Critical vulnerabilities, curated daily for security professionals
π― SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
π
Today's Security Brief
Monday's brief is dominated by GeoVision vulnerabilities affecting GV-VMS video management software and LPC2011/LPC2211 devices, alongside critical flaws in Totolink WA300 routers and LG GV-IP Device Utility. The brief includes 7 critical CVEs (up 250% from 2) and 36 high-priority CVEs (down 64% from 100). Notable disclosures include CVE-2026-42369 (CVSS 10) and CVE-2026-42370 in GeoVision GV-VMS, plus CVE-2026-7719 in Totolink WA300. Network edge devices, video surveillance platforms, and IP camera utilities represent the primary attack surface, with 9 vulnerabilities under active exploitation across Microsoft Defender, D-Link, SimpleHelp, and ConnectWise products. Zero patches are currently available across the disclosed set, requiring compensating controls and network segmentation.
GeoVision accounts for five of seven critical CVEs, including a maximum-severity CVSS 10 flaw in GV-VMS
Critical CVEs increased 250% to 7 compared to 2 the prior day
High-priority CVEs decreased 64% to 36 from 100 the prior day
Network and surveillance infrastructure dominates with Totolink WA300, LG GV-IP, and GeoVision devices exposed
Patch availability stands at 0%, requiring network segmentation and access controls as interim mitigations
9 vulnerabilities show active exploitation across Microsoft Defender, SimpleHelp, ConnectWise ScreenConnect, and Linux Kernel
Immediate action: Prioritize isolation and access restriction for GeoVision GV-VMS deployments and LPC2011/LPC2211 devices, along with Totolink WA300 routers and LG GV-IP Device Utility installations. With 0% patch availability, defenders should restrict management interfaces to trusted networks, monitor for exploitation attempts against actively exploited products including SimpleHelp and ConnectWise ScreenConnect, and prepare patch deployment workflows for vendor releases.
π‘ Tip: Swipe CVE cards left to β star, right to β remove
Section Navigation
β οΈ
CISA Known Exploited Vulnerabilities
β οΈ CISA KEVURGENT
CVE-2026-33825
9.5
MicrosoftDefender
β° Federal Deadline:May 5, 2026(2 days remaining)
Microsoft Defender Insufficient Granularity of Access Control Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2026-39987
9.5
MarimoMarimo
β° Federal Deadline:May 6, 2026(3 days remaining)
Marimo Remote Code Execution Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2025-29635
9.5
D-LinkDIR-823X
β° Federal Deadline:May 7, 2026(4 days remaining)
D-Link DIR-823X Command Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2024-7399
9.5π Late Disclosure
SamsungMagicINFO 9 Server
β° Federal Deadline:May 7, 2026(4 days remaining)
Samsung MagicINFO 9 Server Path Traversal Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2024-57728
9.5π Late Disclosure
SimpleHelp SimpleHelp
β° Federal Deadline:May 7, 2026(4 days remaining)
SimpleHelp Path Traversal Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2024-57726
9.5π Late Disclosure
SimpleHelp SimpleHelp
β° Federal Deadline:May 7, 2026(4 days remaining)
SimpleHelp Missing Authorization Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2024-1708
9.5π Late Disclosure
ConnectWiseScreenConnect
β° Federal Deadline:May 11, 2026(8 days remaining)
ConnectWise ScreenConnect Path Traversal Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-32202
9.5
MicrosoftWindows
β° Federal Deadline:May 11, 2026(8 days remaining)
Microsoft Windows Protection Mechanism Failure Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-31431
9.5
LinuxKernel
β° Federal Deadline:May 14, 2026(11 days remaining)
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
π¨
Critical Vulnerabilities
CVE-2026-42364
9.9π
GeoVisionLPC2011/LPC2211
An OS command injection vulnerability in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 allows arbitrary command execution via crafted DDNS configuration.
CVSS Base9.9
β
CRSSelect profile
CVE-2026-7719
9.8π
TotolinkWA300
A buffer overflow vulnerability in the Totolink WA300 loginauth function allows remote attackers to execute arbitrary code via a manipulated http_host argument.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-42369
10π
GeoVisionGV-VMS
A stack-based buffer overflow in the GV-VMS WebCam Server gvapi endpoint allows remote attackers to gain SYSTEM-level code execution via a specially crafted HTTP Authorization header.
CVSS Base10
β
CRSSelect profile
CVE-2026-42368
9.9π
GeoVisionLPC2011/LPC2211
A privilege escalation vulnerability in the GeoVision LPC2011/LPC2211 web interface allows an attacker to execute privileged operations via a crafted HTTP request.
CVSS Base9.9
β
CRSSelect profile
CVE-2026-7161
9.3π
LGGV-IP Device Utility
An insufficient encryption vulnerability in the GeoVision GV-IP Device Utility allows attackers on the same LAN to decrypt administrative credentials from broadcast traffic.
CVSS Base9.3
β
CRSSelect profile
CVE-2026-42370
9π
GeoVisionGV-VMS
A stack overflow in the WebCam Server Login functionality of GeoVision GV-VMS 20.0.2 allows unauthenticated remote attackers to achieve arbitrary code execution.
CVSS Base9
β
CRSSelect profile
CVE-2026-7372
9π
GeoVisionGV-VMS
A stack overflow in the GeoVision GV-VMS WebCam Server login functionality allows unauthenticated attackers to gain SYSTEM-level code execution via unconstrained sscanf calls.
CVSS Base9
β
CRSSelect profile
β οΈ
High Priority Updates
CVE-2026-7489
8.8π
SunnetCTMS
Sunnet CTMS contains a SQL injection vulnerability that allows authenticated remote attackers to execute arbitrary database commands.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-2554
8.1
WordPressis vulnerable
The WCFM β Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6
CVSS Base8.1
β
CRSSelect profile
CVE-2026-4060
7.5
WordPressis vulnerable
The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'sort' parameter in all versions up to, and including, 1
CVSS Base7.5
β
CRSSelect profile
CVE-2026-4061
7.5
WordPressis vulnerable
The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'map_post_type' parameter in all versions up to, and including, 1
CVSS Base7.5
β
CRSSelect profile
CVE-2026-4062
7.5
WordPressis vulnerable
The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'object_ids' and 'exclude_object_ids' parameters in all versions up to, and including, 1
CVSS Base7.5
β
CRSSelect profile
CVE-2026-6320
7.5
WordPressis vulnerable
The Salon Booking System β Free Version plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 10
CVSS Base7.5
β
CRSSelect profile
CVE-2026-5324
7.2
WordPressis vulnerable
The Brizy β Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2
CVSS Base7.2
β
CRSSelect profile
CVE-2026-5063
7.2
WordPressplugin for
The NEX-Forms β Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in the submit_nex_form() function in versions up to, and including, 9
CVSS Base7.2
β
CRSSelect profile
CVE-2026-4100
7.1
WordPressis vulnerable
The Paid Memberships Pro plugin for WordPress is vulnerable to unauthorized modification and disruption of Stripe webhook configuration in all versions up to, and including, 3
CVSS Base7.1
β
CRSSelect profile
CVE-2026-7630
7.3
HPof the
A vulnerability has been found in innocommerce InnoShop up to 0
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7733
7.3
HPof the
A flaw has been found in funadmin up to 7
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7632
7.3
HPMultiple Products
A vulnerability was determined in code-projects Online Hospital Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7735
7.3π
F5GoBGP
A security vulnerability has been identified in the osrg GoBGP software, potentially allowing for unexpected behavior or unauthorized access.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7668
7.3
MikroTikRouterOS
A vulnerability was identified in MikroTik RouterOS 6
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7491
8.1
SchoolMultiple Products
School App developed by Zyosoft has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify a specific parameter to read and modify other users' data
CVSS Base8.1
β
CRSSelect profile
CVE-2026-7490
7.2
theMultiple Products
CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server
CVSS Base7.2
β
CRSSelect profile
CVE-2026-7674
8.8π
Shenzhen Libituo TechnologyLBT-T300-HW1
A vulnerability has been found in the Shenzhen Libituo Technology LBT-T300-HW1 device, which may allow for unauthorized system access.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-7675
8.8π
Shenzhen Libituo TechnologyLBT-T300-HW1
A high-severity vulnerability has been identified in the Shenzhen Libituo Technology LBT-T300-HW1 device, potentially allowing for unauthorized system impact.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-7684
8.8π
EdimaxBR-6428nC
A security vulnerability has been detected in the Edimax BR-6428nC router, which may allow for unauthorized system interaction.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-7685
8.8π
EdimaxBR-6208AC
A vulnerability has been identified in the Edimax BR-6208AC router, which may pose a risk to the security and integrity of the device.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-7717
8.8
TotolinkMultiple Products
A vulnerability was determined in Totolink WA300 5
CVSS Base8.8
β
CRSSelect profile
CVE-2026-42365
8.6π
GeoVisionLPC2011/LPC2211
A guessable session cookie vulnerability in the GeoVision LPC2011/LPC2211 web interface allows unauthorized access to administrative sessions.
CVSS Base8.6
β
CRSSelect profile
CVE-2026-42366
7.4
MultipleMultiple Products
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi
CVSS Base7.4
β
CRSSelect profile
CVE-2026-7371
7.4
MultipleMultiple Products
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi
CVSS Base7.4
β
CRSSelect profile
CVE-2026-7644
7.3
InforMultiple Products
A vulnerability has been found in ChatGPTNextWeb NextChat up to 2
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7670
7.3
JinherMultiple Products
A flaw has been found in Jinher OA 1
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7679
7.3π
GitHubyudao-cloud
A security vulnerability has been discovered in the YunaiV yudao-cloud platform, which may expose the system to unauthorized access or manipulation.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7694
7.3
ManagementMultiple Products
A flaw has been found in Acrel Electrical ECEMS Enterprise Microgrid Energy Efficiency Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7695
7.3
CloudMultiple Products
A vulnerability has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7698
7.3
ManagementMultiple Products
A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7703
7.3
MediaMultiple Products
A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7710
7.3π
YunaiVyudao-cloud
A security flaw has been identified in the YunaiV yudao-cloud platform that may allow for unauthorized access or system compromise.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7711
7.3π
MindsDBMindsDB
A security weakness has been identified in the MindsDB platform that could potentially be leveraged by an attacker to compromise system integrity.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7723
7.3π
PrefectHQprefect
A security flaw has been discovered in the PrefectHQ prefect orchestration platform that could lead to unauthorized system access.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7727
7.3π
Shandong Hoteam SoftwarePDM Product Data Management System
A critical security vulnerability has been identified in the Shandong Hoteam Software PDM system, which may permit unauthorized access to sensitive product data.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7736
7.3π
osrgGoBGP
A security vulnerability has been identified in the osrg GoBGP software that may impact network routing security and stability.