CVE-2026-5944 Cisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API Access 28.04.2026
CVE-2026-6706 28.04.2026
CVE-2026-7272 WilliamCloudQi matlab-mcp-server MCP index.ts execute_matlab_code path traversal 28.04.2026
CVE-2026-7281 SourceCodester Pharmacy Sales and Inventory System index.php supplier cross site scripting 28.04.2026
CVE-2026-5435 Potential buffer overflow in ns_sprintrrf TSIG handling path 28.04.2026
CVE-2026-5779 Multiple vulnerabilities in MphRx's Minerva 28.04.2026
CVE-2026-5780 Multiple vulnerabilities in MphRx's Minerva 28.04.2026
CVE-2026-5781 Multiple vulnerabilities in MphRx's Minerva 28.04.2026
CVE-2026-7269 SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting 28.04.2026
CVE-2026-7271 DV0x creative-ad-agent creative-ad-agent-server sdk-server.ts path traversal 28.04.2026
CVE-2026-7309 Openshift-controller-manager: openshift container platform: information disclosure via environment variable injection 28.04.2026
CVE-2026-7267 SourceCodester Pizzafy Ecommerce System view_prod.php sql injection 28.04.2026
CVE-2026-7268 SourceCodester Pizzafy Ecommerce System ajax.php save_category sql injection 28.04.2026