Critical vulnerabilities, curated daily for security professionals
🎯 SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
📊
Today's Security Brief
Friday's disclosures center on widely deployed consumer and developer platforms, with two Google Chrome flaws, multiple WordPress vulnerabilities, and a Kubernetes platform issue affecting enterprise environments. Yesterday brought 19 critical CVEs (up 19% from 16) and 64 high-priority CVEs (down 36% from 100). Notable issues include CVE-2026-5229 (CVSS 9.8) in WordPress, CVE-2026-42589 (CVSS 9.8) in Docker Gotenberg, and CVE-2026-41615 (CVSS 9.6) in Microsoft Authenticator. Attack patterns lean toward remote code execution and authentication weaknesses across web platforms, container tooling, and identity services. No patches are currently flagged as available in today's data, so defenders should treat affected systems with compensating controls until vendor fixes ship.
Google Chrome carries two critical CVEs (CVE-2026-8511, CVE-2026-8580 at CVSS 9.6), impacting browser fleets across consumer and enterprise endpoints
Critical CVEs rose 19% to 19 disclosures, driven by web platforms, container tooling, and identity services
High-priority CVEs fell 36% to 64, narrowing the secondary triage queue
WordPress ecosystem shows two critical issues (CVE-2026-5229 at 9.8, CVE-2026-6512 at 9.1) alongside Docker Gotenberg RCE (CVE-2026-42589, CVSS 9.8)
Patch availability stands at 0%, requiring compensating controls for Chrome, WordPress, Kubernetes, and Microsoft Authenticator exposures
Two KEV entries confirm exploitation: CVE-2026-42208 in BerriAI LiteLLM (9.5) and CVE-2026-20182 in Cisco Catalyst SD (10.0)
Immediate action: Prioritize Google Chrome browser fleets, WordPress sites, Docker Gotenberg deployments, and Cisco Catalyst SD-WAN appliances, with attention to Microsoft Authenticator and Kubernetes control planes. With 0% patch availability reported, apply network segmentation, restrict administrative interfaces, and monitor for exploitation indicators on the two confirmed KEV entries while tracking vendor advisories for fixes.
💡 Tip: Swipe CVE cards left to ⭐ star, right to ❌ remove
Seven sandbox escapes in vm2 Node.js library disclosed in one day
Seven independent sandbox-escape vulnerabilities in the vm2 Node.js sandbox library were disclosed together on May 13-14, 2026. Each lets attacker-controlled JavaScript break out of the sandbox and run as the host Node.js process. All seven were patched in 3.11.0 or 3.11.2, but the cluster is the latest in a long pattern of vm2 escapes — the editorial recommendation is to migrate away from vm2, not just upgrade.
⚠️
CISA Known Exploited Vulnerabilities
⚠️ CISA KEVURGENT
CVE-2026-42208
9.5
BerriAILiteLLM
⏰ Federal Deadline:May 10, 2026(-4 days remaining)
BerriAI LiteLLM SQL Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
→
CRSSelect profile
⚠️ CISA KEVURGENT
CVE-2026-20182
10
CiscoCatalyst SD
⏰ Federal Deadline:May 16, 2026(2 days remaining)
May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show Control Connections guidance to help with system checks.
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.
CVSS Base10
→
CRSSelect profile
🚨
Critical Vulnerabilities
CVE-2026-8511
9.6📝
GoogleChrome prior
A use-after-free vulnerability in the Google Chrome UI allows remote attackers to perform a sandbox escape via a crafted HTML page.
CVSS Base9.6
→
CRSSelect profile
CVE-2026-8580
9.6📝
GoogleChrome prior
A use-after-free vulnerability in the Google Chrome Mojo component allows remote attackers to potentially perform a sandbox escape via a crafted HTML page.
CVSS Base9.6
→
CRSSelect profile
CVE-2026-44212
9.3📝
PrestaShopis an
A stored Cross-Site Scripting (XSS) vulnerability in PrestaShop allows unauthenticated attackers to trigger a back-office takeover via the Contact Us form.
CVSS Base9.3
→
CRSSelect profile
CVE-2026-42555
9.1📝
RitenseValtimo
The Valtimo platform is vulnerable to Remote Code Execution (RCE) via insecure Spring Expression Language (SpEL) evaluation in multiple components.
CVSS Base9.1
→
CRSSelect profile
CVE-2026-41615
9.6📝
MicrosoftAuthenticator allows
A vulnerability in Microsoft Authenticator allows an unauthorized attacker to disclose sensitive information over the network.
CVSS Base9.6
→
CRSSelect profile
CVE-2026-5229
9.8📝
WordPressis vulnerable
The Form Notify plugin for WordPress suffers from an authentication bypass vulnerability due to improper verification of user-controlled cookie data during LINE OAuth login.
CVSS Base9.8
→
CRSSelect profile
CVE-2026-8398
9.8📝
AVB Disc SoftDAEMON Tools Lite
A supply chain compromise of DAEMON Tools Lite resulted in the distribution of trojanized binaries signed with a legitimate certificate.
CVSS Base9.8
→
CRSSelect profile
CVE-2026-6512
9.1📝
WordPressis vulnerable
The InfusedWoo Pro plugin for WordPress is vulnerable to an authorization bypass that allows unauthenticated attackers to perform destructive actions on site content.
CVSS Base9.1
→
CRSSelect profile
CVE-2026-42589
9.8📝
DockerGotenberg
A command injection vulnerability in the Gotenberg PDF API allows unauthenticated remote attackers to execute OS commands via malicious JSON metadata.
CVSS Base9.8
→
CRSSelect profile
CVE-2026-42457
9📝
Kubernetesplatform for
A stored Cross-Site Scripting (XSS) vulnerability in the vCluster Platform allows attackers to execute arbitrary scripts and potentially escalate privileges.
CVSS Base9
→
CRSSelect profile
CVE-2026-42596
9.4📝
DockerGotenberg
A bypass of Gotenberg's URL deny-list allows an unauthenticated attacker to force the server to make outbound requests to internal-only targets.
CVSS Base9.4
→
CRSSelect profile
CVE-2026-44482
9.6📝
DiscordRich Presence
A vulnerability in the soundcloud-rpc Discord integration allows local command execution via malicious track metadata.
CVSS Base9.6
→
CRSSelect profile
CVE-2026-44592
9.4📝
NixOSmodule default
An authentication bypass in Gradient allows unauthorized users to register as workers and access job data across all organizations.
CVSS Base9.4
→
CRSSelect profile
CVE-2026-44542
9.1📝
FileBrowserFileBrowser Quantum
A directory traversal vulnerability in FileBrowser Quantum allows unauthenticated attackers with share access to delete arbitrary files.
CVSS Base9.1
→
CRSSelect profile
CVE-2026-8634
9.1📝
ABBCrabbox
Crabbox contains an environment variable exposure vulnerability that allows attackers to exfiltrate sensitive local secrets to remote command environments.
CVSS Base9.1
→
CRSSelect profile
CVE-2026-45375
9📝
SiYuanSiYuan
A stored Cross-Site Scripting (XSS) vulnerability in the SiYuan Marketplace allows attackers to execute arbitrary HTML/JS via malicious package metadata.
CVSS Base9
→
CRSSelect profile
CVE-2025-11024
9.8📝
Akilli CommerceE-Commerce Website
The Akilli Commerce E-Commerce Website is susceptible to Blind SQL Injection, allowing attackers to manipulate database queries via special characters.
CVSS Base9.8
→
CRSSelect profile
CVE-2026-44523
10📝
NoteNote Mark
The Note Mark application fails to enforce entropy or length requirements on JWT_SECRET configurations, significantly weakening authentication security.
CVSS Base10
→
CRSSelect profile
CVE-2026-2347
9.8📝
Authorization bypassE-Commerce Website
An authorization bypass vulnerability in Akilli Commerce E-Commerce Website allows for session hijacking via a user-controlled key.
CVSS Base9.8
→
CRSSelect profile
⚠️
High Priority Updates
CVE-2026-6637
8.8
PostgreSQLmodule
Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database
CVSS Base8.8
→
CRSSelect profile
CVE-2026-6473
8.8📝
PostgreSQLPostgreSQL
An integer wraparound vulnerability in PostgreSQL allows an unprivileged database user to cause out-of-bounds memory writes.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8509
8.8📝
GoogleChrome prior
A heap buffer overflow in the WebML component of Google Chrome allows for potential arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8518
8.8📝
GoogleChrome prior
A use-after-free vulnerability in the Blink rendering engine of Google Chrome allows for potential arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8522
8.8📝
GoogleChrome on
A use-after-free vulnerability in the Downloads component of Google Chrome on macOS allows for potential code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8529
8.8📝
GoogleChrome prior
A heap buffer overflow in the Codecs component of Google Chrome allows for potential arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8531
8.8📝
GoogleChrome on
A heap buffer overflow in the WebML component of Google Chrome on Windows allows for potential arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8544
8.8📝
GoogleChrome prior
A use-after-free vulnerability in the Media component of Google Chrome allows for potential arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8549
8.8📝
GoogleChrome prior
A use-after-free vulnerability in the Media component of Google Chrome allows for potential arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8551
8.8📝
GoogleChrome prior
A use-after-free vulnerability in the Downloads component of Google Chrome allows for potential arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8555
8.8📝
GoogleChrome on
A use-after-free vulnerability in the GTK component of Google Chrome on Windows allows for potential arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8581
8.8📝
GoogleChrome prior
A use-after-free vulnerability in the GPU component of Google Chrome allows for potential arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8587
8.8📝
GoogleChrome on
A use-after-free vulnerability exists within the Extensions component of Google Chrome on macOS, potentially allowing for arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8512
8.3📝
GoogleChrome prior
A use-after-free vulnerability in the FileSystem component of Google Chrome may lead to memory corruption and arbitrary code execution.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8513
8.3📝
GoogleChrome on
A use-after-free vulnerability in the Input handling component of Google Chrome on Android may allow for memory corruption.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8514
8.3📝
GoogleChrome prior
A use-after-free vulnerability in the Aura component of Google Chrome may lead to memory corruption and potential arbitrary code execution.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8515
8.3📝
GoogleChrome prior
A use-after-free vulnerability in the HID (Human Interface Device) component of Google Chrome may allow for arbitrary code execution.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8523
8.3📝
GoogleChrome prior
A use-after-free vulnerability in the Mojo IPC component of Google Chrome may lead to memory corruption and arbitrary code execution.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8525
8.3📝
GoogleChrome on
A heap buffer overflow in the ANGLE graphics library component of Google Chrome on macOS could lead to arbitrary code execution.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8530
8.3📝
GoogleChrome on
A use-after-free vulnerability in the Network component of Google Chrome on Windows may lead to arbitrary code execution.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8533
8.3📝
GoogleChrome prior
A use-after-free vulnerability in the Accessibility component of Google Chrome may lead to memory corruption and arbitrary code execution.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8542
8.3📝
GoogleChrome on
A use-after-free vulnerability in the Core component of Google Chrome on Windows could lead to arbitrary code execution.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8574
8.3📝
GoogleChrome on
A use-after-free vulnerability in the Core component of Google Chrome on Windows allows for potential arbitrary code execution.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8575
8.3📝
GoogleChrome prior
A use-after-free vulnerability exists in the UI component of Google Chrome, potentially allowing for arbitrary code execution.
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8517
8.8📝
GoogleChrome on
An object lifecycle issue in the WebShare component of Google Chrome on Mac allows for potential memory corruption and code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8519
8.8📝
GoogleChrome on
An integer overflow in the ANGLE graphics engine of Google Chrome on Windows allows for memory corruption and potential code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8524
8.8📝
GoogleChrome prior
An out-of-bounds write vulnerability in the WebAudio component of Google Chrome may lead to memory corruption and arbitrary code execution.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8526
8.8
GoogleChrome prior
Out of bounds write in WebRTC in Google Chrome prior to 148
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8527
8.8
GoogleChrome prior
Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8532
8.8
GoogleChrome prior
Integer overflow in XML in Google Chrome prior to 148
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8540
8.8
GoogleChrome prior
Type Confusion in V8 in Google Chrome prior to 148
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8577
8.8
GoogleChrome prior
Integer overflow in Fonts in Google Chrome prior to 148
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8520
8.3
GoogleChrome prior
Race in Payments in Google Chrome prior to 148
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8534
8.3
GoogleChrome on
Integer overflow in GPU in Google Chrome on Linux and ChromeOS prior to 148
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8548
8.3
GoogleChrome prior
Out of bounds write in Media in Google Chrome prior to 148
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8569
8.3
GoogleChrome on
Out of bounds write in Codecs in Google Chrome on Mac prior to 148
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8571
8.3
GoogleChrome on
Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148
CVSS Base8.3
→
CRSSelect profile
CVE-2026-8573
8.3
GoogleChrome on
Integer overflow in Codecs in Google Chrome on Windows prior to 148
CVSS Base8.3
→
CRSSelect profile
CVE-2026-6228
8.8
WordPressis vulnerable
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 3
CVSS Base8.8
→
CRSSelect profile
CVE-2026-20224
8.6
CiscoCatalyst SD
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system
CVSS Base8.6
→
CRSSelect profile
CVE-2026-44291
8.1
InforMultiple Products
protobufjs compiles protobuf definitions into JavaScript (JS) functions
CVSS Base8.1
→
CRSSelect profile
CVE-2026-6475
8.8
PostgreSQLpg
Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e
CVSS Base8.8
→
CRSSelect profile
CVE-2026-6477
8.8
PostgreSQLlibpq lo
Use of inherently dangerous function PQfn(
CVSS Base8.8
→
CRSSelect profile
CVE-2026-42595
8.6
DockerMultiple Products
Gotenberg is a Docker-powered stateless API for PDF files
CVSS Base8.6
→
CRSSelect profile
CVE-2026-42945
8.1
NginxPlus and
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module
CVSS Base8.1
→
CRSSelect profile
CVE-2026-40893
8.2
DockerMultiple Products
Gotenberg is a Docker-powered stateless API for PDF files
CVSS Base8.2
→
CRSSelect profile
CVE-2026-42590
8.2
DockerMultiple Products
Gotenberg is a Docker-powered stateless API for PDF files
CVSS Base8.2
→
CRSSelect profile
CVE-2026-42591
8.2
DockerMultiple Products
Gotenberg is a Docker-powered stateless API for PDF files
CVSS Base8.2
→
CRSSelect profile
CVE-2026-45369
8.3
UnknownMultiple Products
python-utcp is the python implementation of UTCP
CVSS Base8.3
→
CRSSelect profile
CVE-2026-43907
8.3
Signalthat no
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation
CVSS Base8.3
→
CRSSelect profile
CVE-2025-12008
8.8
APPYAP Technology andMultiple Products
Authorization bypass through User-Controlled key vulnerability in APPYAP Technology and Information Inc
CVSS Base8.8
→
CRSSelect profile
CVE-2025-15025
8.8
Yordam InformationMultiple Products
Authorization bypass through User-Controlled key vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc
CVSS Base8.8
→
CRSSelect profile
CVE-2026-42559
8.8
UnknownMultiple Products
RMCP is an official Rust SDK for the Model Context Protocol
CVSS Base8.8
→
CRSSelect profile
CVE-2026-44513
8.8
UnknownMultiple Products
Diffusers is the a library for pretrained diffusion models
CVSS Base8.8
→
CRSSelect profile
CVE-2026-44827
8.8
UnknownMultiple Products
Diffusers is the a library for pretrained diffusion models
CVSS Base8.8
→
CRSSelect profile
CVE-2025-15023
8.8
Yordam InformationMultiple Products
Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc
CVSS Base8.8
→
CRSSelect profile
CVE-2025-15024
8.8
Yordam InformationMultiple Products
Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc
CVSS Base8.8
→
CRSSelect profile
CVE-2026-8621
8.8
ABBMultiple Products
Crabbox prior to v0
CVSS Base8.8
→
CRSSelect profile
CVE-2026-43908
8.8
UnknownMultiple Products
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation
CVSS Base8.8
→
CRSSelect profile
CVE-2026-43909
8.8
UnknownMultiple Products
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation
CVSS Base8.8
→
CRSSelect profile
CVE-2026-2652
8.6
mlflowMultiple Products
A vulnerability in mlflow/mlflow versions 3
CVSS Base8.6
→
CRSSelect profile
CVE-2026-41964
8.4
webMultiple Products
Permission control vulnerability in the web
CVSS Base8.4
→
CRSSelect profile
CVE-2026-44586
8.3
UnknownMultiple Products
SiYuan is an open-source personal knowledge management system
CVSS Base8.3
→
CRSSelect profile
CVE-2026-20916
8.1
UnknownMultiple Products
An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system