Critical vulnerabilities, curated daily for security professionals
đ¯ SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
đ
Today's Security Brief
Saturday's disclosures center on HP endpoint products and Microsoft Teams infrastructure, which together account for the majority of the highest-scoring vulnerabilities. The brief covers 28 critical CVEs (up 40% from 20) and 100 high-priority CVEs (unchanged from the prior day). Notable entries include CVE-2026-37431 (CVSS 9.8) in HP endpoint software, CVE-2026-42454 (CVSS 9.9) in Docker container management, and CVE-2026-41497 (CVSS 9.8) affecting Microsoft Teams. Remote code execution and container escape patterns dominate, with NVIDIA garak (CVE-2026-41512) and Arch Nornicdb (CVE-2026-42072) adding exposure across AI tooling and database stacks. Patch availability sits at 0% for the disclosed set, so defenders should prioritize compensating controls and vendor advisories until fixes ship.
HP endpoint products and Microsoft Teams account for the bulk of today's critical CVEs, including CVE-2026-37431 and CVE-2026-41497
Critical CVEs rose 40% to 28, driven by HP, Teams, Docker, and NVIDIA disclosures
High-priority CVEs held flat at 100, sustaining elevated triage volume across enterprise stacks
Remote code execution and container management flaws lead the attack patterns, with Docker (CVE-2026-42454) and NVIDIA garak (CVE-2026-41512) at CVSS 9.9
Patch availability is 0% across the disclosed set, requiring reliance on mitigations and vendor workarounds
Five CVEs are actively exploited, including Ivanti EPMM (CVE-2026-6973) and ConnectWise ScreenConnect (CVE-2024-1708)
Immediate action: Prioritize HP endpoint software, Microsoft Teams, Docker, and NVIDIA garak deployments for immediate review, and isolate Ivanti EPMM and ConnectWise ScreenConnect instances pending vendor guidance given confirmed exploitation. With 0% patch availability for the new disclosures, apply network segmentation, restrict administrative access, and monitor vendor advisories for fixes before exposing affected systems.
đĄ Tip: Swipe CVE cards left to â star, right to â remove
Section Navigation
â ī¸
CISA Known Exploited Vulnerabilities
â ī¸ CISA KEVURGENT
CVE-2026-6973
9.5
IvantiEndpoint Manager Mobile (EPMM)
â° Federal Deadline:May 9, 2026(1 days remaining)
Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEVURGENT
CVE-2026-42208
9.8
UnknownMultiple Products
â° Federal Deadline:May 10, 2026(2 days remaining)
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.81.16 to before version 1.83.7, a database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An unauthenticated attacker could send a specially crafted Authorization header to any LLM API route (for example POST /chat/completions) and reach this query through the proxy's error-handling path. An attacker could read data from the proxy's database and may be able to modify it, leading to unauthorised access to the proxy and the credentials it manages. This issue has been patched in version 1.83.7.
CVSS Base9.8
â
CRSSelect profile
â ī¸ CISA KEVURGENT
CVE-2024-1708
9.5đ Late Disclosure
ConnectWiseScreenConnect
â° Federal Deadline:May 11, 2026(3 days remaining)
ConnectWise ScreenConnect Path Traversal Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEVURGENT
CVE-2026-32202
9.5
MicrosoftWindows
â° Federal Deadline:May 11, 2026(3 days remaining)
Microsoft Windows Protection Mechanism Failure Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEVURGENT
CVE-2026-31431
9.5
LinuxKernel
â° Federal Deadline:May 14, 2026(6 days remaining)
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
đ¨
Critical Vulnerabilities
CVE-2026-37431
9.8
HPendpoint
Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.
CVSS Base9.8
â
CRSSelect profile
CVE-2026-42454
9.9đ
Dockercontainer management
Termix is vulnerable to OS command injection in its Docker management endpoints, leading to remote code execution.
CVSS Base9.9
â
CRSSelect profile
CVE-2026-41497
9.8đ
Teamssystem
PraisonAI fails to validate commands in parse_mcp_command(), allowing unauthenticated attackers to execute arbitrary system commands via subprocesses.
CVSS Base9.8
â
CRSSelect profile
CVE-2026-44336
9.6đ
Teamssystem
PraisonAI's MCP server fails to sanitize file paths in tool arguments, allowing unauthenticated attackers to perform arbitrary file writes and achieve code execution.
CVSS Base9.6
â
CRSSelect profile
CVE-2025-69691
9.9
HPcode
Netgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.exec_php. NOTE: the Supplier disputes this because the API call is only available to admins and they are intentionally allowed to execute PHP code.
CVSS Base9.9
â
CRSSelect profile
CVE-2026-41512
9.9
NVIDIAgarak
ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability via JavaScript injection in `BrowserAutomation::PlaywrightService`. This issue has been patched in version 1.4.1.
CVSS Base9.9
â
CRSSelect profile
CVE-2026-42072
9.8đ
ArchNornicdb
Nornicdb fails to bind the Bolt server to the configured host, defaulting to all interfaces and exposing the database with default credentials to the network.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-69690
9.1
HPobject containing
Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the post_reboot_commands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execute PHP code.
CVSS Base9.1
â
CRSSelect profile
CVE-2024-51092
9.1đ Late Disclosure
HPMultiple Products
LibreNMS before 24.10.0 allows a remote attacker to execute arbitrary code via OS command injection involving AboutController.php's index(), SettingsController.php's update(), and PollDevice.php's initRrdDirectory().
CVSS Base9.1
â
CRSSelect profile
CVE-2026-44335
9.8đ
Teamssystem
PraisonAI contains a logical flaw in its URL checking mechanism that allows unauthenticated attackers to perform Server-Side Request Forgery (SSRF) attacks.
CVSS Base9.8
â
CRSSelect profile
CVE-2026-44497
9.1đ
ZebraZebra (Zcash node)
Insufficient error handling in Zcash node Zebra's sighash computation allows for consensus splits between nodes.
CVSS Base9.1
â
CRSSelect profile
CVE-2026-25199
9.1đ
ApacheCloudStack
The Proxmox extension for Apache CloudStack allows unauthorized cross-tenant access to virtual machines due to improper validation of the proxmox_vmid setting.
CVSS Base9.1
â
CRSSelect profile
CVE-2026-42302
9.8đ
FastGPTFastGPT
An unauthenticated RCE vulnerability in FastGPT's agent-sandbox component stems from insecure default configurations in the startup script.
CVSS Base9.8
â
CRSSelect profile
CVE-2026-41500
9.8đ
GitHubElecterm
A command injection vulnerability in Electerm allows attackers to execute arbitrary code by supplying a malicious release name.
CVSS Base9.8
â
CRSSelect profile
CVE-2026-41501
9.8đ
Linuxelecterm
A command injection vulnerability exists in electerm prior to version 3.3.8, where remote version strings are unsafely passed to system commands.
CVSS Base9.8
â
CRSSelect profile
CVE-2026-43941
9.6đ
ElectermElecterm
A vulnerability in Electerm's terminal hyperlink handler allows arbitrary code execution or local file access when a user clicks a malicious link.
CVSS Base9.6
â
CRSSelect profile
CVE-2026-42298
10đ
GitHubPostiz
A "Pwn Request" vulnerability in Postiz allows unauthenticated users to execute arbitrary code via malicious pull requests, leading to credential exfiltration.
CVSS Base10
â
CRSSelect profile
CVE-2013-10075
9.1đđ Late Disclosure
ApacheApache::Session
Apache::Session for Perl fails to properly handle session deletion, allowing for the potential revival of deleted session data.
CVSS Base9.1
â
CRSSelect profile
CVE-2026-43944
9.6đ
electermelecterm
The electerm client is vulnerable to local code execution via maliciously crafted deep links or command-line options.
CVSS Base9.6
â
CRSSelect profile
CVE-2026-41070
10
LinuxMultiple Products
openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on (SSO) auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-oauth2 is deployed in the experimental plugin mode (shared library loaded by OpenVPN via the plugin directive), clients that do not support WebAuth/SSO (e.g., the openvpn CLI on Linux) are incorrectly admitted to the VPN despite being denied by the authentication logic. The default management-interface mode is not affected because it does not use the OpenVPN plugin return-code mechanism. This issue has been patched in version 1.27.3.
CVSS Base10
â
CRSSelect profile
CVE-2026-38360
9.8
fohrloop dashMultiple Products
Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the dash_uploader/httprequesthandler.py, aseHttpRequestHandler.get_temp_root(), BaseHttpRequestHandler._post() components
CVSS Base9.8
â
CRSSelect profile
CVE-2023-46453
9.8đ Late Disclosure
CertainMultiple Products
Certain GL.iNet devices with 4.x firmware allow authentication bypass (resulting in administrative control of the device) via a username that is both a valid SQL statement and a valid regular expression. For example, this affects version 4.3.7 on GL-MT3000 GL-AR300M GL-B1300 GL-AX1800 GL-AR750S GL-MT2500 GL-AXT1800 GL-X3000 and GL-SFT1200.
CVSS Base9.8
â
CRSSelect profile
CVE-2026-8153
9.8đ
Universal RobotsPolyScope
Universal Robots PolyScope contains an OS command injection vulnerability in the Dashboard Server interface.
CVSS Base9.8
â
CRSSelect profile
CVE-2026-41507
9.8đ
math-codegenmath-codegen
The math-codegen library is vulnerable to RCE because it injects unsanitized string literals into a new Function body.
CVSS Base9.8
â
CRSSelect profile
CVE-2026-41583
9.1
CanonMultiple Products
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-script version 5.0.2, after a refactoring, Zebra failed to validate a consensus rule that restricted the possible values of sighash hash types for V5 transactions which were enabled in the NU5 network upgrade. Zebra nodes could thus accept and eventually mine a block that would be considered invalid by zcashd nodes, creating a consensus split between Zebra and zcashd nodes. In a similar vein, for V4 transactions, Zebra mistakenly used the "canonical" hash type when computing the sighash while zcashd (correctly per the spec) uses the raw value, which could also crate a consensus split. This issue has been patched in zebrad version 4.3.1 and zebra-script version 5.0.2.
CVSS Base9.1
â
CRSSelect profile
CVE-2026-42193
9.1đ
AWSSES
The Plunk email platform fails to verify SNS signatures, allowing unauthenticated attackers to forge webhook requests.
CVSS Base9.1
â
CRSSelect profile
CVE-2026-42354
9.1đ
SentrySentry
Sentry's SAML SSO implementation is vulnerable to an account takeover flaw when using a malicious SAML Identity Provider.
CVSS Base9.1
â
CRSSelect profile
CVE-2026-44313
9.1
ArchMultiple Products
Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. Prior to version 2.13.0, a Server-Side Request Forgery (SSRF) vulnerability in the fetchTitleAndHeaders function allows authenticated users to make arbitrary HTTP requests to internal services due to insufficient URL validation that only checks for "http://" or "https://" prefixes. This issue has been patched in version 2.13.0.
CVSS Base9.1
â
CRSSelect profile
â ī¸
High Priority Updates
CVE-2026-32207
8.8
AzureMachine Learning
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2026-35435
8.6
AzureAI Foundry
Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network
CVSS Base8.6
â
CRSSelect profile
CVE-2026-44339
8.6
Teamssystem
PraisonAI is a multi-agent teams system
CVSS Base8.6
â
CRSSelect profile
CVE-2026-44334
8.4
teamsrepo
PraisonAI is a multi-agent teams system
CVSS Base8.4
â
CRSSelect profile
CVE-2026-34327
8.2
MicrosoftPartner Center
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network
CVSS Base8.2
â
CRSSelect profile
CVE-2026-41105
8.1
AzureNotification Service
Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network
CVSS Base8.1
â
CRSSelect profile
CVE-2026-41496
8.1
Teamssystem
PraisonAI is a multi-agent teams system
CVSS Base8.1
â
CRSSelect profile
CVE-2026-41570
7.8
HPINI settings
PHPUnit is a testing framework for PHP
CVSS Base7.8
â
CRSSelect profile
CVE-2026-42224
7.6
HPprojects
ipl/web is a set of common web components for php projects
CVSS Base7.6
â
CRSSelect profile
CVE-2026-33111
7.5
MicrosoftEdge
Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network
CVSS Base7.5
â
CRSSelect profile
CVE-2026-5127
8.8
WordPressis vulnerable
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to Deserialization of Untrusted Data in versions up to, and including, 4
CVSS Base8.8
â
CRSSelect profile
CVE-2026-42501
7.5
UnknownMultiple Products
A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation
CVSS Base7.5
â
CRSSelect profile
CVE-2026-4935
8.6
WordPressplugin before
The OttoKit: All-in-One Automation Platform WordPress plugin before 1
CVSS Base8.6
â
CRSSelect profile
CVE-2026-8092
8.1
ThunderbirdMultiple Products
Memory safety bugs present in Thunderbird ESR 140
CVSS Base8.1
â
CRSSelect profile
CVE-2026-8093
8.1
MemoryMultiple Products
Memory safety bugs present in Thunderbird 150
CVSS Base8.1
â
CRSSelect profile
CVE-2026-39816
8.8
ApacheNiFi
The optional extension component TinkerpopClientService is missing the Restricted annotation with the Execute Code Required Permission in Apache NiFi 2
CVSS Base8.8
â
CRSSelect profile
CVE-2026-8148
7.8
WindowsMultiple Products
NAVER MYBOX Explorer for Windows before 3
CVSS Base7.8
â
CRSSelect profile
CVE-2026-41905
7.7
LGMultiple Products
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework
CVSS Base7.7
â
CRSSelect profile
CVE-2026-41904
7.6
HPMultiple Products
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework
CVSS Base7.6
â
CRSSelect profile
CVE-2026-39836
7.5
UnknownMultiple Products
The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0)
CVSS Base7.5
â
CRSSelect profile
CVE-2026-44340
7.5
teamsMultiple Products
PraisonAI is a multi-agent teams system
CVSS Base7.5
â
CRSSelect profile
CVE-2026-33588
8.1
Dockercontainer via
Lack of user input validation in the file upload functionality of Open Notebook v1
CVSS Base8.1
â
CRSSelect profile
CVE-2025-66467
8
ApacheCloudStack allows
Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned
CVSS Base8
â
CRSSelect profile
CVE-2026-42352
8.6
PythonMultiple Products
pygeoapi is a Python server implementation of the OGC API suite of standards
CVSS Base8.6
â
CRSSelect profile
CVE-2026-42301
7.8
FedoraRPM spec
pyp2spec generates working Fedora RPM spec file for Python projects
CVSS Base7.8
â
CRSSelect profile
CVE-2026-42296
8.1
KubernetesMultiple Products
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes
CVSS Base8.1
â
CRSSelect profile
CVE-2024-27686
7.5đ Late Disclosure
MikroTikRouterOS
Mikrotik RouterOS (x86) 6
CVSS Base7.5
â
CRSSelect profile
CVE-2026-42215
8.8
UnknownMultiple Products
GitPython is a python library used to interact with Git repositories
CVSS Base8.8
â
CRSSelect profile
CVE-2026-42205
8.8
UnknownMultiple Products
Avo is a framework to create admin panels for Ruby on Rails apps
CVSS Base8.8
â
CRSSelect profile
CVE-2026-43940
8.4
ftpMultiple Products
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client
CVSS Base8.4
â
CRSSelect profile
CVE-2025-1978
8.3
Hitachi StorageMultiple Products
Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28
CVSS Base8.3
â
CRSSelect profile
CVE-2026-42284
8.1
UnknownMultiple Products
GitPython is a python library used to interact with Git repositories
CVSS Base8.1
â
CRSSelect profile
CVE-2026-42452
8.1
basedMultiple Products
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities
CVSS Base8.1
â
CRSSelect profile
CVE-2026-5787
8.9
beforeEPMM before
An Improper Certificate Validation in Ivanti EPMM before versions 12
CVSS Base8.9
â
CRSSelect profile
CVE-2026-5786
8.8
Ivanti EPMM beforeEPMM before
An Improper Access Control vulnerability in Ivanti EPMM before versions 12
CVSS Base8.8
â
CRSSelect profile
CVE-2026-8138
8.8
TendaCX12L
A vulnerability was found in Tenda CX12L 16
CVSS Base8.8
â
CRSSelect profile
CVE-2026-44244
7.8
UnknownMultiple Products
GitPython is a python library used to interact with Git repositories
CVSS Base7.8
â
CRSSelect profile
CVE-2026-43943
7.8
ftpMultiple Products
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client
CVSS Base7.8
â
CRSSelect profile
CVE-2026-33811
7.5
WhenMultiple Products
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash
CVSS Base7.5
â
CRSSelect profile
CVE-2026-39820
7.5
UnknownMultiple Products
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations
CVSS Base7.5
â
CRSSelect profile
CVE-2026-42189
7.5
SSHMultiple Products
Russh is a Rust SSH client & server library
CVSS Base7.5
â
CRSSelect profile
CVE-2026-42271
8.8
proxyMultiple Products
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format
CVSS Base8.8
â
CRSSelect profile
CVE-2026-42275
8.7
UnknownMultiple Products
zrok is software for sharing web services, files, and network resources
CVSS Base8.7
â
CRSSelect profile
CVE-2026-41422
8.3
UnknownMultiple Products
Daptin is a GraphQL/JSON-API headless CMS
CVSS Base8.3
â
CRSSelect profile
CVE-2026-43284
7.8
Linuxkernel
In the Linux kernel, the following vulnerability has been resolved:
xfrm: esp: avoid in-place decrypt on shared skb frags
MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb
CVSS Base7.8
â
CRSSelect profile
CVE-2026-7807
8.1
priorMultiple Products
SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/{type} API endpoint that allows authenticated users to read arbitrary
CVSS Base8.1
â
CRSSelect profile
CVE-2024-43384
8đ Late Disclosure
InforMultiple Products
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer
CVSS Base8
â
CRSSelect profile
CVE-2026-41642
7.5
BorderMultiple Products
GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language
CVSS Base7.5
â
CRSSelect profile
CVE-2026-41643
7.5
BorderMultiple Products
GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language
CVSS Base7.5
â
CRSSelect profile
CVE-2026-42285
7.5
BorderMultiple Products
GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language
CVSS Base7.5
â
CRSSelect profile
CVE-2025-68060
7.6
WPMart Team MemberMultiple Products
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPMart Team Member allows Blind SQL Injection
CVSS Base7.6
â
CRSSelect profile
CVE-2026-42556
8.9
UnknownMultiple Products
Postiz is an AI social media scheduling tool
CVSS Base8.9
â
CRSSelect profile
CVE-2026-3953
8.8
Gosoft SoftwareMultiple Products
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Gosoft Software Industry and Trade Ltd
CVSS Base8.8
â
CRSSelect profile
CVE-2026-5784
8.8
DivvyDriveMultiple Products
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information Technologies Inc
CVSS Base8.8
â
CRSSelect profile
CVE-2026-6002
8.8
DivvyDriveMultiple Products
Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in DivvyDrive Information Technologies Inc
CVSS Base8.8
â
CRSSelect profile
CVE-2026-30495
8.8
UnknownMultiple Products
The Optoma CinemaX P2 projector (firmware TVOS-04
CVSS Base8.8
â
CRSSelect profile
CVE-2025-63705
8.8
UnknownMultiple Products
NPM package node-ts-ocr 1
CVSS Base8.8
â
CRSSelect profile
CVE-2026-41900
8.8
UnknownMultiple Products
OpenLearnX is an open-source, decentralized learning and assessment platform
CVSS Base8.8
â
CRSSelect profile
CVE-2026-8137
8.8
TotolinkMultiple Products
A vulnerability has been found in Totolink X5000R 9
CVSS Base8.8
â
CRSSelect profile
CVE-2026-29202
8.8
UnknownMultiple Products
Insufficient input validation of the `plugin` parameter of the `create_user` plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user
CVSS Base8.8
â
CRSSelect profile
CVE-2026-29203
8.8
UnknownMultiple Products
A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories
CVSS Base8.8
â
CRSSelect profile
CVE-2026-41505
8.7
UnknownMultiple Products
RELATE is a web-based courseware package
CVSS Base8.7
â
CRSSelect profile
CVE-2026-41524
8.7
BraveMultiple Products
Brave CMS is an open-source CMS
CVSS Base8.7
â
CRSSelect profile
CVE-2026-42047
8.6
InforMultiple Products
Inngest is a platform for running event-driven and scheduled background functions with queueing, retries, and step orchestration
CVSS Base8.6
â
CRSSelect profile
CVE-2026-41683
8.6
UnknownMultiple Products
i18next-http-middleware is a middleware to be used with Node
CVSS Base8.6
â
CRSSelect profile
CVE-2026-41690
8.6
UnknownMultiple Products
18next-http-middleware is a middleware to be used with Node
CVSS Base8.6
â
CRSSelect profile
CVE-2026-41705
8.6
SpringMultiple Products
Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs
CVSS Base8.6
â
CRSSelect profile
CVE-2026-42449
8.5
MCPMultiple Products
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations
CVSS Base8.5
â
CRSSelect profile
CVE-2025-14341
8.3
DivvyDriveMultiple Products
Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc
CVSS Base8.3
â
CRSSelect profile
CVE-2026-41490
8.3
DeltaMultiple Products
Dagster is an orchestration platform for the development, production, and observation of data assets
CVSS Base8.3
â
CRSSelect profile
CVE-2026-29972
8.2
nanoMODBUSMultiple Products
nanoMODBUS through v1
CVSS Base8.2
â
CRSSelect profile
CVE-2026-41693
8.2
UnknownMultiple Products
i18next-fs-backend is a backend layer for i18next using in Node
CVSS Base8.2
â
CRSSelect profile
CVE-2026-42353
8.2
UnknownMultiple Products
i18next-http-middleware is a middleware to be used with Node
CVSS Base8.2
â
CRSSelect profile
CVE-2026-42239
8.1
UnknownMultiple Products
Budibase is an open-source low-code platform
CVSS Base8.1
â
CRSSelect profile
CVE-2022-50994
8.1đ Late Disclosure
DrayTekMultiple Products
DrayTek Vigor 2960 firmware versions prior to 1
CVSS Base8.1
â
CRSSelect profile
CVE-2026-41491
8.1
UnknownMultiple Products
Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge
CVSS Base8.1
â
CRSSelect profile
CVE-2026-41883
8.1
UnknownMultiple Products
OmniFaces is a utility library for Faces
CVSS Base8.1
â
CRSSelect profile
CVE-2026-8178
8.1
priorMultiple Products
An issue exists in Amazon Redshift JDBC Driver versions prior to 2
CVSS Base8.1
â
CRSSelect profile
CVE-2026-44400
8.1
EnterpriseMultiple Products
MailEnable Enterprise Premium 10
CVSS Base8.1
â
CRSSelect profile
CVE-2026-6665
8.1
PgBouncerMultiple Products
The SCRAM code in PgBouncer before 1
CVSS Base8.1
â
CRSSelect profile
CVE-2026-41520
7.9
UnknownMultiple Products
Cilium is a networking, observability, and security solution with an eBPF-based dataplane
CVSS Base7.9
â
CRSSelect profile
CVE-2026-28201
7.8
UnknownMultiple Products
An improper input validation, together with an overly permissive default CORS configuration in Open Notebook v1
CVSS Base7.8
â
CRSSelect profile
CVE-2026-42214
7.8
NotepadMultiple Products
Notepad Next is a cross-platform, reimplementation of Notepad++
CVSS Base7.8
â
CRSSelect profile
CVE-2022-26522
7.8đ Late Disclosure
UnknownMultiple Products
The socket connection handler in aswArPot
CVSS Base7.8
â
CRSSelect profile
CVE-2026-41688
7.7
UnknownMultiple Products
Wallos is an open-source, self-hostable personal subscription tracker
CVSS Base7.7
â
CRSSelect profile
CVE-2026-42345
7.7
UnknownMultiple Products
FastGPT is an AI Agent building platform
CVSS Base7.7
â
CRSSelect profile
CVE-2026-43510
7.6
UnknownMultiple Products
manage
CVSS Base7.6
â
CRSSelect profile
CVE-2025-65122
7.5
throughMultiple Products
Regex Denial of Service in youtube-regex npm package through version 1
CVSS Base7.5
â
CRSSelect profile
CVE-2026-33814
7.5
valueMultiple Products
When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0
CVSS Base7.5
â
CRSSelect profile
CVE-2026-42499
7.5
UnknownMultiple Products
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322
CVSS Base7.5
â
CRSSelect profile
CVE-2026-26129
7.5
InforMultiple Products
Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network
CVSS Base7.5
â
CRSSelect profile
CVE-2026-26164
7.5
InforMultiple Products
Improper neutralization of special elements in output used by a downstream component ('injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network
CVSS Base7.5
â
CRSSelect profile
CVE-2024-46508
7.5đ Late Disclosure
yetiMultiple Products
yeti-platform yeti before 2
CVSS Base7.5
â
CRSSelect profile
CVE-2026-38361
7.5
UnknownMultiple Products
An issue in fohrloop dash-uploader v
CVSS Base7.5
â
CRSSelect profile
CVE-2026-41584
7.5
UnknownMultiple Products
ZEBRA is a Zcash node written entirely in Rust
CVSS Base7.5
â
CRSSelect profile
CVE-2026-44498
7.5
UnknownMultiple Products
ZEBRA is a Zcash node written entirely in Rust
CVSS Base7.5
â
CRSSelect profile
CVE-2026-29974
7.5
kosmaMultiple Products
An issue was discovered in kosma minmea 0
CVSS Base7.5
â
CRSSelect profile
CVE-2026-29975
7.5
streamingMultiple Products
lwjson 1
CVSS Base7.5
â
CRSSelect profile
CVE-2026-41886
7.5
UnknownMultiple Products
locize is a localization platform that connects code and i18n setup