Total CVEs

144,269

Critical Severity

4,162

High Severity

14,979

Last 7 Days

1,663
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 20,781 - 20,800 of 40,674 CVEs

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where get_byte_inc() in src/oscore/oscore_cbor.c relies solely on assert() for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malfo...

Vendor: libcoap
Product: libcoap
Published: Apr 17, 2026
Source: NVD
CVE-2026-40931 HIGH - 8.4

Compressing is a compressing and uncompressing lib for node. Prior to 2.1.1 and 1.10.5, the patch for CVE-2026-24884 relies on a purely logical string validation within the isPathWithinParent utility. This check verifies if a resolved path string starts with the destination directory string but fail...

Vendor: npm
Product: compressing
Published: Apr 17, 2026
Source: GitHub
CVE-2026-40527 HIGH - 7.8

radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can embed malicious r2 command sequences as DWARF DW_TAG_formal_parameter names. Attackers can craft a binary with shell commands in DWARF parameter names that execute...

Vendor: radareorg
Product: radare2
Published: Apr 17, 2026
Source: NVD
CVE-2026-40301 MEDIUM - 4.7

DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+. Prior to version 1.0.10, DOMSanitizer::sanitize() allows <style> elements in SVG content but never inspects their text content. CSS url() references and @import rules pass through unfiltered, causing the browser to issue HTTP requests to...

Vendor: rhukster
Product: dom-sanitizer
Published: Apr 17, 2026
Source: NVD

next-intl provides internationalization for Next.js. Applications using the `next-intl` middleware prior to version 4.9.1with `localePrefix: 'as-needed'` could construct URLs where path handling and the WHATWG URL parser resolved a relative redirect target to another host (e.g. scheme-rela...

Vendor: amannn
Product: next-intl
Published: Apr 17, 2026
Source: NVD
CVE-2026-40293 MEDIUM - 6.5

OpenFGA is an authorization/permission engine built for developers. In versions 0.1.4 through 1.13.1, when OpenFGA is configured to use preshared-key authentication with the built-in playground enabled, the local server includes the preshared API key in the HTML response of the /playground endpoint....

Vendor: openfga
Product: openfga
Published: Apr 17, 2026
Source: NVD
CVE-2026-40286 HIGH - 7.5

WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting (XSS) vulnerability was identified in the 'Member Registration' (Cadastrar SĂłcio) function. By injecting a payload into the 'Member Name' (Nome SĂłcio) field, the script ...

Vendor: LabRedesCefetRJ
Product: WeGIA
Published: Apr 17, 2026
Source: NVD
CVE-2026-40285 HIGH - 8.8

WeGIA is a web manager for charitable institutions. Versions prior to 3.6.10 contain a SQL injection vulnerability in dao/memorando/UsuarioDAO.php. The cpf_usuario POST parameter overwrites the session-stored user identity via extract($_REQUEST) in DespachoControle::verificarDespacho(), and the atta...

Vendor: LabRedesCefetRJ
Product: WeGIA
Published: Apr 17, 2026
Source: NVD
CVE-2026-40284 MEDIUM - 6.8

WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user to inject malicious JavaScript via the "Destinatário" field. The payload is stored and later executed when viewing the dispatch pa...

Vendor: LabRedesCefetRJ
Product: WeGIA
Published: Apr 17, 2026
Source: NVD

WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user to inject malicious JavaScript into the IntercorrĂŞncias notification page, which is executed when user access the the page, enabling session...

Vendor: LabRedesCefetRJ
Product: WeGIA
Published: Apr 17, 2026
Source: NVD
CVE-2026-40196 HIGH - 8.1

HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerability where the defaultGroup ID remained permanently assigned to a user after being invited to a group, even after their access to that group was revoked. While the web interface correctly enforced the ac...

Vendor: sysadminsmedia
Product: homebox
Published: Apr 17, 2026
Source: NVD
CVE-2026-40155 MEDIUM - 5.4

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In versions 4.12.0 through 4.17.1, simultaneous requests that trigger a nonce retry may cause the proxy cache fetcher to perform improper lookups for the token request results. Users are affected if thei...

Vendor: auth0
Product: nextjs-auth0
Published: Apr 17, 2026
Source: NVD
CVE-2026-35603 MEDIUM - 7.3

Claude Code is an agentic coding tool. In versions prior to 2.1.75 on Windows, Claude Code loaded the system-wide default configuration from C:\ProgramData\ClaudeCode\managed-settings.json without validating directory ownership or access permissions. Because the ProgramData directory is writable by ...

Vendor: anthropics
Product: claude-code
Published: Apr 17, 2026
Source: NVD

xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX (graphics dynamic virtual channel) implementation due to insufficient validation of client-controlled size parameters, allowing an out-of-bounds write via crafted PDUs. Pre-authentication exploit...

Vendor: neutrinolabs
Product: xrdp
Published: Apr 17, 2026
Source: NVD

mcp-neo4j-cypher is an MCP server for executing Cypher queries against Neo4j databases. In versions prior to 0.6.0, the read_only mode enforcement can be bypassed using APOC CALL procedures, potentially allowing unauthorized write operations or server-side request forgery. This issue is fixed in ver...

Vendor: neo4j-contrib
Product: mcp-neo4j
Published: Apr 17, 2026
Source: NVD

xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability in the pre-authentication RDP message parsing logic. A remote, unauthenticated attacker can trigger this flaw by sending a specially crafted sequence of packets during the initial connection phase. Th...

Vendor: neutrinolabs
Product: xrdp
Published: Apr 17, 2026
Source: NVD

Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. In versions prior to 2.0.0, file upload endpoints render user-supplied filenames directly into HTML using unsafe methods like innerHTML without sanitization. An attacker can craft a file with a malicio...

Vendor: Stirling-Tools
Product: Stirling-PDF
Published: Apr 17, 2026
Source: NVD
CVE-2026-33145 MEDIUM - 6.3

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled (which is the default when not explicitly c...

Vendor: neutrinolabs
Product: xrdp
Published: Apr 17, 2026
Source: NVD

Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. In versions prior to 23.0.0 , the ODT to PDF conversion process in odf.php concatenates the MAIN_ODT_AS_PDF configuration constant directly into a shell command passed to exec() without san...

Vendor: Dolibarr
Product: dolibarr
Published: Apr 17, 2026
Source: NVD
CVE-2026-40461 HIGH - 7.5

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings (e.g., enabling SSH), allowing unauthorized state changes that can facilitate later compromise.

Vendor: Anviz
Product: Anviz CX7 Firmware, Anviz CX2 Lite Firmware
Published: Apr 17, 2026
Source: NVD