Critical vulnerabilities, curated daily for security professionals
π― SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
π
Today's Security Brief
Tuesday's disclosures center on Microsoft Azure Local, SGLang AI runtimes, and WordPress, with multiple remote code execution flaws affecting widely deployed enterprise and developer infrastructure. The brief covers 10 critical CVEs (up 233% from yesterday's 3) and 35 high-priority vulnerabilities (up 52% from 23). Notable issues include CVE-2026-42822 (CVSS 10) in Azure Local Disconnected, CVE-2026-27130 (CVSS 9.9) in Dokploy deployment platform, and three SGLang multimodal runtime flaws (CVE-2026-7301, CVE-2026-7302, CVE-2026-7304). Attack patterns skew toward RCE and unauthenticated access against cloud orchestration, AI inference services, and WordPress ecosystems. No vendor patches are currently available across this batch, requiring compensating controls and exposure reduction as the primary near-term posture.
Microsoft Azure Local Disconnected hit with CVE-2026-42822 at maximum CVSS 10 severity
Critical CVE count rose 233% day-over-day, from 3 to 10
High-priority CVE count rose 52% day-over-day, from 23 to 35
Remote code execution dominates, with SGLang AI runtime (3 CVEs), Dokploy, lwIP, and WordPress all affected
Patch availability sits at 0% across the day's critical and high disclosures
Two actively exploited CVEs in the wild: Cisco Catalyst SD-WAN (CVE-2026-20182) and Microsoft (CVE-2026-42897)
Immediate action: Prioritize exposure reduction for Azure Local Disconnected, Dokploy, SGLang inference endpoints, and WordPress deployments, and verify Cisco Catalyst SD-WAN and affected Microsoft systems against the two actively exploited CVEs. With no vendor patches yet published for the critical batch, apply network segmentation, restrict management interface exposure, and monitor for indicators tied to the listed CVE IDs until fixes are released.
π‘ Tip: Swipe CVE cards left to β star, right to β remove
Section Navigation
β οΈ
CISA Known Exploited Vulnerabilities
β οΈ CISA KEVURGENT
CVE-2026-20182
9.5
CiscoCatalyst SD-WAN
β° Federal Deadline:May 16, 2026(-2 days remaining)
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-42897
9.5π
MicrosoftMicrosoft
β° Federal Deadline:May 28, 2026(10 days remaining)
A cross-site scripting (XSS) vulnerability in Microsoft Exchange Server allows unauthenticated attackers to perform spoofing over a network.
CVSS Base9.5
β
CRSSelect profile
π¨
Critical Vulnerabilities
CVE-2026-4885
9.8π
WordPressis vulnerable
The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to insufficient extension filtering, enabling unauthenticated remote code execution.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-42822
10π
AzureLocal Disconnected
Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to perform privilege escalation over the network.
CVSS Base10
β
CRSSelect profile
CVE-2026-7304
9.8π
SGLangsMultimodal Generation Runtime
The SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when custom logit processing is enabled, due to unsafe Python object deserialization.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-25244
9.8π
WebdriverIOWebdriverIO
WebdriverIO versions below 9.24.0 are vulnerable to command injection via unsanitized branch names, leading to remote code execution in test orchestration environments.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-7301
9.8π
SGLangsMultimodal Generation Runtime
The SGLangs scheduler binds its ROUTER socket to 0.0.0.0 and performs unsafe pickle deserialization on incoming messages, enabling unauthenticated remote code execution.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-8836
9.8π
lwIPlwIP
The snmpv3 USM Handler in lwIP up to 2.2.1 is vulnerable to a stack-based buffer overflow in the snmp_parse_inbound_frame function, allowing remote code execution.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-8838
9.8π
UnsafeRedshift Python Driver
The Amazon Redshift Python driver contains a critical vulnerability where `eval()` is used on server-received data, allowing a malicious server to trigger remote code execution on the client.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-27130
9.9π
DokployDokploy
Dokploy 0.26.6 and below contain an OS command injection vulnerability in the appName parameter, allowing authenticated attackers to execute arbitrary commands with server-level privileges.
CVSS Base9.9
β
CRSSelect profile
CVE-2026-45230
9.1π
DumbAssetsDumbAssets
DumbAssets contains a path traversal vulnerability in the file deletion API that allows unauthenticated attackers to delete arbitrary files, resulting in denial of service.
CVSS Base9.1
β
CRSSelect profile
CVE-2026-7302
9.1π
SGLangsMultimodal Generation Runtime
The SGLangs runtime is vulnerable to an unauthenticated path traversal attack, allowing remote attackers to write arbitrary files to the server's filesystem.
CVSS Base9.1
β
CRSSelect profile
β οΈ
High Priority Updates
CVE-2026-45495
8.8π
MicrosoftEdge
A Remote Code Execution (RCE) vulnerability exists in the Chromium-based Microsoft Edge browser.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3220
8.8
WordPressplugin before
The Autoptimize WordPress plugin before 3
CVSS Base8.8
β
CRSSelect profile
CVE-2026-6379
8.6
WordPressplugin before
The WP Photo Album Plus WordPress plugin before 9
CVSS Base8.6
β
CRSSelect profile
CVE-2026-6381
7.5
WordPressplugin before
The WP Maps WordPress plugin before 4
CVSS Base7.5
β
CRSSelect profile
CVE-2026-8813
7.5
exifreaderMultiple Products
This affects versions of the package exifreader before 4
CVSS Base7.5
β
CRSSelect profile
CVE-2026-6495
7.1
WordPressplugin before
The Ajax Load More WordPress plugin before 7
CVSS Base7.1
β
CRSSelect profile
CVE-2026-39079
7.5
PrestaShopupsshipping all
An issue in prestashop upsshipping all versions through at least 2
CVSS Base7.5
β
CRSSelect profile
CVE-2026-47310
7.8
Samsung Open SourceOpen Source
Use after free vulnerability in Samsung Open Source Escargot allows Pointer Manipulation
CVSS Base7.8
β
CRSSelect profile
CVE-2026-47311
7.8
Samsung Open SourceOpen Source
Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers
CVSS Base7.8
β
CRSSelect profile
CVE-2026-42009
7.5π
GnuTLSGnuTLS
A security flaw has been discovered in the GnuTLS library, a widely used implementation of the TLS and SSL protocols.
CVSS Base7.5
β
CRSSelect profile
CVE-2026-47314
7.8
Samsung Open SourceOpen Source
Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers
CVSS Base7.8
β
CRSSelect profile
CVE-2026-32323
7.3
VPNMultiple Products
Mullvad VPN is a VPN client app for desktop and mobile
CVSS Base7.3
β
CRSSelect profile
CVE-2026-7498
8.8
Basamak InformationMultiple Products
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Basamak Information Technology Consulting and Organization Trade Ltd
CVSS Base8.8
β
CRSSelect profile
CVE-2025-57282
8.8
UnknownMultiple Products
ngrok v4
CVSS Base8.8
β
CRSSelect profile
CVE-2026-41085
8.8
ThermoMultiple Products
Thermo Fisher Scientific Torrent Suite Dx through 5
CVSS Base8.8
β
CRSSelect profile
CVE-2026-27648
8.8
UnknownMultiple Products
in OpenHarmony v6
CVSS Base8.8
β
CRSSelect profile
CVE-2026-22069
7.3
UnknownMultiple Products
A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface
CVSS Base7.3
β
CRSSelect profile
CVE-2026-6346
8.7
MattermostMultiple Products
Mattermost versions 11
CVSS Base8.7
β
CRSSelect profile
CVE-2026-25781
8.4
UnknownMultiple Products
in OpenHarmony v6
CVSS Base8.4
β
CRSSelect profile
CVE-2026-46720
8.2
versionsMultiple Products
Net::Statsd::Tiny versions before 0
CVSS Base8.2
β
CRSSelect profile
CVE-2026-22810
8.2
importerMultiple Products
Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks
CVSS Base8.2
β
CRSSelect profile
CVE-2026-8851
8.1
AccessMultiple Products
SOGo 5
CVSS Base8.1
β
CRSSelect profile
CVE-2026-24792
8.1
UnknownMultiple Products
in OpenHarmony v6
CVSS Base8.1
β
CRSSelect profile
CVE-2026-47092
7.8
HUDMultiple Products
Claude HUD through 0
CVSS Base7.8
β
CRSSelect profile
CVE-2026-41948
7.7
DifyMultiple Products
Dify version 1
CVSS Base7.7
β
CRSSelect profile
CVE-2026-6347
7.6
MattermostMultiple Products
Mattermost versions 11
CVSS Base7.6
β
CRSSelect profile
CVE-2026-33233
7.6π
IntelWorkflow Automation Platform
A vulnerability has been identified in the AutoGPT workflow automation platform, which is used for managing continuous artificial intelligence agents.
CVSS Base7.6
β
CRSSelect profile
CVE-2025-56352
7.5
tinyMQTTMultiple Products
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), the broker mishandles protocol violations during CONNECT packet parsing
CVSS Base7.5
β
CRSSelect profile
CVE-2026-33232
7.5π
IntelWorkflow Automation Platform
A security flaw has been reported in the AutoGPT platform, impacting its functionality for creating and managing continuous artificial intelligence agents.
CVSS Base7.5
β
CRSSelect profile
CVE-2026-41947
7.4
DifyMultiple Products
Dify version 1
CVSS Base7.4
β
CRSSelect profile
CVE-2026-45245
7.4
priorMultiple Products
Summarize prior to 0
CVSS Base7.4
β
CRSSelect profile
CVE-2026-27891
7.2
ArchMultiple Products
FacturaScripts is an open source accounting and invoicing software
CVSS Base7.2
β
CRSSelect profile
CVE-2026-45242
7.1
priorMultiple Products
Summarize prior to 0
CVSS Base7.1
β
CRSSelect profile
CVE-2026-30950
7.1π
IntelWorkflow Automation Platform
A security vulnerability has been identified within the AutoGPT workflow automation platform, which facilitates the management of AI agents.