Active CVEs
223 articles
Exploited CVEs, zero-days, KEV additions, and urgent patch decisions.
CRITICALCVE-2026-41089: Windows Netlogon RCE Exploited in Wild
CVE-2026-41089 is a critical Windows Netlogon RCE now reported as exploited in the wild, with Microsoft CNA scoring it CVSS 9.8.
MEDIUMCVE-2026-9082: Drupal Core SQL Injection Bug Added to CISA KEV
CISA added CVE-2026-9082 (CVSS 6.5) to its Known Exploited Vulnerabilities catalog after evidence of active exploitation against all supported Drupal Core versions.
CRITICALCVE-2026-20223 (CVSS 10): Unauthenticated API Access in Cisco Secure
CVE-2026-20223 (CVSS 10.0): Unauthenticated attackers can access internal REST APIs in Cisco Secure Workload with Site Admin privileges. No authentication required.
CRITICALCVE-2026-2586: Authenticated RCE in GlassFish Admin Console
CVE-2026-2586 (CVSS 9.1) lets authenticated users execute arbitrary OS commands via crafted requests to GlassFish's Administration Console. No patch available as of May 20.
MEDIUMCVE-2026-8957: Mozilla Patches Privilege Escalation in Enterprise
CVE-2026-8957 (CVSS 6.5) allows privilege escalation in Firefox's Enterprise Policies component. Mozilla fixed it in Firefox 151 and ESR 140.11.
CRITICALCVE-2026-8959: Firefox Sandbox Escape via Win32 Boundary Flaw
CVE-2026-8959 (CVSS 9.6) allows sandbox escape through incorrect boundary conditions in Firefox's Widget:Win32 component. Fixed in Firefox 151, ESR 140.11, and Thunderbird 151.
CRITICALCVE-2026-4883: Piotnet Forms Plugin RCE via Phar Upload
CVE-2026-4883 (CVSS 9.8) in Piotnet Forms ≤2.1.40 lets unauthenticated attackers upload .phar or .phtml files via an incomplete extension blacklist, enabling remote code execution.
CRITICALCVE-2026-45230: Unauthenticated Path Traversal in DumbAssets Lets
CVE-2026-45230 (CVSS 9.1) in DumbAssets through 1.0.11 lets unauthenticated attackers delete arbitrary files via path traversal in the POST /api/delete-file endpoint.
CRITICALCVE-2026-7301: SGLang Scheduler RCE via Pickle Deserialization
CVE-2026-7301 (CVSS 9.8) lets attackers execute arbitrary code on SGLang servers by sending malicious pickle payloads to the scheduler's ROUTER socket, which binds to 0.0.0.0 by...
CRITICALCVE-2026-8836: CVSS 10.0 Stack Overflow in lwIP SNMPv3 Parser
CVE-2026-8836 is a CVSS 10.0 stack-based buffer overflow in lwIP up to 2.2.1's SNMPv3 USM handler. Remote unauthenticated attackers can trigger code execution via crafted...
MEDIUMCookie Law Bar 1.2.1 Stored XSS Enables Cookie Theft
CVE-2021-47957 (CVSS 6.4) in Cookie Law Bar 1.2.1 lets authenticated attackers inject persistent scripts via the Bar Message field, affecting all WordPress site visitors.
MEDIUMCouchCMS 2.2.1 XSS Lets Authenticated Users Inject Arbitrary JS via
CVE-2021-47955 (CVSS 5.4): CouchCMS 2.2.1 contains a stored XSS flaw allowing authenticated attackers to execute arbitrary JavaScript by uploading malicious SVG files via...
HIGHCVE-2024-57728: SimpleHelp Path Traversal Lets Admins Upload
CISA adds CVE-2024-57728 to Known Exploited Vulnerabilities: SimpleHelp path traversal via zip slip allows admin users to upload arbitrary files and execute code. Due May 8, 2026.
HIGHCVE-2025-2749: Kentico Xperience Path Traversal Under Active Exploit
CISA adds CVE-2025-2749 to KEV catalog: Kentico Xperience path traversal lets authenticated Staging Sync Server upload arbitrary files. Due date for federal agencies: May 4, 2026.
HIGHEMQX QoS 2 Race Condition CVE-2026-8741 Affects Up to 6.2.0
CVE-2026-8741 (CVSS 3.1) enables remote exploitation of a race condition in EMQX's QoS 2 PUBLISH packet handler, affecting all versions up to 6.2.0.
HIGHHACS Path Traversal CVE-2021-47942 Lets Attackers Steal Home
CVE-2021-47942 (CVSS 7.5) in Home Assistant Community Store 1.10.0 lets unauthenticated attackers read .storage/auth files via /hacsfiles/ traversal, forge JWT tokens, and gain...
MEDIUMOpen5GS AMF Flaw CVE-2026-8743 Enables Remote Authorization Bypass
CVE-2026-8743 (CVSS 6.5) in Open5GS up to 2.7.6 lets remote attackers bypass authorization via the AMF/MME ranuefindbyamfuengap_id function. Exploit public.
MEDIUMOpen5GS NRF DoS CVE-2026-8731 Lets Remote Attackers Crash SBI Client
CVE-2026-8731 (CVSS 4.3) in Open5GS up to 2.7.7 lets remote attackers trigger a denial-of-service via the NRF component's SBI client_pool argument. Exploit code is public.
HIGHPixel 10 VPU Driver Bug Lets Userspace Map Kernel Memory
Google Project Zero found a Pixel 10 VPU driver flaw allowing userspace to map arbitrary physical memory, including the kernel image. Exploit required 5 lines of code.
MEDIUMPublicCMS Payment Logic Flaw CVE-2026-8738 Allows Unauthorized
CVE-2026-8738 (CVSS 6.5) in Sanluan PublicCMS 5.202506.d lets remote attackers manipulate the trade payment flow via business logic errors in TradeOrderController.pay.
HIGHAvada Builder WordPress Plugin Flaws Expose Site Credentials
CVE-2026-4782 and CVE-2026-4798 in Avada Builder (1M+ installs) let attackers read wp-config.php and extract database hashes. Patch to version 3.15.3.
HIGHChrome 148.0.7778.168 Patches Integer Overflows, Sandbox Escape Risk
CVE-2026-8573 (CVSS 8.3) and CVE-2026-8577 (CVSS 8.8) in Chrome 148 on Windows allow sandbox escape and RCE via crafted video or HTML pages. Update now.
HIGHChrome 148.0.7778.168 Patches Two High-Severity OOB Read Flaws
Google Chrome 148.0.7778.168 fixes CVE-2026-8543 and CVE-2026-8541 — two high-severity out-of-bounds read vulnerabilities in FileSystem and UI components on Mac and all platforms.
HIGHChrome 148 Patches AI Site Isolation Bypass, Android Payment Flaw
CVE-2026-8568 (CVSS 3.1) lets attackers bypass Chrome Site Isolation via AI features after renderer compromise; CVE-2026-8566 (CVSS 4.3) targets Android Payments.
HIGHChrome 148 Patches ANGLE Data Leak, Google Lens UAF
Google fixed CVE-2026-8556 (ANGLE cross-origin leak) and CVE-2026-8550 (Google Lens use-after-free) in Chrome 148.0.7778.168 for Windows. Both flaws require a compromised renderer.
HIGHFleet Patches API Rate-Limiting Bypass via IP Spoofing
CVE-2026-46356: Unauthenticated attackers can bypass Fleet's API rate limiting by spoofing True-Client-IP headers, enabling brute-force login attempts on exposed instances.
LOWlibsixel NULL Pointer Dereference CVE-2026-44638 Gets Low CVSS
CVE-2026-44638: libsixel 1.8.7-r1 and earlier has a NULL pointer dereference in sixeldecoderaw and sixel_decode due to a wrong NULL check after malloc. CVSS 2.5.
MEDIUMMCP Registry OIDC Flaw CVE-2026-44428 Lets Attackers Hijack GitHub
CVE-2026-44428 (CVSS 4.7) in the MCP Registry before 1.7.6 lets attackers reuse stolen GitHub OIDC tokens across registry instances, enabling unauthorized server publishing and...
MEDIUMMedical Management System Flaw Lets Attackers Reset Any Password
CVE-2025-67437 (CVSS 6.5) in an unnamed Medical Management System allows unauthenticated password reset via insecure permissions. No patch released.
HIGHOpen WebUI Patches Three Flaws: XSS, SVG Injection, Auth Bypass
Open WebUI fixes CVE-2026-45314 (SVG XSS), CVE-2026-45303 (iframe script injection), and CVE-2026-44567 (pending role auth bypass) — all in self-hosted AI platform.
HIGHSilicon Labs SixG301xxx DPA Countermeasure Flaw Weakens Crypto Keys
CVE-2025-14972: Silicon Labs SixG301xxx devices use non-random DPA countermeasures in the SYMCRYPTO engine, enabling key recovery. Affects KSU keys.
HIGHZITADEL LDAP Filter Injection CVE-2026-44671 Allows Unauthenticated
CVE-2026-44671 (CVSS 7.5): ZITADEL identity platform fails to escape usernames in LDAP filters, letting unauthenticated attackers inject arbitrary filter logic during login.
HIGHAegra IDOR CVE-2026-44504 Exposes Cross-Tenant Data in Shared
CVE-2026-44504: Aegra prior to 0.9.7 allows authenticated attackers to read checkpoint state and inject messages into other users' threads via cross-tenant IDOR. Patch available.
MEDIUMaria2c EKU Validation Flaw CVE-2026-8367 Enables TLS Certificate
CVE-2026-8367 (CVSS 4.8) in aria2c fails to validate Extended Key Usage on server certificates, allowing attackers to reuse certificates issued for other purposes in TLS...
CRITICALChrome 148 Patches 79 Flaws, 14 Critical Including Heap Overflow
Google's Chrome 148 update fixes 79 vulnerabilities, 14 critical — including heap buffer overflow CVE-2026-8509 ($43K bounty) and integer overflow CVE-2026-8510 in Skia ($25K...
MEDIUMfast-xml-builder Flaw CVE-2026-44664 Enables XML Injection via
CVE-2026-44664 (CVSS 6.1) in fast-xml-builder lets attackers break out of XML comments and inject arbitrary content via triple-dash sequences; fixed in version 1.1.6.
CRITICALGitHub Copilot CLI Flaw CVE-2026-45033 Enables RCE via Malicious Repos
CVE-2026-45033 (CVSS 9.8) in GitHub Copilot CLI before 1.0.43 lets attackers achieve remote code execution by embedding a malicious bare git repository in a project directory.
HIGHLenovo Personal Cloud Storage Flaw CVE-2026-6282 Enables Lateral File
CVE-2026-6282 (CVSS 8.1) in Lenovo Personal Cloud Storage lets authenticated users move or access other users' files via improper path validation. No patch yet.
HIGHLibsixel Heap Overflow CVE-2026-44636 Lets Attackers Trigger RCE
CVE-2026-44636 (CVSS 7.8): A signed integer overflow in libsixel 1.8.7-r1 and earlier lets attackers trigger a heap buffer overflow via crafted SIXEL images, enabling potential...
HIGHMetasploit Adds Vim Plugin Persistence, Exploits for Three CVEs
Rapid7's Metasploit Framework adds Vim plugin persistence, exploits for CVE-2025-6793 (Marvell QConvergeConsole), CVE-2024-48760 (GestioIP), and CVE-2023-30253 (Dolibarr).
HIGHMicrosoft Warns of Exchange Zero-Day CVE-2026-42897 Exploited in
CVE-2026-42897 is a high-severity Exchange Server spoofing flaw exploited in the wild, enabling XSS-based code execution via Outlook on the web.
HIGHNext.js Patches Two Authorization Bypass Flaws in App Router
CVE-2026-44574 (CVSS 8.1) and CVE-2026-44575 (CVSS 7.5) let attackers bypass middleware-based auth checks in Next.js App Router via crafted .rsc URLs and query parameter...
HIGHNext.js Patches XSS and DoS Flaws in Cache Components
CVE-2026-44580 (CVSS 6.1) enables XSS via beforeInteractive scripts; CVE-2026-44579 (CVSS 7.5) triggers connection exhaustion in Partial Prerendering.
HIGHOpenImageIO Integer Overflow CVE-2026-43908 Enables OOB Write
CVE-2026-43908 (CVSS 8.8): A signed 32-bit integer overflow in OpenImageIO's ConvertCbYCrYToRGB() causes out-of-bounds writes, risking crashes or code execution in VFX pipelines.
MEDIUMOpenImageIO TGA Decoder Flaw CVE-2026-43996 Enables OOB Read
CVE-2026-43996 (CVSS 5.5) in OpenImageIO TGA decoder uses unsigned 32-bit wrap to bypass bounds check, enabling out-of-bounds read. Affects versions prior to 3.0.18.0 and 3.1.13.0.
HIGHPalo Alto GlobalProtect Flaws Let Attackers Intercept Encrypted
CVE-2026-0249: Multiple improper certificate validation flaws in Palo Alto Networks GlobalProtect app let local or same-subnet attackers intercept encrypted traffic and install...
HIGHprotobufjs Flaw CVE-2026-45740 Enables DoS via Deeply Nested JSON
CVE-2026-45740 (CVSS 7.5) in protobufjs lets attackers crash Node.js apps by sending crafted JSON descriptors with deeply nested namespaces — affects versions before 7.5.8 and...
CRITICALCisco Catalyst SD-WAN Controller Flaw CVE-2026-20182 Scores Perfect
Rapid7 discovered CVE-2026-20182, a 10.0-CVSS authentication bypass in Cisco Catalyst SD-WAN Controller. Unauthenticated attackers can inject SSH keys and issue NETCONF commands.
CRITICALF5 Patches 51 Flaws: NGINX DoS, BIG-IP RCE Among Critical Fixes
F5 fixed 19 high-severity and 32 medium-severity bugs across BIG-IP, BIG-IQ, and NGINX. The most severe, CVE-2026-42945 (CVSS 9.2), enables heap overflow DoS in NGINX rewrite...
HIGHHackers Exploit PraisonAI Auth Bypass Hours After Disclosure
Sysdig detected CVE-2026-44338 exploitation attempts within 3 hours 44 minutes of public advisory — attackers probed /agents on exposed PraisonAI instances.
MEDIUMHono Patches CSS Injection and Cache Poisoning Flaws
Hono 4.12.18 fixes CVE-2026-44458 (CSS injection in JSX renderer, CVSS 4.3) and CVE-2026-44457 (cache poisoning via Vary header bypass, CVSS 5.3).
MEDIUMNIST NVD Enrichment Change Creates CVSS Gap for 80% of CVEs
NIST now enriches only 15-20% of CVEs under new policy as of April 2026, leaving 80% without CVSS scores or product mappings.
CRITICALPwn2Own Berlin 2026: Researchers Earn $523K Hacking Windows 11, Edge
On day one of Pwn2Own Berlin 2026, researchers collected $523,000 for 24 zero-days, including a $175,000 Edge sandbox escape by Orange Tsai and three Windows 11 privilege...
HIGHVMware Fusion TOCTOU Flaw CVE-2026-41702 Lets Local Users Escalate to
Broadcom patched a high-severity TOCTOU vulnerability in VMware Fusion (CVE-2026-41702) that lets local non-admin users escalate privileges to root on macOS systems.
CRITICALModeloRAT Campaign Abuses Microsoft Teams for Enterprise Intrusion
Rapid7 dissects an April 2026 intrusion where a fake IT Support Teams message delivered ModeloRAT via Dropbox, leading to privilege escalation, credential theft, and lateral...
MEDIUMPalo Alto Patches Prisma Access Agent Flaws: Cert Validation, LPE
Palo Alto Networks released patches for two medium-severity flaws in Prisma Access Agent — CVE-2026-0248 (improper certificate validation) and CVE-2026-0246 (local privilege...
CRITICALThe Gentlemen RaaS Internal Leak Exposes Admin, Affiliates, Tactics
A leaked backend database from The Gentlemen RaaS operation reveals 9 accounts, admin TOX ID, initial access via Fortinet/Cisco edge flaws, and a 190,000 USD ransom payout.
CRITICALAdobe Patches 52 Flaws Across 10 Products, Two Critical in Connect
Adobe's May 2026 patch batch fixes 52 CVEs across 10 products; Adobe Connect gets two critical bugs (CVE-2026-34659, 9.6 CVSS for RCE; CVE-2026-34660, 9.3 CVSS for privilege...
CRITICALApple Patches Everything: 0-Days, RCS Encryption Rollout
Apple released emergency patches for two zero-days exploited in the wild alongside the beta rollout of end-to-end encrypted RCS messaging for iOS and macOS.
CRITICALCosyVoice gRPC Server Insecure Deserialization Flaw CVE-2026-31251
CVE-2026-31251: CosyVoice gRPC server deserializes untrusted models via torch.load() without weights_only=True, enabling RCE via crafted .pt files. No patch confirmed.
HIGHCVE-2026-40612: jq Stack Overflow Lets Attackers Crash JSON Processor
CVE-2026-40612 in jq 1.8.1 and earlier allows attackers to trigger a stack overflow via deeply nested JSON input, crashing the tool. CVSS 7.5.
HIGHDocling XXE Flaw CVE-2026-31248 Lets Attackers Trigger XML Bomb DoS
CVE-2026-31248: Docling METS GBS backend through 2.61.0 fails to disable entity resolution in etree.fromstring(), enabling XML Bomb attacks via crafted .tar.gz archives.
CRITICALExim BDAT Use-After-Free Flaw CVE-2026-45185 Enables Remote Code
CVE-2026-45185 (Dead.Letter) is a use-after-free in Exim's BDAT handling affecting GnuTLS builds — CVSS 9.8, remote code execution risk. Patches released.
HIGHŠkoda Discloses Customer Data Breach After Online Shop Hack
Škoda Auto disclosed a data breach after attackers exploited a vulnerability in its e-commerce portal, stealing customer names, addresses, and password hashes.
HIGHMeari SDK Flaw CVE-2026-33357 Leaks WAN IP of IoT Cameras
CVE-2026-33357 (CVSS 7.5) in Meari SDK lets attackers retrieve WAN IPs for any device via CloudEdge, Arenti, and white-label apps — no authentication required.
CRITICALMicrosoft Patches 137 Flaws, SSO Plugin Bug Rated Critical
CVE-2026-41103 in Microsoft SSO Plugin for Jira & Confluence allows privilege escalation via flawed authentication.
CRITICALSAP Patches Critical S/4HANA, Commerce Flaws with 9.6 CVSS
SAP released 15 security notes for May 2026, fixing two critical code injection flaws in S/4HANA (CVE-2026-34260) and Commerce (CVE-2026-34263), both rated 9.6 CVSS, and a...
CRITICALUnauthenticated SQL Injection in MuuCMF T6 Allows Database Takeover
CVE-2026-36962: Unauthenticated SQL injection in MuuCMF T6 v1.9.4.20260115 lets attackers dump databases, gain admin access, and achieve RCE via file writes.
CRITICALAngular Expressions Sandbox Escape CVE-2026-44643 Allows RCE
CVE-2026-44643 in Angular Expressions <1.5.2 lets attackers escape the sandbox via malicious filter expressions to execute arbitrary code on the system.
CRITICALCasdoor LFS Flaw CVE-2026-6815 Lets Admins Write Files Anywhere
CVE-2026-6815 in Casdoor's Local File System storage provider lets authenticated admins traverse paths to write arbitrary files outside the sandbox. No patch yet.
CRITICALCorteza SQL Injection Flaw CVE-2026-6093 Lets Attackers Dump Databases
CVE-2026-6093: A SQL injection vulnerability in Corteza's MSSQL backend allows unauthenticated attackers to extract database contents via Compose record meta-field filters.
CRITICALCustom css-js-php WordPress Plugin SQLi Leads to RCE (CVE-2026-6433)
CVE-2026-6433: Unauthenticated SQL injection in Custom css-js-php plugin ≤2.0.7 lets attackers execute arbitrary PHP via eval(). No patch available.
HIGHCVE-2025-61314: Reflected XSS in Mecury Managed Print Services
CVE-2025-61314: Reflected XSS in GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary JS via crafted payload in dfm-menu_orderopt.php.
HIGHCVE-2025-65417: docuFORM MPS Client Reflected XSS in Login Page
CVE-2025-65417: A reflected XSS flaw in docuFORM Managed Print Service Client 11.11c lets unauthenticated attackers execute arbitrary scripts via the login page.
HIGHCVE-2026-5084: WebDyne Session IDs Generated with Weak MD5/rand()
CVE-2026-5084: WebDyne::Session through 2.075 for Perl generates session IDs from an MD5 hash seeded with rand(), enabling session prediction and hijacking.
CRITICALCVE-2026-7813: pgAdmin 4 Server Mode Flaw Lets Users Access Private
CVE-2026-7813 (CVSS 9.9) in pgAdmin 4 server mode lets authenticated users access private servers, groups, and debugger data from other users by guessing object IDs.
MEDIUMD-Link DNS-320 OS Command Injection Flaw CVE-2026-8273 Lets Remote
CVE-2026-8273 (CVSS 5.8) in D-Link DNS-320 2.06B01 allows remote OS command injection via multiple CGI endpoints in system_mgr.cgi. No patch available.
CRITICALDell ECS Hard-Coded Credentials Flaw CVE-2026-40636 Hits 9.8 CVSS
CVE-2026-40636 (CVSS 9.8) in Dell ECS and ObjectScale uses hard-coded credentials, letting local attackers gain filesystem access.
MEDIUMDevs Palace ERP Online XSS Flaws Allow Remote Script Injection
Two stored XSS vulnerabilities in Devs Palace ERP Online up to 4.0.0 let remote attackers inject scripts via /inventory/addnewcustomer and /inventory/sales_save.
HIGHDirty Frag Linux Flaws Let Unprivileged Users Gain Root, Escape
CVE-2026-43284 and CVE-2026-43500 in the Linux kernel's networking code allow unprivileged users to gain root and escape containers. Exploit published after embargo broke.
HIGHDocling JATS XML Backend XXE Flaw CVE-2026-31247 Enables DoS
CVE-2026-31247: Docling's JATS XML backend through 2.61.0 uses etree.parse() without disabling entity expansion, allowing XML bomb attacks that consume excessive resources and...
CRITICALGPT-Pilot Command Injection Flaw CVE-2026-31246 Lets Users Execute
CVE-2026-31246 (CVSS 9.8) in GPT-Pilot's Executor.run() passes unvalidated user input to asyncio.createsubprocessshell(), enabling arbitrary command injection during project...
MEDIUMOpen5GS SMF DoS Flaws CVE-2026-8251, CVE-2026-8249 Exploited Publicly
Two CVSS 4.3 denial-of-service vulnerabilities in Open5GS up to 2.7.7 allow remote attackers to crash the SMF via crafted PCC rule updates. Public exploits exist.
MEDIUMpgAdmin 4 Brute-Force Flaw CVE-2026-7820 Bypasses Account Lockout
CVE-2026-7820 (CVSS 6.5) in pgAdmin 4 lets attackers brute-force passwords via Flask-Security's default /login view, bypassing MAXLOGINATTEMPTS enforcement.
HIGHpgAdmin 4 File Manager Flaw CVE-2026-7819 Lets Authenticated Users
CVE-2026-7819 (CVSS 8.1) in pgAdmin 4's File Manager lets authenticated users write files outside their storage directory via symlink path traversal. No patch yet.
MEDIUMStored XSS in pgAdmin 4 Lets Attackers Execute JS via Database Object
CVE-2026-7814 (CVSS 4.8): pgAdmin 4 fails to sanitize user-controlled PostgreSQL object names, enabling stored XSS via the Browser Tree and Explain Visualizer modules.
HIGHTenda AC6 Command Injection Flaw CVE-2026-8263 Lets Attackers Execute
CVE-2026-8263 (CVSS 5.8) in Tenda AC6 firmware 15.03.06.49multiTDE01 allows unauthenticated remote OS command injection via the /goform/WifiExtraSet endpoint.
HIGHTenda AC6 Router Flaws Enable Remote Command Injection
Two command injection vulnerabilities in Tenda AC6 firmware 15.03.06.23 let remote attackers execute arbitrary OS commands via the getLogFile and formWifiApScan functions.
HIGHWikimedia AbuseFilter Flaw CVE-2026-34086 Lets Editors Bypass
CVE-2026-34086 in Wikimedia Foundation's AbuseFilter extension allows editors to bypass configured restrictions; affects versions before 1.43.7, 1.44.4, and 1.45.2.
MEDIUMWSO2 API Manager Flaw CVE-2025-8325 Lets Low-Privilege Users Bypass
CVE-2025-8325 (CVSS 6.3) in WSO2 API Manager lets users with the Internal/Everyone role invoke Gateway and Internal Service APIs without authorization, affecting APIM 3.x...
MEDIUMZephyr TLS 1.3 Socket Flaw Lets Peers Downgrade to TLS 1.2
CVE-2026-1677 (CVSS 5.3): Zephyr RTOS sockets using IPPROTOTLS1_3 can negotiate TLS 1.2 when both versions are enabled, breaking application security assumptions.
HIGHAero CMS 0.0.1 PHP Code Injection Flaw Lets Authenticated Attackers
CVE-2022-50944 (CVSS 8.8): Authenticated attackers can upload malicious PHP files via the image parameter in Aero CMS 0.0.1, achieving remote code execution on the server.
MEDIUMCMDBuild 3.3.2 Stored XSS Flaw Allows Persistent Script Injection
CVE-2021-47925 (CVSS 6.4): Authenticated attackers can inject persistent XSS payloads via Employee card parameters or SVG file attachments in CMDBuild 3.3.2, affecting all users...
HIGHCyberPanel 2.1 Flaw Lets Authenticated Attackers Execute Remote Code
CVE-2021-47949 (CVSS 8.8) in CyberPanel 2.1 lets authenticated attackers read arbitrary files and execute code via symlink attacks through the filemanager controller endpoint.
HIGHEmlog CSRF Flaw CVE-2026-42286 Lets Attackers Hijack Admin Actions
CVE-2026-42286: Missing CSRF protection in Emlog prior to 2.6.11 lets attackers trick authenticated admins into unauthorized plugin management and config changes.
HIGHOpencart TMD Vendor System 3.x SQLi Lets Attackers Dump User
CVE-2021-47928 (CVSS 8.2): Unauthenticated blind SQL injection in Opencart TMD Vendor System 3.x lets attackers extract usernames, emails, and password reset codes from the...
MEDIUMThree WordPress Plugins Carry Stored XSS Flaws (CVE-2021-47926-929)
CVE-2021-47926, CVE-2021-47927, and CVE-2021-47929 each carry a CVSS 6.4 stored XSS in Filterable Portfolio Gallery, WP Symposium Pro, and Contact Form to Email — authenticated...
MEDIUMuBidAuction 2.0.1 Reflected XSS Flaw Lets Attackers Inject Scripts
CVE-2022-50966 (CVSS 6.1): uBidAuction 2.0.1 reflected XSS in the news/manage module allows remote attackers to inject scripts via unsanitized GET parameters date_created,...
MEDIUMWordPress 3dady Stats Plugin Stored XSS Lets Attackers Hijack Sessions
CVE-2022-50945 (CVSS 6.4): Stored XSS in WordPress 3dady real-time web stats plugin 1.0 lets authenticated attackers inject JavaScript via unsanitized input fields, enabling...
MEDIUMWordPress Curtain Plugin CSRF Lets Attackers Toggle Maintenance Mode
CVE-2022-50955: WordPress Curtain 1.0.2 CSRF flaw lets attackers trick admins into toggling site maintenance mode via forged requests without nonce validation.
MEDIUMWordPress GetPaid Plugin HTML Injection Flaw CVE-2021-47948
CVE-2021-47948 (CVSS 5.4): Authenticated attackers can inject arbitrary HTML via the Help Text field in GetPaid 2.4.6, enabling stored XSS attacks on payment forms.
HIGHAcer PredatorSense LPE Lets Local Users Gain SYSTEM Privileges
CVE-2026-8069: Acer PredatorSense versions 3.00.3136 to 3.00.3196 expose a misconfigured named pipe, letting any authenticated local user execute code as SYSTEM and delete...
CRITICALArgo CD Flaw CVE-2026-42880 Leaks Kubernetes Secrets via Dry-Run
CVE-2026-42880 (CVSS 9.6) in Argo CD lets read-only attackers extract plaintext Kubernetes Secrets via ServerSideDiff endpoint using Server-Side Apply dry-run.
HIGHBouncy Castle BC-FJA Flaw CVE-2026-8149 Leaks GCM Keys
CVE-2026-8149 in Bouncy Castle BC-FJA 2.1.0–2.1.2 leaks AES-GCM authentication keys via side-channel in AVX-512f optimized gcm128w/gcm512w routines.
HIGHCashDro 3 ATM Panel Weak PINs Enable Brute-Force Access
CVE-2026-8076: CashDro 3 ATM admin panel (v24.01.00.26) accepts numeric PINs for authentication, enabling brute-force attacks that can compromise cash dispenser controls.
MEDIUMCVE-2023-47268: PrusaSlicer 3MF Files Can Execute Arbitrary Code
CVE-2023-47268 (CVSS 5.3): A crafted 3mf project file in PrusaSlicer through 2.6.1 executes arbitrary code when sliced — no user interaction beyond opening the file.
MEDIUMCVE-2024-30167: Atlona Matrix Switcher Flaw Lets Authenticated Users
CVE-2024-30167 (CVSS 6.3): Authenticated users can execute arbitrary commands as root on Atlona AT-OME-MS42 Matrix Switcher 1.1.2 via a crafted POST to /cgi-bin/time.cgi.
CRITICALCVE-2025-69690: Netgate pfSense CE Module Installer RCE via Backup
CVE-2025-69690 (CVSS 9.1) lets authenticated admins achieve remote code execution on pfSense CE 2.7.2 by crafting a backup file with a serialized PHP object.
CRITICALCVE-2025-69691: Netgate pfSense XMLRPC API Allows Admin Code Execution
CVE-2025-69691 (CVSS 9.9) in Netgate pfSense CE 2.8.0 lets authenticated admins execute arbitrary PHP via XMLRPC's pfsense.exec_php; Netgate disputes the severity.
HIGHDrayTek Vigor 2960 OS Command Injection Flaw Allows Unauthenticated
CVE-2022-50994 (CVSS 8.1): Unauthenticated attackers can inject shell commands via the formpassword parameter in the CGI login handler of DrayTek Vigor 2960 routers running...
CRITICALLibreNMS Pre-24.10.0 RCE via OS Command Injection (CVE-2024-51092)
CVE-2024-51092 (CVSS 9.1): LibreNMS before 24.10.0 allows unauthenticated remote attackers to execute arbitrary OS commands via AboutController.php, SettingsController.php, and...
HIGHMikroTik RouterOS SMB DoS Flaw CVE-2024-27686 Lets Remote Attackers
CVE-2024-27686 (CVSS 7.5) affects MikroTik RouterOS x86 versions 6.40.5 through 6.49.10 — a crafted SMB packet on TCP 445 triggers a device crash. No authentication required.
HIGHPraisonAI Flaw Lets Agents Execute Arbitrary Python Tools
CVE-2026-44339 (CVSS 8.6) in PraisonAI multi-agent framework lets agents resolve undeclared tool names against module globals, enabling arbitrary Python execution.
LOWSourceCodester Pharmacy System XSS Flaw CVE-2026-8136 Published
CVE-2026-8136 (CVSS 3.3) enables remote stored XSS in SourceCodester Pharmacy Sales and Inventory System 1.0 via the Name parameter in /index.php?page=users.
MEDIUMThruk Monitoring XSS Flaw CVE-2022-23961 Lets Attackers Hijack
CVE-2022-23961 (CVSS 6.1) in Thruk Monitoring through 2.46.3 enables unauthenticated reflected XSS via the login field, risking session theft for admins.
HIGHYeti JWT Flaw CVE-2024-46508 Lets Attackers Forge Auth Tokens
CVE-2024-46508 (CVSS 7.5) in Yeti platform before 2.1.12 lets attackers forge valid JWT tokens when the default secret key is unchanged — full account takeover risk.
HIGHCVE-2026-7891: DIVD VerySecureApp Leaks All Records to Anonymous Users
CVE-2026-7891 in DIVD's VerySecureApp (Mendix Studio Pro 11.8.0 Beta) exposes all stored records to anonymous users via an authorization misconfiguration — no access rights...
HIGHGitHub Enterprise Server Flaw Lets Attackers Steal Admin Credentials
CVE-2026-8106: Reflected HTML injection in GitHub Enterprise Server Management Console login page enables credential theft via crafted redirect_to parameter.
HIGHGitHub Enterprise Server SSRF Lets Attackers Reach Internal Services
CVE-2026-8034: A server-side request forgery flaw in GitHub Enterprise Server notebook viewer exploits URL parser confusion, letting attackers access internal services.
HIGHGo ReverseProxy Flaw CVE-2026-39825 Leaks Query Parameters
CVE-2026-39825 in Go's ReverseProxy allows query parameters invisible to Rewrite functions to be forwarded, bypassing sanitization in net/http.
MEDIUMJeecgBoot SQLi Flaw CVE-2026-8114 Exploit Publicly Available
CVE-2026-8114 (CVSS 6.5) in JeecgBoot up to 3.9.1 enables remote SQL injection via the /sys/dict/loadTreeData endpoint. Exploit code is public.
HIGHOpenStack Cyborg API Flaw Lets Low-Privilege Users Reprogram FPGAs
CVE-2026-40213 (CVSS 7.4) in OpenStack Cyborg before 16.0.1 uses rule:allow as default policy, letting any authenticated Keystone token holder reprogram FPGA bitstreams on...
MEDIUMSpring Cloud Config Server Leaks Secrets in Trace Logs
CVE-2026-41004 (CVSS 4.4): Spring Cloud Config Server writes plaintext secrets to logs when trace logging is enabled. Affects versions 3.1.0–3.1.13 and 4.1.0–4.1.9.
CRITICALChrome 148 Patches 127 Flaws, Three Critical Use-After-Free Bugs
Google's Chrome 148 fixes 127 vulnerabilities including three critical-severity bugs (CVE-2026-7896, CVE-2026-7897, CVE-2026-7898) — integer overflow in Blink and use-after-free...
HIGHIvanti EPMM Zero-Day CVE-2026-6973 Exploited in Limited Attacks
Ivanti warns CVE-2026-6973, a high-severity RCE in EPMM 12.8.0.0 and earlier, is under limited zero-day exploitation. Patches available; 850+ EPMM instances exposed online.
HIGHPCPJack Worm Steals Cloud Credentials, Wipes TeamPCP Infections
SentinelLabs uncovers PCPJack, a credential-stealing worm targeting Docker, Kubernetes, Redis, and MongoDB that actively removes rival TeamPCP access from compromised cloud...
HIGHCisco DoS Flaw CVE-2026-20188 Requires Manual Reboot to Recover
CVE-2026-20188: Unauthenticated attackers can crash Cisco Crosswork Network Controller and NSO via low-complexity exploit. No patch for older releases; manual reboot required.
HIGHMOVEit Automation CVE-2026-5174 Raises Patch Urgency After Cl0p History
CVE-2026-5174 is a high-severity MOVEit Automation privilege-escalation flaw. No APT or Cl0p exploitation is confirmed, but the 2023 MOVEit compromise history makes rapid patching urgent.
CRITICALPalo Alto PAN-OS CVE-2026-0300 Attacked via Captive Portal
CVE-2026-0300 is a critical PAN-OS buffer overflow in the User-ID Authentication Portal. Fixed builds are upcoming, so disable or restrict the portal immediately.
CRITICALApache Patches Critical HTTP/2 Double-Free Flaw CVE-2026-23918
Apache HTTP Server CVE-2026-23918 (CVSS 8.8) enables DoS and potential RCE via double-free in HTTP/2 handling. Affects all mod_http2 users. Patch now.
CRITICALCritical Ollama Bug CVE-2026-7482 Exposes 300K Deployments
Cyera discloses CVE-2026-7482 (CVSS 9.3) — a heap out-of-bounds read in Ollama's GGUF model loader that leaks prompts, API keys, and secrets via three unauthenticated API calls.
HIGHEOL Open Source Blind Spots Hide 400K+ Unflagged CVEs
HeroDevs analysis: 5.4M EOL package versions across npm, PyPI, Maven evade SCA scanners; ~80% of CVEs on supported versions also affect unlisted EOL releases. Free scan offered.
CRITICALWeaver E-cology Zero-Day CVE-2026-22679 Exploited Since March
CVE-2026-22679 (CVSS 9.8) in Weaver E-cology OA has been exploited in the wild since mid-March 2026. Attackers run discovery commands post-exploit. No patch available.
CRITICALFlowise RCE Vulnerability CVE-2026-41265 Carries CVSS 9.8
CVE-2026-41265 in Flowise Airtable_Agent allows unauthenticated remote code execution with CVSS 9.8. ZDI advisory details code injection in default installations.
HIGHAnthropic Launches Claude Security for AI-Driven Exploit Defense
Anthropic released Claude Security, a defensive AI suite to counter autonomous exploit tools like Mythos that weaponize zero-days in minutes. Targets enterprise SOCs.
HIGHLinux 'Copy Fail' LPE CVE-2026-31431 Lets Local Users Gain Root
CVE-2026-31431 (CVSS 7.8) dubbed 'Copy Fail' lets unprivileged local users write four controlled bytes to any readable file's page cache, enabling root on major Linux…
HIGHAPT29, Intellexa, NSO Share Identical Exploit Chains
Google TAG finds APT29 using exploit chains identical to those deployed by Intellexa and NSO Group, suggesting shared access to zero-day suppliers or exploit resale.
HIGHGoogle TAG: 97 Zero-Days Exploited in Wild During 2023
Google TAG reports 97 zero-days were exploited in the wild in 2023, up from 62 in 2022. Commercial surveillance vendors drove 80% of targeted exploits. Full report released.
HIGHCISA Adds Actively Exploited ConnectWise, Windows Flaws to KEV
CISA added CVE-2024-1708 (ConnectWise ScreenConnect path traversal, CVSS 8.4) and an unnamed Windows flaw to its KEV catalog based on confirmed active exploitation.
CRITICALcPanel & WHM Authentication Bypass CVE-2026-41940: CVSS 9.8
CVE-2026-41940: Unauthenticated remote attackers can bypass authentication in cPanel & WHM and WP Squared. CVSS 9.8. Patch released April 28, 2026.
CRITICALCVE-2026-25874: Unpatched RCE Flaw in Hugging Face LeRobot
CVE-2026-25874 (CVSS 9.3) in Hugging Face LeRobot enables unauthenticated RCE via unsafe deserialization.
HIGHGitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
CVE-2026-3854 (CVSS 8.7) lets authenticated users with push access achieve remote code execution on GitHub.com and GitHub Enterprise Server via a crafted git push command.
HIGHOracle VirtualBox Race Condition Lets Attackers Escalate Privileges
CVE-2026-35230: A race condition in VirtualBox's SoundBlaster 16 emulation allows local attackers with high-privileged guest access to escalate privileges. CVSS 7.5.
HIGHProject Zero Dusts Off 2017 VirtualBox Escape Draft With
Google Project Zero published a 2017 draft detailing CVE-2017-3558, a VirtualBox VM escape allowing host userspace compromise. No new exploit code released.
HIGHZero-Window Era: NDR Playbooks for Post-Mythos Exploits
Claude Mythos and Project Glasswing shrink exploit windows to near-zero. The Hacker News details NDR playbooks to contain AI-driven attacks before patching is possible.
HIGHFlowise Auth Bypass CVE-2026-41276 Lets Attackers Reset Passwords
CVE-2026-41276 (CVSS 8.1) in Flowise AccountService resetPassword lets unauthenticated attackers bypass authentication. ZDI advisory warns no auth required.
HIGHFoxit PDF Reader CVE-2026-5943 Use-After-Free RCE Exploited via
CVE-2026-5943: A use-after-free in Foxit PDF Reader's AcroForm annotation handling allows unauthenticated RCE (CVSS 7.8). Requires user to open a malicious PDF.
LOWFoxit PDF Reader Use-After-Free Leaks Memory via AcroForm Signatures
CVE-2026-5942: A use-after-free in Foxit PDF Reader's AcroForm signature handling lets attackers read process memory. CVSS 3.3. User must open a malicious file.
HIGHGoogle Project Zero Details macOS coreaudiod Exploit Chain
Google Project Zero published exploit details for CVE-2024-54529, a type confusion in macOS coreaudiod allowing sandbox escape via knowledge-driven fuzzing.
CRITICALLiteLLM CVE-2026-42208 Pre-Auth SQLi Exploited in Attacks
Attackers exploit CVE-2026-42208, a critical pre-authentication SQL injection in LiteLLM LLM gateway, to steal API keys and model data. CVSS 9.8. No patch yet.
HIGHFirefox CVE-2026-6770 Patched After Tor User Fingerprinting Risk
CVE-2026-6770 in Firefox allowed fingerprinting of Tor users via a timing side-channel. Mozilla patched the flaw in Firefox 150 and Tor 15.0.10.
CRITICALPhantomCore Exploits TrueConf Zero-Days in Russian Network Attacks
Pro-Ukrainian hacktivist group PhantomCore has been exploiting three TrueConf vulnerabilities since September 2025 to execute remote commands on Russian servers, Positive…
CRITICALKaspersky Details Coruna Exploit Kit Behind Operation Triangulation
Kaspersky GReAT reveals Coruna framework used in Operation Triangulation: updated kernel exploits for CVE-2023-32434 and CVE-2023-38606 targeting iPhones with zero-click iMessage…
HIGHTrueConf Zero-Day CVE-2026-3502 Hit Southeast Asian Govts
Check Point Research uncovered CVE-2026-3502, a 7.8-CVSS privilege escalation in TrueConf client, exploited in targeted attacks against Southeast Asian government entities since…
CRITICALCISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Deadline
CISA added 4 actively exploited vulnerabilities to its KEV catalog — SimpleHelp, Samsung MagicINFO 9, and D-Link DIR-823X — with a May 2026 federal remediation deadline.
HIGHDelta ASDA-Soft PAR Buffer Overflow Hits 7.8 CVSS
CVE-2026-5726: A stack-based buffer overflow in Delta Electronics ASDA-Soft PAR file parsing scores 7.8 CVSS and enables remote code execution via crafted PAR files.
CRITICALFortiGate SSO Bypass CVE-2025-59718 Exploited in Active Attacks
Rapid7 IR confirms active exploitation of CVE-2025-59718 — a 9.8-CVSS FortiGate SSO bypass — enabling attackers to gain persistent admin access on unpatched appliances.
CRITICALMicrosoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege
Microsoft released out-of-band patches for CVE-2026-40372, a 9.1-CVSS privilege escalation flaw in ASP.NET Core affecting all supported versions.
HIGHDocker Desktop ECI Flaw CVE-2026-6406 Lets Attackers Escalate
CVE-2026-6406 (CVSS 8.8) in Docker Desktop's Enhanced Container Isolation allows local attackers with low-privileged code execution inside a container to escalate privileges on…
HIGHLMDeploy SSRF Flaw CVE-2026-33626 Exploited 13 Hours After Disclosure
CVE-2026-33626 (CVSS 7.5) in LMDeploy, an open-source LLM toolkit, was exploited in the wild within 13 hours of public disclosure, enabling SSRF attacks to access sensitive…
HIGHSiemens SINEC NMS Authentication Bypass CVE-2026-24032 Gets 7.3 CVSS
ZDI disclosed CVE-2026-24032, a 7.3-CVSS authentication bypass in Siemens SINEC NMS that requires no authentication to exploit. Affects industrial network management systems.
HIGHApple Patches iOS Flaw That Stored Deleted Signal Notifications
CVE-2026-28950 in iOS Notification Services retained deleted Signal messages on device, accessible via forensic tools. Apple fixed the logging flaw in iOS 18.4.1 and iPadOS 18.4.1.
HIGHMirai Botnet Exploits D-Link Router Flaw CVE-2025-29635
Mirai botnet operators exploit CVE-2025-29635, a CVSS 8.8 command injection flaw in end-of-life D-Link DIR-823X routers, to deploy malware and launch DDoS attacks.
CRITICALCohere AI Terrarium Sandbox Flaw Allows Root Code Execution,
CVE-2026-5752 (CVSS 9.3) in Cohere AI's Terrarium sandbox enables root-level code execution and container escape via JavaScript prototype chain traversal.
CRITICALCrowdStrike LogScale Vulnerability CVE-2026-40050 Lets Attackers Read
CrowdStrike warns of critical unauthenticated path-traversal flaw (CVE-2026-40050, CVSS 9.8) in LogScale cluster API endpoint allowing remote file reads from server filesystem.
CRITICALBomgar RMM Exploit Fuels Ransomware and Supply Chain Attacks
CVE-2026-1731, a critical 9.8 CVSS flaw in BeyondTrust's Bomgar RMM, is being actively exploited to deploy ransomware and compromise IT service providers in global supply chain attacks.
HIGHWindows Snipping Tool Vulnerability Leaks NTLM Hashes via Malicious Links
CVE-2026-33829 in Windows Snipping Tool allows attackers to steal NTLMv2 hashes via malicious links. A public PoC exploit targets the ms-screensketch protocol to enable credential relay attacks.
INFORMATIONALNIST Abandons Comprehensive NVD Analysis for Risk-Based Prioritization
NIST will no longer analyze all 263,000+ annual CVE submissions, shifting to a risk-based model to prioritize high-impact flaws as submissions surge 263% since 2020.
CRITICALSGLang Vulnerability CVE-2026-5760 Enables Remote Code Execution via GGUF Files
CVE-2026-5760, a critical 9.8 CVSS flaw in the SGLang inference engine, allows attackers to execute arbitrary code by uploading malicious GGUF model files, compromising AI/ML serving deployments.
CRITICALLazarus Group Steals $290 Million in KelpDAO Cross-Chain Bridge Attack
North Korea's Lazarus Group exploited a smart contract flaw to steal $290 million from the KelpDAO cross-chain bridge, marking one of the largest DeFi heists of 2026 and highlighting persistent risks in cross-chain infrastructure.
HIGHAI-Powered Vulnerability Discovery Accelerates Exploit Timelines, Strains
Qualys warns that AI agents like Claude Mythos can cut vulnerability discovery time from months to hours, compressing the patch window and overwhelming security teams with a surge of new CVEs.
CRITICALMicrosoft Office Excel Flaw Exploited in Active Attacks
CISA orders federal agencies to patch CVE-2009-0238, a 17-year-old Microsoft Office Excel remote code execution flaw, by April 28, 2026, due to active exploitation.
HIGHSamsung MagicINFO 9 Server Local Privilege Escalation Vulnerability Patched
CVE-2026-25203, a CVSS 7.8 local privilege escalation flaw in Samsung MagicINFO 9 Server, allows authenticated attackers to gain SYSTEM privileges by exploiting incorrect default permissions on a service.
CRITICALInterlock Ransomware Exploits Cisco FMC Zero-Day in Global Attacks
The Interlock ransomware group is actively exploiting a zero-day vulnerability in Cisco Firepower Management Center to breach networks. Recorded Future identified 31 high-impact flaws in March 2026, a 139% monthly increase.
HIGHATEN Unizon RPC Service Vulnerable to Unauthenticated Denial-of-Service
CVE-2026-5057, with a CVSS score of 7.5, exposes ATEN Unizon to unauthenticated denial-of-service attacks via its RPC service, allowing remote attackers to crash the device management platform.
HIGHAvast Premium Security Driver Vulnerability Enables Local Privilege Escalation
CVE-2026-5424, a flaw in Avast Premium Security's self-protection driver, allows local attackers to escalate to SYSTEM privileges. The Zero Day Initiative assigned a CVSS score of 7.8 to the vulnerability.
CRITICALCritical Code Execution Flaw Patched in NI LabVIEW
A critical vulnerability (CVE-2026-32861) in NI LabVIEW allows remote attackers to execute arbitrary code by tricking a user into opening a malicious LVCLASS file, with a CVSS score of 7.8.
MEDIUMDriveLock Directory Traversal Vulnerability Exposes Sensitive System Information
A directory traversal vulnerability (CVE-2026-5492) in DriveLock endpoint security software allows authenticated attackers to read arbitrary files, potentially exposing sensitive system information and configuration data.
HIGHDriveLock Privilege Escalation Flaw Allows Attackers to Bypass Security
A critical SQL injection vulnerability (CVE-2026-5490) in DriveLock endpoint security software allows authenticated attackers to escalate privileges and bypass the product's own security controls, according to the Zero Day Initiative.
HIGHGIMP HDR File Parsing Vulnerability Enables Remote Code Execution
A heap-based buffer overflow vulnerability (CVE-2026-2050) in the GNU Image Manipulation Program (GIMP) allows remote attackers to execute arbitrary code when a user opens a malicious HDR image file.
HIGHGStreamer qtdemux Flaw Enables Remote Code Execution
A stack-based buffer overflow vulnerability (CVE-2026-5056) in the GStreamer multimedia framework's qtdemux component allows remote attackers to execute arbitrary code, posing a risk to numerous media-processing applications.
HIGHHP DeskJet 2855e Printer Vulnerable to Remote Code Execution
A stack-based buffer overflow vulnerability (CVE-2026-4682) in the HP DeskJet 2855e printer allows network-adjacent attackers to execute arbitrary code without authentication, earning a CVSS score of 8.8.
HIGHLinux Kernel ETS Scheduler Race Condition Enables Local Privilege Escalation
A race condition vulnerability (CVE-2025-71066) in the Linux kernel's ETS scheduler can allow local attackers to escalate privileges to root, earning a CVSS score of 7.5 from the Zero Day Initiative.
HIGHMicrosoft Patches Windows win32kfull Local Privilege Escalation Vulnerability
Microsoft has patched a local privilege escalation vulnerability (CVE-2026-33104) in the Windows win32kfull driver, which could allow authenticated attackers to gain SYSTEM privileges. The flaw was disclosed by the Zero Day Initiative.
HIGHMicrosoft vcpkg OpenSSL Vulnerability Enables Local Privilege Escalation
A vulnerability (CVE-2026-34054) in the Microsoft vcpkg port of OpenSSL allows local attackers to escalate privileges on affected systems, earning a CVSS score of 7.8.
HIGHMicrosoft Windows Secure Kernel Double Free Vulnerability Enables Local
A double-free vulnerability (CVE-2026-26179) in the Microsoft Windows Secure Kernel allows local attackers to escalate privileges, potentially to SYSTEM. The flaw, rated 7.5 CVSS, requires an attacker to first execute high-privileged code.
HIGHMicrosoft Windows Snipping Tool Vulnerability Enables Remote Code Execution
A vulnerability (CVE-2026-32183) in the Microsoft Windows Snipping Tool allows remote attackers to execute arbitrary code via a malicious file or webpage, requiring only user interaction to trigger the exploit.
MEDIUMMirai Variant Nexcorium Exploits DVR Flaw to Build DDoS Botnet
A new Mirai botnet variant, 'Nexcorium,' is exploiting a command injection flaw (CVE-2024-3721) in TBK DVRs and end-of-life TP-Link routers to conscript devices into a distributed denial-of-service (DDoS) swarm.
CRITICALPoC Exploit Released for Critical FortiSandbox Command Injection Flaw
A proof-of-concept exploit for CVE-2026-39808, a critical command injection vulnerability in Fortinet FortiSandbox, has been released. The flaw allows unauthenticated attackers to execute arbitrary OS commands as root.
CRITICALQNAP TS-453E QVRPro Exposed Method Enables Remote Code Execution
A critical vulnerability (CVE-2026-22898) in QNAP TS-453E QVRPro allows network-adjacent attackers to execute arbitrary code without authentication, receiving a CVSS score of 8.8 from the Zero Day Initiative.
CRITICALTrend Micro Apex One Console Vulnerable to Unauthenticated RCE
CVE-2025-54987, a critical 9.8 CVSS flaw in Trend Micro Apex One, allows unauthenticated attackers to execute arbitrary code via directory traversal in the management console.
HIGHApache ActiveMQ Vulnerability Exploited, Added to CISA KEV Catalog
A high-severity flaw in Apache ActiveMQ Classic, CVE-2026-34197 (CVSS 8.8), is under active exploitation, prompting CISA to add it to its Known Exploited Vulnerabilities catalog and mandate patching for federal agencies.
INFORMATIONALNIST Limits CVE Enrichment Amid Overwhelming Surge in Submissions
NIST will no longer fully analyze all CVEs submitted to the National Vulnerability Database, citing a 263% increase in submissions that has overwhelmed its enrichment process, leaving security teams with less context.
CRITICALTP-Link Router Flaw Exploited by Mirai Botnet Variant
Attackers are exploiting CVE-2023-33538, a command injection flaw in TP-Link Archer AX21 routers, to deploy a Mirai botnet variant. The campaign hijacks devices for DDoS attacks and credential theft.
INFORMATIONALNIST Overhauls National Vulnerability Database, Prioritizes High-Risk CVE
NIST will cease comprehensive analysis for all CVEs, shifting to enrich only the highest-risk vulnerabilities due to a 263% surge in submissions, fundamentally altering how the security community uses the NVD.
CRITICALSAP Patches Critical SQL Injection Flaw in Business Planning and Consolidation
SAP has patched a critical SQL injection vulnerability (CVE-2026-27681, CVSS 9.9) in its Business Planning and Consolidation and Business Warehouse applications, allowing attackers to execute arbitrary database commands.
CRITICALCritical etcd Authentication Bypass Exposes Kubernetes Cluster Secrets
A critical authentication bypass flaw in etcd, CVE-2026-33413 (CVSS 8.8), allows unauthorized access to sensitive cluster APIs, potentially exposing secrets and configurations in Kubernetes and cloud-native environments.
CRITICALCritical Nginx UI Vulnerability Actively Exploited for Remote Server Takeover
Attackers are actively exploiting CVE-2026-33032, a critical flaw in the Nginx UI management tool, to execute arbitrary code and gain full control of affected web servers.
INFORMATIONALENISA Official Warns of Fragile Global CVE Infrastructure Amid EU Regulatory
The head of ENISA's vulnerability services warns that recent CVE program funding instability exposed systemic fragility in global disclosure, as new EU regulations make coordinated disclosure a legal obligation for vendors and critical entities.
HIGHEssentialPlugin WordPress Suite Compromised to Deploy Backdoor on Thousands of
The EssentialPlugin suite, comprising over 30 popular WordPress plugins, has been compromised to inject a backdoor granting attackers administrative access to thousands of websites. The supply chain attack is actively being exploited.
HIGHMicrosoft Patches Defender Zero-Day Allowing Local Privilege Escalation
Microsoft patches CVE-2026-33825, an 'Important' zero-day flaw in the Microsoft Defender Antimalware Platform that allows local attackers to escalate privileges to SYSTEM. The vulnerability was publicly disclosed on April 14, 2026.
HIGHMicrosoft Confirms Active Exploitation of SharePoint Zero-Day Spoofing Flaw
Microsoft warns that a critical spoofing vulnerability, CVE-2026-32201, in SharePoint Server is being actively exploited. The flaw allows attackers to bypass authentication and access sensitive data.
HIGHCISA Flags Six Actively Exploited Flaws in Fortinet, Microsoft, Adobe
CISA added six vulnerabilities in Fortinet, Microsoft, and Adobe software to its Known Exploited Vulnerabilities catalog, warning of active in-the-wild attacks requiring urgent patching.
HIGHCISA Warns of Actively Exploited Windows, Adobe Acrobat Vulnerabilities
CISA adds two new vulnerabilities to its KEV catalog: a Windows SmartScreen bypass (CVE-2024-21412) and an Adobe Acrobat Reader code execution flaw (CVE-2024-20662), both under active exploitation.
HIGHMicrosoft Patches Exploited SharePoint Zero-Day Among 161 Vulnerabilities
Microsoft's April 2025 Patch Tuesday addresses 161 CVEs, including an actively exploited zero-day in SharePoint Server (CVE-2025-27088) and a critical RCE in Windows DNS (CVE-2025-27080).
HIGHCritical PHP Composer Flaws Allow Remote Command Execution via Perforce Driver
Two high-severity command injection vulnerabilities (CVE-2026-40176, CVE-2026-40177) in PHP Composer's Perforce driver enable arbitrary command execution on developer systems during package operations.
CRITICALShowDoc RCE Vulnerability CVE-2025-0520 Under Active Exploitation
Attackers are actively exploiting CVE-2025-0520, a critical RCE flaw in ShowDoc, to compromise unpatched servers via unrestricted file upload. The vulnerability has a CVSS score of 9.4.
HIGHKraken Faces Extortion After Insider Breach Exposed Bug Bounty Flaw
Kraken's security team discovered an insider breach where a researcher exploited a zero-day flaw to steal $3 million in crypto, then demanded a bug bounty payment.
MEDIUMMcGraw-Hill Data Breach Linked to Exploited Salesforce Misconfiguration
McGraw-Hill breached via a misconfigured Salesforce instance — ShinyHunters claim 13.5M user records exposed. Root cause, scope of access, and what educators and SaaS admins should check now.
CRITICALAdobe Patches Acrobat Zero-Day Exploited via Malicious PDFs for Months
Adobe patches CVE-2024-34102, a critical zero-day vulnerability in Acrobat and Reader exploited via malicious PDFs for at least four months prior to discovery.
HIGHCVE-2024-38112: BlueHammer PoC Escalates Windows to SYSTEM
Researcher Chaotic Eclipse published a PoC for CVE-2024-38112, a Windows zero-day that grants local SYSTEM privileges, citing MS disclosure failures.
CRITICALCritical Android SDK Flaw Exposed Millions of Crypto Wallet Private Keys
A vulnerability in the EngageLab Push SDK, tracked as CVE-2023-4863, allowed attackers to steal private keys from millions of Android cryptocurrency wallets by intercepting push notifications.
CRITICALCritical wolfSSL Flaw Allows Attackers to Forge TLS Certificates
A critical vulnerability (CVE-2022-39173) in the wolfSSL library allows attackers to forge TLS certificates, enabling MITM attacks and impersonation of trusted services.
CRITICALCritical WordPress Plugin Flaw Allows Unauthenticated Admin Takeover
A critical flaw (CVE-2026-1492) in the User Registration & Membership WordPress plugin allows unauthenticated attackers to bypass login and gain full administrator access, impacting thousands of sites.
CRITICALCritical Marimo RCE Flaw Exploited Within Hours of Disclosure
A critical pre-authentication remote code execution vulnerability (CVE-2026-39987) in the Marimo Python notebook was exploited in the wild within 10 hours of public disclosure, posing a severe risk to data science environments.
HIGHOrthanc DICOM CVE-2023-26012: Pre-Auth RCE on Imaging Servers
Three flaws in Orthanc DICOM server let unauthenticated attackers crash, read, or take over hospital imaging systems. Affected versions and patch details inside.
CRITICALCritical PDF Zero-Day Exploited for Months, Infrastructure Espionage Revealed
A critical zero-day vulnerability in widely used PDF software has been actively exploited for months. Concurrently, state-sponsored actors have been targeting fiber optic infrastructure for espionage.
HIGHFancy Bear APT Exploits Unpatched Flaws in Global Espionage Campaign
Russia's APT28 (Fancy Bear) is conducting a global cyber espionage campaign, exploiting unpatched vulnerabilities in routers and network devices to infiltrate government and defense targets.
HIGHSANS Stormcast: Exploits Target Ivanti, Fortinet, and VMware Flaws
The SANS Internet Storm Center reports active exploitation of vulnerabilities in Ivanti, Fortinet, and VMware products, alongside a new phishing campaign using malicious OneNote attachments.
CRITICALAdobe Patches Critical Acrobat Reader Flaw Under Active Exploitation
Adobe has released emergency updates for a critical vulnerability (CVE-2026-34621) in Acrobat Reader that is being actively exploited to execute arbitrary code.
CRITICALJuniper Patches Critical RCE Flaw in Junos OS, Dozens of Other Vulnerabilities
Juniper Networks has released patches for a critical, pre-authentication remote code execution vulnerability in Junos OS, alongside dozens of other security fixes.
INFORMATIONALMetasploit Framework Expands with Cisco, osTicket Exploits and LDAP Enhancements
The latest Metasploit Framework release introduces exploit modules for Cisco Catalyst SD-WAN and osTicket, alongside significant improvements to LDAP/ADCS data collection and Windows persistence techniques.
HIGHStryker Hit by Cyberattack, Windows Zero-Day Exploited, China Supercomputer Hacked
Medical device giant Stryker confirms a cyberattack, while a patched Windows zero-day is actively exploited and a Chinese supercomputer cluster is breached.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.