Total CVEs

143,749

Critical Severity

4,091

High Severity

14,758

Last 7 Days

1,518
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 20,501 - 20,520 of 40,154 CVEs
CVE-2026-6350 CRITICAL - 9.8

MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

Published: Apr 16, 2026
Source: NVD

The  iSherlock developed by HGiga  has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.

Published: Apr 16, 2026
Source: NVD
CVE-2026-6348 HIGH - 8.8

WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine as well as on all hosts within the environment where the agent is installed.

Published: Apr 16, 2026
Source: NVD
CVE-2026-41015 HIGH - 7.4

radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users are supposed to use the latest version from git (not a release), the date range for the vulnerable code was less than a week, occurring after 6.1.2 but before 6.1....

Vendor: radare
Product: radare2
Published: Apr 16, 2026
Source: NVD
CVE-2026-3885 MEDIUM - 6.4

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'su_box' shortcode in all versions up to, and including, 7.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This...

Published: Apr 16, 2026
Source: NVD

A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center(华硕大厅) allows a local user to achieve privilege escalation to Administrator via exploitation of a Time-of-check Time-of-use (TOC-TOU) during the update process, where an unexpected payload is substitu...

Published: Apr 16, 2026
Source: NVD

An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows the ...

Published: Apr 16, 2026
Source: NVD
CVE-2026-40962 MEDIUM - 4.9

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.

Vendor: FFMpeg
Product: FFMpeg
Published: Apr 16, 2026
Source: NVD

MuPDF mutool does not sanitize PDF metadata fields before writing them to terminal output, allowing attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to the terminal when runni...

Vendor: Artifex Software Inc.
Product: MuPDF
Published: Apr 16, 2026
Source: NVD
CVE-2026-40504 CRITICAL - 9.8

Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec function that allows attackers to write out-of-bounds memory by crafting scripts with many string literals at global scope. Attackers can exploit insufficient bounds checking in gravity_fiber_reassign(...

Vendor: marcobambini
Product: gravity
Published: Apr 16, 2026
Source: NVD
CVE-2026-3299 MEDIUM - 6.4

The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lyte' shortcode in all versions up to, and including, 1.7.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authe...

Published: Apr 16, 2026
Source: NVD
CVE-2026-40353 MEDIUM - 5.4

wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the attribution_link property in AbstractLicenseModel constructs HTML by directly interpolating user-controlled license fields (such as license_author) without escaping, and templates render the result using Django&#...

Vendor: pip
Product: wger
Published: Apr 16, 2026
Source: GitHub
CVE-2026-40474 HIGH - 7.6

wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the GymConfigUpdateView declares permission_required = 'config.change_gymconfig' but inherits WgerFormMixin instead of WgerPermissionMixin, so the permission is never enforced at runtime. Since GymConfig is...

Vendor: pip
Product: wger
Published: Apr 16, 2026
Source: GitHub
CVE-2026-40594 MEDIUM - 4.8

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the set_session_cookie_secure before_request handler in src/pyload/webui/app/__init__.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted...

Vendor: pip
Product: pyload-ng
Published: Apr 16, 2026
Source: GitHub
CVE-2026-40960 HIGH - 8.1

Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trusted_mods or secure.http_mods, then a crafted mod can intercept the request for the insecure environment or HTTP API, and also receive access to it.

Vendor: Luanti
Product: Luanti
Published: Apr 16, 2026
Source: NVD
CVE-2026-40959 CRITICAL - 9.3

Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.

Vendor: Luanti
Product: Luanti
Published: Apr 16, 2026
Source: NVD
CVE-2026-40503 MEDIUM - 6.5

OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /memory show slash command. Attackers can manipulate the path input parameter to escape the project memor...

Vendor: HKUDS
Product: OpenHarness
Published: Apr 16, 2026
Source: NVD
CVE-2026-40502 HIGH - 8.8

OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can execut...

Vendor: HKUDS
Product: OpenHarness
Published: Apr 16, 2026
Source: NVD
CVE-2026-32179 CRITICAL - 9.8

MsQuic has a Remote Elevation of Privilege Vulnerability

Vendor: nuget
Product: Microsoft.Native.Quic.MsQuic.OpenSSL
Published: Apr 16, 2026
Source: GitHub

Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allows Password Recovery Exploitation. The web interface encrypts the admin password client-side using RSA-1024 before sending it to the router during login.  An adjacent attacker with the ability to inter...

Published: Apr 16, 2026
Source: NVD