Critical vulnerabilities, curated daily for security professionals
π― SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
π
Today's Security Brief
Wednesday's vulnerability disclosures revealed 27 critical-severity CVEs, a 69% increase from the prior day, with HP products bearing the highest impact including a maximum-severity CVSS 10.0 code execution flaw (CVE-2026-39337). WordPress faced multiple critical vulnerabilities (CVE-2026-3296, CVE-2026-0740), while Google Web Fonts (CVE-2026-3535) and Apache ChurchCRM (CVE-2026-35573) also disclosed high-impact issues. Remote code execution and unauthorized access patterns dominate across enterprise collaboration tools, content management systems, and endpoint management platforms. No patches are currently available for any of the 127 disclosed vulnerabilities, and four CVEs have confirmed active exploitation including Fortinet FortiClient EMS and Google Dawn.
HP disclosed a maximum-severity CVSS 10.0 vulnerability (CVE-2026-39337) alongside multiple critical flaws affecting HP products
27 critical CVEs disclosed, up 69% from 16 the prior day; 100 high-priority CVEs remain steady
WordPress, Google, Apache, and SiYuan also affected by critical-severity vulnerabilities scoring 9.0 or higher
Remote code execution and unauthorized access patterns dominate, targeting enterprise collaboration platforms and content management systems
Patch availability stands at 0% across all 127 disclosed CVEs, requiring compensating controls
4 vulnerabilities have confirmed active exploitation, including Fortinet FortiClient EMS (CVE-2026-35616) and Google Dawn (CVE-2026-5281)
Immediate action: Prioritize risk assessment for HP products, WordPress installations, and Fortinet FortiClient EMS deployments, applying network-level mitigations such as access restrictions and monitoring where patches are unavailable. With zero patches currently available across all disclosed vulnerabilities, organizations should implement compensating controls, increase monitoring for exploitation indicators, and prepare for rapid patching as vendor updates are released.
π‘ Tip: Swipe CVE cards left to β star, right to β remove
Section Navigation
β οΈ
CISA Known Exploited Vulnerabilities
β οΈ CISA KEVURGENT
CVE-2026-35616
9.5π
FortinetFortiClient EMS
β° Federal Deadline:April 8, 2026(1 days remaining)
Fortinet FortiClientEMS versions 7.4.5 and 7.4.6 contain an improper access control vulnerability. Unauthenticated attackers can execute unauthorized code or commands via crafted requests.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2026-33634
9.5
AquasecurityTrivy
β° Federal Deadline:April 8, 2026(1 days remaining)
Aquasecurity Trivy Embedded Malicious Code Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2026-5281
9.5π
GoogleDawn
β° Federal Deadline:April 14, 2026(7 days remaining)
A use-after-free vulnerability exists in the Dawn component of Google Chrome. This flaw allows attackers to potentially execute arbitrary code or cause a denial-of-service via a crafted HTML page.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-3502
9.5
TrueConfClient
β° Federal Deadline:April 15, 2026(8 days remaining)
TrueConf Client Download of Code Without Integrity Check Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
π¨
Critical Vulnerabilities
CVE-2026-3535
9.8π
GoogleWeb Fonts
The Google Web Fonts GDPR plugin for WordPress is vulnerable to unauthenticated arbitrary file upload via the `DSGVOGWPdownloadGoogleFonts()` function, potentially leading to remote code execution.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-39355
9.9π
Teamsto themselves
A broken access control flaw in the Genealogy PHP application allows authenticated users to transfer ownership of arbitrary non-personal team workspaces to their own accounts.
CVSS Base9.9
β
CRSSelect profile
CVE-2026-3296
9.8π
WordPressis vulnerable
The Everest Forms WordPress plugin is vulnerable to PHP Object Injection via unsafe deserialization of user-supplied form metadata.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-39337
10
HPcode during
ChurchCRM is an open-source church management system. Prior to 7.1.0, critical pre-authentication remote code execution vulnerability in ChurchCRM's setup wizard allows unauthenticated attackers to inject arbitrary PHP code during the initial installation process, leading to complete server compromise. The "$dbPassword" variable is not sanitized. This vulnerability exists due to an incomplete fix for CVE-2025-62521. This vulnerability is fixed in 7.1.0.
CVSS Base10
β
CRSSelect profile
CVE-2021-4473
9.8π Late Disclosure
HPfiles into
Tianxin Internet Behavior Management System contains a command injection vulnerability in the Reporter component endpoint that allows unauthenticated attackers to execute arbitrary commands by supplying a crafted objClass parameter containing shell metacharacters and output redirection. Attackers can exploit this vulnerability to write malicious PHP files into the web root and achieve remote code execution with the privileges of the web server process. This vulnerability has been fixed in version NACFirmware_4.0.0.7_20210716.180815_topsec_0_basic.bin. Exploitation evidence was first observed by the Shadowserver Foundation on 2024-06-01 (UTC).
CVSS Base9.8
β
CRSSelect profile
CVE-2026-0740
9.8π
WordPressis vulnerable
The Ninja Forms File Uploads plugin is vulnerable to unauthenticated arbitrary file uploads, potentially leading to remote code execution.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-35573
9.1π
ApacheChurchCRM
ChurchCRM's backup restore functionality is vulnerable to path traversal, allowing authenticated administrators to overwrite configuration files and achieve remote code execution.
CVSS Base9.1
β
CRSSelect profile
CVE-2026-39339
9.1
HPMultiple Products
ChurchCRM is an open-source church management system. Prior to 7.1.0, a critical authentication bypass vulnerability in ChurchCRM's API middleware (ChurchCRM/Slim/Middleware/AuthMiddleware.php) allows unauthenticated attackers to access all protected API endpoints by including "api/public" anywhere in the request URL, leading to complete exposure of church member data and system information. This vulnerability is fixed in 7.1.0.
CVSS Base9.1
β
CRSSelect profile
CVE-2026-39846
9π
SiYuanSiYuan Desktop Client
SiYuan personal knowledge management system is vulnerable to stored XSS, which can lead to remote code execution in the Electron desktop client.
CVSS Base9
β
CRSSelect profile
CVE-2026-39305
9π
Teamssystem
A Path Traversal vulnerability in the PraisonAI Action Orchestrator allows attackers to read or write arbitrary files on the host system.
CVSS Base9
β
CRSSelect profile
CVE-2026-4003
9.8π
WordPressis vulnerable
The Users manager β PN WordPress plugin contains a privilege escalation flaw allowing unauthenticated attackers to modify arbitrary user metadata.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-5731
9.8
MemoryMultiple Products
Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149.0.2, Firefox ESR < 115.34.1, Firefox ESR < 140.9.1, Thunderbird < 149.0.2, and Thunderbird < 140.9.1.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-5734
9.8
MemoryMultiple Products
Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149.0.2, Firefox ESR < 140.9.1, Thunderbird < 149.0.2, and Thunderbird < 140.9.1.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-5735
9.8
MemoryMultiple Products
Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149.0.2 and Thunderbird < 149.0.2.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-4631
9.8π
CockpitCockpit
Cockpit's remote login feature is vulnerable to command injection via unsanitized input, allowing unauthenticated attackers to achieve remote code execution.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-21413
9.8π
LibRawLibRaw
A heap-based buffer overflow exists in LibRaw's `lossless_jpeg_load_raw` function, which can be triggered by a specially crafted malicious file.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-22679
9.8
ArchMultiple Products
Weaver (Fanwei) E-cology 10.0 versions prior toΒ 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking exposed debug functionality. Attackers can craft POST requests with attacker-controlled interfaceName and methodName parameters to reach command-execution helpers and achieve arbitrary command execution on the system.Β Exploitation evidence was first observed by the Shadowserver Foundation on 2026-03-31 (UTC).
CVSS Base9.8
β
CRSSelect profile
CVE-2026-39847
9.1π
EmmettEmmett
The Emmett web framework is vulnerable to path traversal attacks via the RSGI static handler, allowing unauthorized access to arbitrary files.
CVSS Base9.1
β
CRSSelect profile
CVE-2026-1346
9.3π
IBMVerify Identity
IBM Verify Identity and Security Verify Access products contain a privilege escalation vulnerability allowing locally authenticated users to gain root access.
CVSS Base9.3
β
CRSSelect profile
CVE-2026-35580
9.1
GitHubActions workflow
Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, GitHub Actions workflow files contained shell injection points where user-controlled workflow_dispatch inputs were interpolated directly into shell commands via ${{ }} expression syntax. An attacker with repository write access could inject arbitrary shell commands, leading to repository poisoning and supply chain compromise affecting all downstream users. This vulnerability is fixed in 8.39.0.
CVSS Base9.1
β
CRSSelect profile
CVE-2026-39397
9.4π
Delmare DigitalPayload-Puck Plugin
The @delmaredigital/payload-puck plugin for PayloadCMS bypasses collection-level access controls, allowing unauthorized API access.
CVSS Base9.4
β
CRSSelect profile
CVE-2026-5627
9.1
InforMultiple Products
A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the `AgentFlows` component. The vulnerability arises from improper handling of user input in the `loadFlow` and `deleteFlow` methods in `server/utils/agentFlows/index.js`. Specifically, the combination of `path.join` and `normalizePath` allows attackers to bypass directory restrictions and access or delete arbitrary `.json` files on the server. This can lead to information disclosure, such as leaking sensitive configuration files containing API keys, or denial of service by deleting critical files like `package.json`. The issue is resolved in version 1.12.1.
CVSS Base9.1
β
CRSSelect profile
CVE-2026-23696
9.9
the folderMultiple Products
Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the folder ownership management functionality that allows authenticated attackers to inject SQL through the owner parameter. An attacker can use the injection to read sensitive data such as the JWT signing secret and administrative user identifiers, forge an administrative token, and then execute arbitrary code via the workflow execution endpoints.
CVSS Base9.9
β
CRSSelect profile
CVE-2026-20889
9.8π
LibRawLibRaw
A heap-based buffer overflow exists in LibRaw's `x3f_thumb_loader` functionality, which can be triggered by a malicious file.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-20911
9.8π
LibRawLibRaw
A heap-based buffer overflow exists in LibRaw's `HuffTable::initval` functionality, which can be triggered by a malicious file.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-1114
9.8π
paris-neolollms
lollms uses a weak secret key for JWT signing, enabling attackers to forge administrative tokens via offline brute-force.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-35490
9.8π
changedetection.iochangedetection.io
An improper decorator ordering in changedetection.io causes authentication wrappers to be bypassed, exposing sensitive routes to unauthenticated access.
CVSS Base9.8
β
CRSSelect profile
β οΈ
High Priority Updates
CVE-2026-35554
8.7
producerKafka Java
A race condition in the Apache Kafka Java producer clientβs buffer pool management can cause messages to be silently delivered to incorrect topics
CVSS Base8.7
β
CRSSelect profile
CVE-2026-23818
8.8
HPMultiple Products
A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Private 5G Core On-Prem that could allow an attacker to abuse an open redirect vulnerability in the login flow using a crafted URL
CVSS Base8.8
β
CRSSelect profile
CVE-2025-65115
8.8
DistributionMultiple Products
Remote Code Execution VulnerabilityΒ in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3499
8.8
WordPressis vulnerable
The Product Feed PRO for WooCommerce by AdTribes β Product Feeds for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 13
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35408
8.7
GoogleMultiple Products
Directus is a real-time API and App dashboard for managing SQL database content
CVSS Base8.7
β
CRSSelect profile
CVE-2026-35442
8.1
UnknownMultiple Products
Directus is a real-time API and App dashboard for managing SQL database content
CVSS Base8.1
β
CRSSelect profile
CVE-2026-27314
8.8
ApacheCassandra
Privilege escalationΒ in Apache Cassandra 5
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5465
8.8
WordPressis vulnerable
The Booking for Appointments and Events Calendar β Amelia plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39307
8.1
teamsMultiple Products
PraisonAI is a multi-agent teams system
CVSS Base8.1
β
CRSSelect profile
CVE-2026-35164
8.8
HPwithin the
Brave CMS is an open-source CMS
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35470
8.8
HPfiles across
OpenSTAManager is an open source management software for technical assistance and invoicing
CVSS Base8.8
β
CRSSelect profile
CVE-2026-34197
8.8
Apache ActiveMQActiveMQ Broker
Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35567
8.8
HPis used
ChurchCRM is an open-source church management system
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39317
8.8
HPwhere user
ChurchCRM is an open-source church management system
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39318
8.8
HPfile contains
ChurchCRM is an open-source church management system
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39319
8.8
HPin ChurchCRM
ChurchCRM is an open-source church management system
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39323
8.8
HPwhere the
ChurchCRM is an open-source church management system
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39326
8.8
HPin ChurchCRM
ChurchCRM is an open-source church management system
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39327
8.8
HPin ChurchCRM
ChurchCRM is an open-source church management system
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39329
8.8
HPin ChurchCRM
ChurchCRM is an open-source church management system
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39330
8.8
HPin ChurchCRM
ChurchCRM is an open-source church management system
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39334
8.8
HPin ChurchCRM
ChurchCRM is an open-source church management system
CVSS Base8.8
β
CRSSelect profile
CVE-2026-39332
8.7
HPallows any
ChurchCRM is an open-source church management system
CVSS Base8.7
β
CRSSelect profile
CVE-2026-39333
8.7
HPendpoint reflects
ChurchCRM is an open-source church management system
CVSS Base8.7
β
CRSSelect profile
CVE-2026-34402
8.1
HPendpoint to
ChurchCRM is an open-source church management system
CVSS Base8.1
β
CRSSelect profile
CVE-2026-35517
8.8
upstreamMultiple Products
FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35518
8.8
DNSMultiple Products
FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35519
8.8
DNSMultiple Products
FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35520
8.8
DHCPMultiple Products
FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35521
8.8
DHCPMultiple Products
FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35182
8.8
HPMultiple Products
Brave CMS is an open-source CMS
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35395
8.8
HPMultiple Products
WeGIA is a Web manager for charitable institutions
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5709
8.8
andand Engineering
Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio (RES) version 2024
CVSS Base8.8
β
CRSSelect profile
CVE-2026-34045
8.2
KubernetesMultiple Products
Podman Desktop is a graphical tool for developing on containers and Kubernetes
CVSS Base8.2
β
CRSSelect profile
CVE-2026-39340
8.1
HPMultiple Products
ChurchCRM is an open-source church management system
CVSS Base8.1
β
CRSSelect profile
CVE-2026-39341
8.1
HPMultiple Products
ChurchCRM is an open-source church management system
CVSS Base8.1
β
CRSSelect profile
CVE-2026-35044
8.8
ArchMultiple Products
BentoML is a Python library for building online serving systems optimized for AI apps and model inference
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35463
8.8
downloadMultiple Products
pyLoad is a free and open-source download manager written in Python
CVSS Base8.8
β
CRSSelect profile
CVE-2026-33752
8.6
UnknownMultiple Products
curl_cffi is the a Python binding for curl
CVSS Base8.6
β
CRSSelect profile
CVE-2026-5685
8.8
TendaCX12L
A vulnerability was identified in Tenda CX12L 16
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5686
8.8
TendaCX12L
A security flaw has been discovered in Tenda CX12L 16
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5687
8.8
TendaCX12L
A weakness has been identified in Tenda CX12L 16
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5707
8.8
andand Engineering
Unsanitized input in an OS command in the virtual desktop session name handling in AWS Research and Engineering Studio (RES)Β version 2025
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5708
8.8
andand Engineering
Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio (RES) prior to version 2026
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3357
8.8
IBMLangflow Desktop
IBM Langflow Desktop 1
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35043
7.8
UnknownMultiple Products
BentoML is a Python library for building online serving systems optimized for AI apps and model inference
CVSS Base7.8
β
CRSSelect profile
CVE-2025-14821
7.8
InforMultiple Products
A flaw was found in libssh
CVSS Base7.8
β
CRSSelect profile
CVE-2026-34975
8.5
AWSSES
Plunk is an open-source email platform built on top of AWS SES
CVSS Base8.5
β
CRSSelect profile
CVE-2026-1342
8.5
IBMVerify Identity
IBM Verify Identity Access Container 11
CVSS Base8.5
β
CRSSelect profile
CVE-2026-4788
8.4
IBMTivoli Netcool
IBM Tivoli Netcool Impact 7
CVSS Base8.4
β
CRSSelect profile
CVE-2026-35029
8.8
proxyMultiple Products
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format
CVSS Base8.8
β
CRSSelect profile
CVE-2026-4740
8.2
RedAdvanced Cluster
A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM)
CVSS Base8.2
β
CRSSelect profile
CVE-2026-26263
8.1
Archengine
GLPI is a free asset and IT management software package
CVSS Base8.1
β
CRSSelect profile
CVE-2026-5684
8
TendaCX12L
A vulnerability was determined in Tenda CX12L 16
CVSS Base8
β
CRSSelect profile
CVE-2025-24818
8
Archapplication
Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application
CVSS Base8
β
CRSSelect profile
CVE-2026-24913
8.8
MATCHAMultiple Products
SQL Injection vulnerability exists in MATCHA INVOICE 2
CVSS Base8.8
β
CRSSelect profile
CVE-2026-34885
8.5
David Lingren MediaMultiple Products
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows SQL Injection
CVSS Base8.5
β
CRSSelect profile
CVE-2026-24660
8.1
UnknownMultiple Products
A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b
CVSS Base8.1
β
CRSSelect profile
CVE-2026-39328
8.9
UnknownMultiple Products
ChurchCRM is an open-source church management system
CVSS Base8.9
β
CRSSelect profile
CVE-2026-3524
8.8π
MattermostPlugin Legal Hold
A vulnerability in the Mattermost Plugin Legal Hold allows for potential security bypasses in version 1 and earlier.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-33510
8.8
UnknownMultiple Products
Homarr is an open-source dashboard
CVSS Base8.8
β
CRSSelect profile
CVE-2025-47392
8.8
MemoryMultiple Products
Memory corruption when decoding corrupted satellite data files with invalid signature offsets
CVSS Base8.8
β
CRSSelect profile
CVE-2026-20433
8.8
UnknownMultiple Products
In Modem, there is a possible out of bounds write due to a missing bounds check
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5732
8.8
IncorrectMultiple Products
Incorrect boundary conditions, integer overflow in the Graphics: Text component
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5733
8.8
IncorrectMultiple Products
Incorrect boundary conditions in the Graphics: WebGPU component
CVSS Base8.8
β
CRSSelect profile
CVE-2026-22683
8.8
WindmillMultiple Products
Windmill versions 1
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35610
8.8
UnknownMultiple Products
PolarLearn is a free and open-source learning program
CVSS Base8.8
β
CRSSelect profile
CVE-2026-35576
8.7
UnknownMultiple Products
ChurchCRM is an open-source church management system
CVSS Base8.7
β
CRSSelect profile
CVE-2026-35020
8.4
command lookupMultiple Products
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the command lookup helper and deep-link terminal launcher that allows local attackers to execute arbitrary commands by manipulating the TERMINAL environment variable
CVSS Base8.4
β
CRSSelect profile
CVE-2026-35394
8.3
MCPMultiple Products
Mobile Next is an MCP server for mobile development and automation
CVSS Base8.3
β
CRSSelect profile
CVE-2026-34982
8.2
UnknownMultiple Products
Vim is an open source, command line text editor
CVSS Base8.2
β
CRSSelect profile
CVE-2026-35457
8.2
UnknownMultiple Products
libp2p-rust is the official rust language Implementation of the libp2p networking stack
CVSS Base8.2
β
CRSSelect profile
CVE-2026-34783
8.1
FerretMultiple Products
Ferret is a declarative system for working with web data
CVSS Base8.1
β
CRSSelect profile
CVE-2026-35045
8.1
TandoorMultiple Products
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists
CVSS Base8.1
β
CRSSelect profile
CVE-2026-20884
8.1
LibRawMultiple Products
An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit 8dc68e2
CVSS Base8.1
β
CRSSelect profile
CVE-2026-24450
8.1
LibRawMultiple Products
An integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of LibRaw Commit 8dc68e2
CVSS Base8.1
β
CRSSelect profile
CVE-2026-5373
8.1
UnknownMultiple Products
An issue that allowed all-organization administrators to promote accounts to superuser status has been resolved
CVSS Base8.1
β
CRSSelect profile
CVE-2026-35488
8.1
TandoorMultiple Products
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists
CVSS Base8.1
β
CRSSelect profile
CVE-2026-35607
8.1
FileMultiple Products
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory
CVSS Base8.1
β
CRSSelect profile
CVE-2026-39331
8.1
UnknownMultiple Products
ChurchCRM is an open-source church management system
CVSS Base8.1
β
CRSSelect profile
CVE-2026-39344
8.1
UnknownMultiple Products
ChurchCRM is an open-source church management system
CVSS Base8.1
β
CRSSelect profile
CVE-2026-39371
8.1
UnknownMultiple Products
RedwoodSDK is a server-first React framework
CVSS Base8.1
β
CRSSelect profile
CVE-2026-20432
8
UnknownMultiple Products
In Modem, there is a possible out of bounds write due to a missing bounds check
CVSS Base8
β
CRSSelect profile
CVE-2026-35575
8
adminMultiple Products
ChurchCRM is an open-source church management system
CVSS Base8
β
CRSSelect profile
CVE-2024-14032
7.8π Late Disclosure
StudioMultiple Products
Twitch Studio version 0
CVSS Base7.8
β
CRSSelect profile
CVE-2025-47389
7.8
MemoryMultiple Products
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation
CVSS Base7.8
β
CRSSelect profile
CVE-2025-47390
7.8
MemoryMultiple Products
Memory corruption while preprocessing IOCTL request in JPEG driver
CVSS Base7.8
β
CRSSelect profile
CVE-2025-47391
7.8
MemoryMultiple Products
Memory corruption while processing a frame request from user
CVSS Base7.8
β
CRSSelect profile
CVE-2026-21371
7.8
MemoryMultiple Products
Memory Corruption when retrieving output buffer with insufficient size validation
CVSS Base7.8
β
CRSSelect profile
CVE-2026-21372
7.8
MemoryMultiple Products
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations
CVSS Base7.8
β
CRSSelect profile
CVE-2026-21373
7.8
MemoryMultiple Products
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing
CVSS Base7.8
β
CRSSelect profile
CVE-2026-21374
7.8
MemoryMultiple Products
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation
CVSS Base7.8
β
CRSSelect profile
CVE-2026-21375
7.8
MemoryMultiple Products
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing
CVSS Base7.8
β
CRSSelect profile
CVE-2026-21376
7.8
MemoryMultiple Products
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver
CVSS Base7.8
β
CRSSelect profile
CVE-2026-21378
7.8
MemoryMultiple Products
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver
CVSS Base7.8
β
CRSSelect profile
CVE-2026-21380
7.8
MemoryMultiple Products
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory
CVSS Base7.8
β
CRSSelect profile
CVE-2026-21382
7.8
MemoryMultiple Products
Memory Corruption when handling power management requests with improperly sized input/output buffers
CVSS Base7.8
β
CRSSelect profile
CVE-2026-34588
7.8
UnknownMultiple Products
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry
CVSS Base7.8
β
CRSSelect profile
CVE-2026-35021
7.8
prompt editorMultiple Products
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the prompt editor invocation utility that allows attackers to execute arbitrary commands by crafting malicious file paths
CVSS Base7.8
β
CRSSelect profile
CVE-2026-32860
7.8
InforMultiple Products
There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW