Total CVEs

144,269

Critical Severity

4,162

High Severity

14,979

Last 7 Days

1,670
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 22,081 - 22,100 of 40,674 CVEs
CVE-2026-35620 MEDIUM - 5.4

OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands fail to enforce operat...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35619 MEDIUM - 4.3

OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the stric...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35602 MEDIUM - 5.4

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the Vikunja file import endpoint uses the attacker-controlled Size field from the JSON metadata inside the import zip instead of the actual decompressed file content length for the file size enforcement check. By setting...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35601 MEDIUM - 4.1

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the CalDAV output generator builds iCalendar VTODO entries via raw string concatenation without applying RFC 5545 TEXT value escaping. User-controlled task titles containing CRLF characters break the iCalendar property b...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35600 MEDIUM - 5.4

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, task titles are embedded directly into Markdown link syntax in overdue email notifications without escaping Markdown special characters. When rendered by goldmark and sanitized by bluemonday (which allows <a> and &...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35599 MEDIUM - 6.5

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the addRepeatIntervalToTime function uses an O(n) loop that advances a date by the task's RepeatAfter duration until it exceeds the current time. By creating a repeating task with a 1-second interval and a due date ...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35598 MEDIUM - 4.3

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the CalDAV GetResource and GetResourcesByList methods fetch tasks by UID from the database without verifying that the authenticated user has access to the task's project. Any authenticated CalDAV user who knows (or ...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35597 MEDIUM - 5.9

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the TOTP failed-attempt lockout mechanism is non-functional due to a database transaction handling bug. When a TOTP validation fails, the login handler in pkg/routes/api/v1/login.go calls HandleFailedTOTPAuth and then un...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35596 MEDIUM - 4.3

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the hasAccessToLabel function contains a SQL operator precedence bug that allows any authenticated user to read any label that has at least one task association, regardless of project access. Label titles, descriptions, ...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35595 HIGH - 8.3

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the CanUpdate check at pkg/models/project_permissions.go:139-148 only requires CanWrite on the new parent project when changing parent_project_id. However, Vikunja's permission model uses a recursive CTE that walks ...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-22560 MEDIUM - 5.3

An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.

Vendor: Rocket.Chat
Product: Rocket.Chat
Published: Apr 10, 2026
Source: NVD

In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set.

Vendor: systemd
Product: systemd
Published: Apr 10, 2026
Source: NVD
CVE-2026-40227 MEDIUM - 6.2

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element.

Vendor: systemd
Product: systemd
Published: Apr 10, 2026
Source: NVD
CVE-2026-40226 MEDIUM - 6.4

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.

Vendor: systemd
Product: systemd
Published: Apr 10, 2026
Source: NVD
CVE-2026-40225 MEDIUM - 6.4

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

Vendor: systemd
Product: systemd
Published: Apr 10, 2026
Source: NVD
CVE-2026-40224 MEDIUM - 6.7

In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.

Vendor: systemd
Product: systemd
Published: Apr 10, 2026
Source: NVD
CVE-2026-40223 MEDIUM - 4.7

In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User=<unset> unit exists and is running.

Vendor: systemd
Product: systemd
Published: Apr 10, 2026
Source: NVD

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx_1_1xml_1_1XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/#charsets in log messages, NDC, and MDC property keys and values...

Vendor: Apache Software Foundation
Product: Apache Log4cxx, Apache Log4cxx (Conan), Apache Log4cxx (Brew)
Published: Apr 10, 2026
Source: NVD

Apache Log4net's XmlLayout https://logging.apache.org/log4net/manual/configuration/layouts.html#layout-list and XmlLayoutSchemaLog4J https://logging.apache.org/log4net/manual/configuration/layouts.html#layout-list , in versions before 3.3.0, fail to sanitize characters forbidden by the XML ...

Vendor: Apache Software Foundation
Product: Apache Log4net
Published: Apr 10, 2026
Source: NVD
CVE-2026-35594 MEDIUM - 6.5

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's link share authentication (GetLinkShareFromClaims in pkg/models/link_sharing.go) constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner ...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD