Critical vulnerabilities, curated daily for security professionals
🎯 SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
📊
Today's Security Brief
Sunday's disclosures center on web-facing applications and developer infrastructure, with critical remote-code-execution and access-control flaws affecting WooCommerce, Prefect, and Flowise alongside several widely deployed WordPress plugins. The day brought 5 critical CVEs, down 37% from the prior day's 8, while high-priority volume rose 43% to 67. Notable entries include CVE-2026-5366 (CVSS 9.9) in Prefect, CVE-2022-50972 (CVSS 9.8) in WooCommerce, and CVE-2024-58351 (CVSS 9.8) in Flowise. Plugin- and platform-level weaknesses dominate the set, exposing content-management and workflow-orchestration systems to unauthenticated compromise, and four CVEs carry confirmed active exploitation across LiteSpeed, Joomla, Splunk, and Cisco SD-WAN Manager. No patches were referenced at disclosure for the scored set, so teams should prioritize compensating controls and vendor monitoring while fixes are validated.
Developer and orchestration infrastructure leads the day, with CVE-2026-5366 (CVSS 9.9) in Prefect and CVE-2024-58351 (CVSS 9.8) in Flowise exposing automation platforms to remote compromise
5 critical CVEs disclosed, a 37% decrease from the prior day's 8
67 high-priority CVEs disclosed, a 43% increase from the prior day's 47
Remote code execution and access-control bypass dominate, affecting WooCommerce, Branda, and multiple WordPress plugins
Patch availability stands at 0% across the scored set, leaving web-application and orchestration systems reliant on mitigations
Four CVEs show active exploitation, spanning LiteSpeed cPanel plugin, Joomla Content Editor, Splunk Enterprise/Cloud, and Cisco Catalyst SD-WAN Manager
Immediate action: Prioritize WordPress/WooCommerce environments, Prefect and Flowise deployments, and the actively exploited Splunk, Cisco SD-WAN Manager, LiteSpeed, and Joomla systems for immediate review and isolation where exposed. With no patches referenced at disclosure, apply WAF rules, restrict administrative and internet-facing access, and monitor vendor advisories closely for forthcoming fixes.
💡 Tip: Swipe CVE cards left to ⭐ star, right to ❌ remove
Section Navigation
⚠️
CISA Known Exploited Vulnerabilities
⚠️ CISA KEVURGENT
CVE-2026-54420
9.5📝
LiteSpeed TechnologiescPanel plugin
⏰ Federal Deadline:June 17, 2026(-3 days remaining)
A symlink mishandling vulnerability in the LiteSpeed cPanel plugin allows users with limited access to escalate privileges on shared hosting environments.
CVSS Base9.5
→
CRSSelect profile
⚠️ CISA KEVURGENT
CVE-2026-48907
9.5📝
Widget FactoryJoomla Content Editor
⏰ Federal Deadline:June 18, 2026(-2 days remaining)
An improper access control vulnerability in the Widget Factory Joomla Content Editor allows unauthorized users to perform restricted actions.
CVSS Base9.5
→
CRSSelect profile
⚠️ CISA KEV
CVE-2026-20253
9.5📝
SplunkEnterprise and Cloud Platform
⏰ Federal Deadline:June 20, 2026
Splunk Enterprise and Cloud Platform contain an authentication bypass vulnerability in a PostgreSQL sidecar service, allowing unauthenticated users to create or truncate arbitrary files.
CVSS Base9.5
→
CRSSelect profile
⚠️ CISA KEV
CVE-2026-20262
9.5📝
CiscoCatalyst SD-WAN Manager
⏰ Federal Deadline:June 28, 2026(8 days remaining)
Cisco Catalyst SD-WAN Manager contains an arbitrary file write vulnerability in its web UI, allowing authenticated remote attackers to escalate privileges to root.
CVSS Base9.5
→
CRSSelect profile
🚨
Critical Vulnerabilities
CVE-2019-25763
9.8📝📜 Late Disclosure
Brainstorm ForceUltimate Addons for Beaver Builder
Ultimate Addons for Beaver Builder contains an authentication bypass flaw in its social login functionality, allowing unauthorized access via crafted POST requests to the admin-ajax.php endpoint.
CVSS Base9.8
→
CRSSelect profile
CVE-2022-50972
9.8📝📜 Late Disclosure
WooCommerceWooCommerce
WooCommerce 7.1.0 contains a remote code execution vulnerability allowing attackers to inject arbitrary PHP code via the product-type parameter.
CVSS Base9.8
→
CRSSelect profile
CVE-2026-11551
9.8📝
IncsubBranda
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover, allowing unauthenticated attackers to change any user's password, including administrative accounts.
CVSS Base9.8
→
CRSSelect profile
CVE-2026-5366
9.9📝
PrefectPrefect
Prefect is vulnerable to remote code execution due to improper validation of user-controlled input in the GitRepository storage class, allowing attackers to inject arbitrary git flags.
CVSS Base9.9
→
CRSSelect profile
CVE-2024-58351
9.8📝📜 Late Disclosure
FlowiseFlowise
Flowise versions before 2.1.4 are vulnerable to remote code execution and sandbox escape via an insecure overrideConfig option in the Chainflow execution process.
CVSS Base9.8
→
CRSSelect profile
⚠️
High Priority Updates
CVE-2026-49260
8.2📝
PhpWeasyPrintPhpWeasyPrint
PhpWeasyPrint is a PHP library that facilitates PDF generation from URLs or HTML pages, containing a vulnerability that requires immediate remediation.
CVSS Base8.2
→
CRSSelect profile
CVE-2026-44822
8.2📝
MicrosoftOffice Excel
An out-of-bounds read vulnerability in Microsoft Office Excel allows an unauthorized attacker to disclose sensitive information over a network.
CVSS Base8.2
→
CRSSelect profile
CVE-2026-9843
8.1📝
WordPressDatabase for Contact Form 7, WPforms, Elementor forms plugin
The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient path validation in the view_page function.
CVSS Base8.1
→
CRSSelect profile
CVE-2025-38129
7.8📝
LinuxKernel
A use-after-free vulnerability in the Linux kernel's page_pool_recycle_in_ring function could lead to kernel instability or privilege escalation.
CVSS Base7.8
→
CRSSelect profile
CVE-2025-38250
7.8📝
Linux FoundationLinux Kernel
A use-after-free vulnerability exists in the Linux kernel's Bluetooth hci_core component within the vhci_flush function.
CVSS Base7.8
→
CRSSelect profile
CVE-2016-20091
7.8📝📜 Late Disclosure
MalwarebytesWindows Firewall Control
A vulnerability in Malwarebytes Windows Firewall Control may allow for unauthorized security policy manipulation.
CVSS Base7.8
→
CRSSelect profile
CVE-2017-20275
8.2📝📜 Late Disclosure
JoomlaPHP-Bridge
An unauthenticated remote code execution vulnerability exists in the Joomla PHP-Bridge component due to improper input validation.
CVSS Base8.2
→
CRSSelect profile
CVE-2026-49286
8.1📝
PhpWeasyPrintPhpWeasyPrint
PhpWeasyPrint is susceptible to security vulnerabilities due to its functionality as a PHP library for PDF generation from URLs or HTML pages.
CVSS Base8.1
→
CRSSelect profile
CVE-2026-56345
8.1📝
AVideoAVideo
AVideo versions through 29 contain a security vulnerability within its endpoint architecture that requires immediate investigation and patching.
CVSS Base8.1
→
CRSSelect profile
CVE-2017-20271
8.2📝📜 Late Disclosure
JoomlaStreetGuessr Game
The StreetGuessr Game extension for Joomla is affected by an unspecified vulnerability that may allow for unauthorized system impact.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20272
8.2📝📜 Late Disclosure
JoomlaUltimate Property Listing
The Ultimate Property Listing extension for Joomla is affected by an unspecified vulnerability that may allow for unauthorized system impact.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20273
8.2📝📜 Late Disclosure
JoomlaEvent Registration Pro Calendar
A vulnerability exists in the Joomla Event Registration Pro Calendar 4 extension, potentially allowing for unauthorized exploitation of the application.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20274
8.2📝📜 Late Disclosure
JoomlaLMS King Professional
A security vulnerability in the Joomla LMS King Professional 3 extension could potentially be exploited to compromise the integrity of the learning management system.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20277
8.2📝📜 Late Disclosure
JoomlaJoomRecipe
A vulnerability in the Joomla JoomRecipe 1 extension may allow for unauthorized access, potentially impacting the security of the affected Joomla site.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20278
8.2📝📜 Late Disclosure
JoomlaJoomRecipe Component
The JoomRecipe component for Joomla contains a high-severity vulnerability that may allow for unauthorized system access or data manipulation.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20279
8.2📝📜 Late Disclosure
JoomlaPayage Component
The Payage component for Joomla contains a high-severity vulnerability that may facilitate unauthorized access or administrative function manipulation.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20280
8.2📝📜 Late Disclosure
JoomlaMyportfolio Component
The Myportfolio component for Joomla is susceptible to a high-severity vulnerability that may allow for unauthorized system interaction.
CVSS Base8.2
→
CRSSelect profile
CVE-2019-25748
8.2📝📜 Late Disclosure
JoomlaJHotelReservation
A vulnerability exists in the Joomla JHotelReservation component that may allow for unauthorized system access.
CVSS Base8.2
→
CRSSelect profile
CVE-2019-25750
8.2📝📜 Late Disclosure
JoomlaJ-MultipleHotelReservation
A vulnerability in the J-MultipleHotelReservation component for Joomla could lead to unauthorized system compromise.
CVSS Base8.2
→
CRSSelect profile
CVE-2019-25751
8.2📝📜 Late Disclosure
JoomlaJ-ClassifiedsManager
A vulnerability within the J-ClassifiedsManager component for Joomla may allow attackers to compromise the application.
CVSS Base8.2
→
CRSSelect profile
CVE-2019-25754
8.2📝📜 Late Disclosure
JoomlaComponent vRestaurant
A vulnerability exists in the Joomla Component vRestaurant that may allow for unauthorized system access or manipulation.
CVSS Base8.2
→
CRSSelect profile
CVE-2019-25755
8.2📝📜 Late Disclosure
JoomlaComponent vReview
A vulnerability exists in the Joomla Component vReview that may allow for unauthorized system access or manipulation.
CVSS Base8.2
→
CRSSelect profile
CVE-2026-31708
8.1📝
LinuxKernel
A vulnerability exists in the Linux kernel's smb client, specifically within the smb2_ioctl_query_info function, involving an out-of-bounds read.
CVSS Base8.1
→
CRSSelect profile
CVE-2016-20085
7.8📝📜 Late Disclosure
RealtekHigh Definition Audio Driver
A vulnerability exists in the Realtek High Definition Audio Driver that may allow for unauthorized system interaction or privilege escalation.
CVSS Base7.8
→
CRSSelect profile
CVE-2020-37252
7.8📝📜 Late Disclosure
RealtekAudio Service
A security flaw in the Realtek Audio Service may allow an attacker to manipulate service operations, potentially leading to privilege escalation or system instability.
CVSS Base7.8
→
CRSSelect profile
CVE-2025-21863
7.8📝
Linuxkernel
A vulnerability in the Linux kernel's io_uring subsystem allows for improper opcode sanitization, potentially leading to speculative execution-based attacks.
CVSS Base7.8
→
CRSSelect profile
CVE-2026-49340
8.1📝
gonicgonic
The gonic music streaming server and Subsonic API implementation contains a security vulnerability that may impact server stability or data access.
CVSS Base8.1
→
CRSSelect profile
CVE-2016-20089
7.8📝📜 Late Disclosure
IperiusIperius Remote
Iperius Remote 1 contains a security vulnerability that may allow for unauthorized access or control within the remote desktop environment.
CVSS Base7.8
→
CRSSelect profile
CVE-2016-20095
7.8📝📜 Late Disclosure
Matrix42Remote Control Host
A security vulnerability exists in Matrix42 Remote Control Host 3 that may expose the system to unauthorized access or control.
CVSS Base7.8
→
CRSSelect profile
CVE-2026-56340
8.8📝
vLLMvLLM
A high-severity vulnerability has been identified in vLLM that could potentially lead to unauthorized system interactions or data exposure.
CVSS Base8.8
→
CRSSelect profile
CVE-2025-20701
8.8📝
UnknownMultiple Products
In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent
CVSS Base8.8
→
CRSSelect profile
CVE-2017-20268
8.2📝📜 Late Disclosure
JoomlaZap Calendar Lite
A high-severity vulnerability exists within the Zap Calendar Lite component for Joomla, potentially allowing unauthorized data access or remote exploitation.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20269
8.2📝📜 Late Disclosure
JoomlaKissGallery Component
A vulnerability exists in the Joomla KissGallery component that may allow for unauthorized access or system compromise.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20270
8.2📝📜 Late Disclosure
JoomlaTwitch Tv Component
A security vulnerability has been identified in the Joomla Twitch Tv component, which could expose the site to unauthorized exploitation.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20276
8.2📝📜 Late Disclosure
JoomlaSIMGenealogy Component
A vulnerability has been discovered in the Joomla SIMGenealogy component that could potentially be leveraged by an attacker to compromise the site.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20281
8.2📝📜 Late Disclosure
JoomlaExtra Search Component
The Joomla! Extra Search component contains an unspecified vulnerability that may allow for unauthorized access or system impact.
CVSS Base8.2
→
CRSSelect profile
CVE-2017-20282
8.2📝📜 Late Disclosure
JoomlajCart Component
The Joomla! jCart component for OpenCart contains an unspecified vulnerability that could permit unauthorized access or system manipulation.
CVSS Base8.2
→
CRSSelect profile
CVE-2019-25752
8.2📝📜 Late Disclosure
JoomlaJ-BusinessDirectory
The Joomla! J-BusinessDirectory component contains an unspecified vulnerability that may allow for unauthorized access or system impact.
CVSS Base8.2
→
CRSSelect profile
CVE-2019-25753
8.2📝📜 Late Disclosure
JoomlaVMap Component
The Joomla! VMap component contains an unspecified security vulnerability that may allow for unauthorized access or malicious activity within the application.
CVSS Base8.2
→
CRSSelect profile
CVE-2019-25756
8.2📝📜 Late Disclosure
JoomlavAccount Component
The Joomla! vAccount component contains an unspecified security vulnerability that may allow for unauthorized access or malicious activity within the application.
CVSS Base8.2
→
CRSSelect profile
CVE-2026-46720
8.2📝
Net::Statsd::TinyNet::Statsd::Tiny
A vulnerability in the Net::Statsd::Tiny package may allow an attacker to trigger unintended behaviors within the application's telemetry handling.
CVSS Base8.2
→
CRSSelect profile
CVE-2026-50637
8.2📝
CPAN (Metrics::Any)Metrics::Any::Adapter::Statsd
The Metrics::Any::Adapter::Statsd library contains a vulnerability affecting versions prior to the current release.
CVSS Base8.2
→
CRSSelect profile
CVE-2026-49291
8.1📝
MCPmcp-memory-service
The mcp-memory-service, a semantic memory layer for AI applications, is affected by a security vulnerability that may expose sensitive data or allow unauthorized system access.
CVSS Base8.1
→
CRSSelect profile
CVE-2021-27033
8.1📝📜 Late Disclosure
AutodeskDesign Review
A double-free vulnerability in Autodesk Design Review allows for potential arbitrary code execution when a user opens a maliciously crafted PDF file.
CVSS Base8.1
→
CRSSelect profile
CVE-2016-20086
7.8📝📜 Late Disclosure
VembuStoreGrid
Vembu StoreGrid 4 contains a security vulnerability that may allow for unauthorized system access or compromise.
CVSS Base7.8
→
CRSSelect profile
CVE-2016-20087
7.8📝📜 Late Disclosure
FortitudeHTTP Server
Fortitude HTTP 1 contains a security vulnerability that may allow for unauthorized system access or remote exploitation.
CVSS Base7.8
→
CRSSelect profile
CVE-2016-20088
7.8📝📜 Late Disclosure
ComodoChromodo Browser
Comodo Chromodo Browser version 52 is susceptible to a security vulnerability that may allow for unauthorized system compromise.
CVSS Base7.8
→
CRSSelect profile
CVE-2016-20090
7.8📝📜 Late Disclosure
ComodoDragon Browser
Comodo Dragon Browser versions up to 52 contain a security vulnerability that may facilitate unauthorized system access.
CVSS Base7.8
→
CRSSelect profile
CVE-2016-20092
7.8📝📜 Late Disclosure
NetDriveNetDrive 2
NetDrive 2 contains a security vulnerability that could potentially be leveraged by an attacker to compromise the affected system.
CVSS Base7.8
→
CRSSelect profile
CVE-2016-20093
7.8📝📜 Late Disclosure
WiseCleanerWise Care 365
A vulnerability in Wise Care 365 version 4 may expose the system to unauthorized access or potential compromise.
CVSS Base7.8
→
CRSSelect profile
CVE-2016-20094
7.8📝📜 Late Disclosure
AnyDesk Software GmbHAnyDesk
A security vulnerability identified in AnyDesk version 2 could potentially permit unauthorized access or system-level exploitation.
CVSS Base7.8
→
CRSSelect profile
CVE-2019-25747
7.8📝📜 Late Disclosure
LizardSystemsNetwork Inventory Advisor
A vulnerability in Network Inventory Advisor version 5 may allow for unauthorized access or potential compromise of the inventory management system.
CVSS Base7.8
→
CRSSelect profile
CVE-2020-37250
7.8📝📜 Late Disclosure
TFTPBroadband
A high-severity vulnerability has been identified in TFTP Broadband 4, potentially allowing unauthorized system interactions.
CVSS Base7.8
→
CRSSelect profile
CVE-2020-37251
7.8📝📜 Late Disclosure
RealTimesDesktop Service
A security vulnerability exists within RealTimes Desktop Service 18, which may expose the host system to unauthorized actions.
CVSS Base7.8
→
CRSSelect profile
CVE-2020-37253
7.8📝📜 Late Disclosure
WinstepWinstep
A high-severity vulnerability has been identified in Winstep 18, presenting a potential risk to the security and integrity of the host environment.
CVSS Base7.8
→
CRSSelect profile
CVE-2020-37254
7.8📝📜 Late Disclosure
WondersharePDFelement
A vulnerability exists in Wondershare PDFelement 5 that may allow for unauthorized system impact.
CVSS Base7.8
→
CRSSelect profile
CVE-2021-47985
7.8📝📜 Late Disclosure
BrotherSAPSprint
A vulnerability in Brother SAPSprint 7 could allow an attacker to compromise the integrity of the printing service.
CVSS Base7.8
→
CRSSelect profile
CVE-2022-50971
7.8📝📜 Late Disclosure
MalwarebytesMalwarebytes
A security vulnerability in Malwarebytes 4 could potentially lead to unauthorized access or system instability.
CVSS Base7.8
→
CRSSelect profile
CVE-2023-54353
7.8📝📜 Late Disclosure
PersonifyChromaCam
A vulnerability has been identified in Personify ChromaCam 4, potentially allowing for unauthorized system interaction.
CVSS Base7.8
→
CRSSelect profile
CVE-2025-71326
7.8📝
Gen Digital (Avast)Avast Antivirus
A high-severity vulnerability exists in Avast Antivirus 25 that could potentially be leveraged by an attacker to compromise host security.
CVSS Base7.8
→
CRSSelect profile
CVE-2026-12778
7.8📝
AOMEIPartition Assistant
A security vulnerability has been identified in AOMEI Partition Assistant up to version 10 that may permit unauthorized system access or manipulation.
CVSS Base7.8
→
CRSSelect profile
CVE-2026-12779
7.8📝
AOMEIDynamic Disk Manager
A vulnerability in AOMEI Dynamic Disk Manager up to version 10 may allow attackers to perform unauthorized operations on disk management functions.
CVSS Base7.8
→
CRSSelect profile
CVE-2026-12780
7.8📝
AOMEIBackupper
A security vulnerability has been discovered in AOMEI Backupper up to version 8, which could potentially expose backup data or system configurations to unauthorized access.
CVSS Base7.8
→
CRSSelect profile
CVE-2026-12781
7.8📝
EaseUSPartition Master
A security vulnerability has been identified in EaseUS Partition Master up to version 14 that could allow for unauthorized system or disk manipulation.
CVSS Base7.8
→
CRSSelect profile
CVE-2026-12782
7.8📝
EaseUSPartition Master
A security flaw exists in EaseUS Partition Master up to version 14 that may expose the system to unauthorized access or exploitation.
CVSS Base7.8
→
CRSSelect profile
CVE-2026-12784
7.8📝
IM-MagicPartition Resizer
A security weakness has been identified in IM-Magic Partition Resizer up to version 7 that could facilitate unauthorized system impact.
CVSS Base7.8
→
CRSSelect profile
CVE-2026-12786
7.8📝
EzbsystemsUltraISO Premium Edition
A security vulnerability found in Ezbsystems UltraISO Premium Edition up to version 9 could allow for unauthorized system impact.