Total CVEs

144,269

Critical Severity

4,162

High Severity

14,979

Last 7 Days

1,663
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 22,101 - 22,120 of 40,674 CVEs
CVE-2026-34727 HIGH - 7.4

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback mechanis...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD

Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values (NaN, Infinity, or -Infinity), which are prohibited by RFC 825...

Vendor: Apache Software Foundation
Product: Apache Log4j JSON Template Layout
Published: Apr 10, 2026
Source: NVD

Apache Log4j Core's XmlLayout https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout , in versions up to and including 2.25.3, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/#charsets producing invalid XML output whenever a log messa...

Vendor: Apache Software Foundation
Product: Apache Log4j Core
Published: Apr 10, 2026
Source: NVD

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log processing...

Vendor: Apache Software Foundation
Product: Apache Log4j 1 to Log4j 2 bridge
Published: Apr 10, 2026
Source: NVD

Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to undocumented renames of security-relevant configuration attributes. Two distinct issues affect...

Vendor: Apache Software Foundation
Product: Apache Log4j Core
Published: Apr 10, 2026
Source: NVD

The fix for CVE-2025-68161 https://logging.apache.org/security.html#CVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.html#log4j2.sslVerifyHostName system property, but...

Vendor: Apache Software Foundation
Product: Apache Log4j Core
Published: Apr 10, 2026
Source: NVD
CVE-2026-29043 MEDIUM - 5.5

HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition in the H5T__ref_mem_setnull method. This can lead to a denial-of-service condition, and potentially further issues such as remot...

Vendor: HDFGroup
Product: hdf5
Published: Apr 10, 2026
Source: NVD
CVE-2026-29002 HIGH - 7.2

CouchCMS contains a privilege escalation vulnerability that allows authenticated Admin-level users to create SuperAdmin accounts by tampering with the f_k_levels_list parameter in user creation requests. Attackers can modify the parameter value from 4 to 10 in the HTTP request body to bypass authori...

Vendor: CouchCMS
Product: CouchCMS
Published: Apr 10, 2026
Source: NVD
CVE-2026-23781 CRITICAL - 9.8

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A set of default debug user credentials is hardcoded in cleartext within the application package. If left unchanged, these credentials can be easily obtained and may allow unauthorized access to the MFT API debug interface.

Published: Apr 10, 2026
Source: NVD
CVE-2026-36236 CRITICAL - 9.8

SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the new_password parameter.

Vendor: janobe
Product: engineers_online_portal
Published: Apr 10, 2026
Source: NVD
CVE-2026-36235 CRITICAL - 9.8

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation.

Vendor: itsourcecode
Product: online_student_enrollment_system
Published: Apr 10, 2026
Source: NVD
CVE-2026-36234 CRITICAL - 9.8

itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter.

Vendor: itsourcecode
Product: online_student_enrollment_system
Published: Apr 10, 2026
Source: NVD
CVE-2026-36233 CRITICAL - 9.8

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...

Vendor: itsourcecode
Product: online_student_enrollment_system
Published: Apr 10, 2026
Source: NVD
CVE-2026-36232 CRITICAL - 9.8

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $_GET['classId'] is directly concatenated into the SQL query without any sanitization or...

Vendor: itsourcecode
Product: online_student_enrollment_system
Published: Apr 10, 2026
Source: NVD
CVE-2026-31262 MEDIUM - 6.1

Cross Site Scripting vulnerability in Altenar Sportsbook Software Platform (SB2) v.2.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the URL parameter

Vendor: altenar
Product: sportsbook
Published: Apr 10, 2026
Source: NVD
CVE-2026-29861 CRITICAL - 9.8

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php.

Published: Apr 10, 2026
Source: NVD
CVE-2026-23782 HIGH - 7.5

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. An API management endpoint allows unauthenticated users to obtain both an API identifier and its corresponding secret value. With these exposed secrets, an attacker could invoke privileged API operations, potentially leading to unau...

Published: Apr 10, 2026
Source: NVD
CVE-2026-23780 HIGH - 8.8

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A SQL injection vulnerability in the MFT API's debug interface allows an authenticated attacker to inject malicious queries due to improper input validation and unsafe dynamic SQL handling. Successful exploitation can enable ar...

Published: Apr 10, 2026
Source: NVD
CVE-2025-44560 CRITICAL - 9.8

owntone-server 2ca10d9 is vulnerable to Buffer Overflow due to lack of recursive checking.

Published: Apr 10, 2026
Source: NVD
CVE-2026-6069 HIGH - 7.5

NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when `slen` exceeds the buffer capacity.

Vendor: nasm
Product: netwide_assembler
Published: Apr 10, 2026
Source: NVD