Total CVEs

144,294

Critical Severity

4,165

High Severity

14,995

Last 7 Days

1,578
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 22,581 - 22,600 of 40,699 CVEs
CVE-2026-40035 CRITICAL - 9.1

Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by default. The debug configuration value is read as a string and passed directly to app.run(), causing any non-empty string to evaluate truthy, allowing attackers to access the...

Vendor: obsidianforensics
Product: unfurl
Published: Apr 08, 2026
Source: NVD
CVE-2026-40032 HIGH - 7.8

UAC (Unix-like Artifacts Collector) before 3.3.0-rc1 contains a command injection vulnerability in the placeholder substitution and command execution pipeline where the _run_command() function passes constructed command strings directly to eval without proper sanitization. Attackers can inject shell...

Vendor: tclahr
Product: UAC
Published: Apr 08, 2026
Source: NVD
CVE-2026-40031 HIGH - 7.8

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a malici...

Vendor: ufrisk
Product: MemProcFS
Published: Apr 08, 2026
Source: NVD
CVE-2026-40030 HIGH - 7.8

parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument (-v flag) is passed unsanitized into an os.popen() shell command with ls, allowing arbitrary command injection via crafted volume path arguments containing shell metacharacters. An attacker can...

Vendor: khyrenz
Product: parseusbs
Published: Apr 08, 2026
Source: NVD
CVE-2026-40029 HIGH - 7.8

parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsanitized into an os.popen() shell command, allowing arbitrary command execution via crafted .lnk filenames containing shell metacharacters. An attacker can craft a .lnk filename wit...

Vendor: khyrenz
Product: parseusbs
Published: Apr 08, 2026
Source: NVD
CVE-2026-40028 MEDIUM - 5.4

Hayabusa versions prior to 3.8.0 contain a cross-site scripting (XSS) vulnerability in its HTML report output that allows an attacker to execute arbitrary JavaScript when a user scans JSON-exported logs containing malicious content in the Computer field. An attacker can inject JavaScript into the Co...

Vendor: Yamato-Security
Product: hayabusa
Published: Apr 08, 2026
Source: NVD
CVE-2026-40027 HIGH - 7.3

ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerability in the NQ_Vault.py artifact parser that uses attacker-controlled file_name_from values from a database directly as the output filename, allowing arbitrary file writes outside the report output dire...

Vendor: abrignoni
Product: ALEAPP
Published: Apr 08, 2026
Source: NVD
CVE-2026-40026 MEDIUM - 4.4

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parse_susp() function trusts len_id, len_des, and len_src fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed...

Vendor: sleuthkit
Product: sleuthkit
Published: Apr 08, 2026
Source: NVD
CVE-2026-40025 MEDIUM - 4.4

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrapped_key_parser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS d...

Vendor: sleuthkit
Product: sleuthkit
Published: Apr 08, 2026
Source: NVD
CVE-2026-40024 HIGH - 7.1

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can cra...

Vendor: sleuthkit
Product: sleuthkit
Published: Apr 08, 2026
Source: NVD
CVE-2026-39901 MEDIUM - 5.7

monetr is a budgeting application focused on planning for recurring expenses. Prior to 1.12.3, a transaction integrity flaw allows an authenticated tenant user to soft-delete synced non-manual transactions through the transaction update endpoint, despite the application explicitly blocking deletion ...

Vendor: monetr
Product: monetr
Published: Apr 08, 2026
Source: NVD
CVE-2026-40088 CRITICAL - 9.7

PraisonAI is a multi-agent teams system. Prior to 4.5.121, the execute_command function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-generated tool calls, allowing attackers to inject arbitrary shell commands through shell metachara...

Vendor: pip
Product: PraisonAI
Published: Apr 08, 2026
Source: GitHub
CVE-2026-40087 MEDIUM - 5.3

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same at...

Vendor: pip
Product: langchain-core
Published: Apr 08, 2026
Source: GitHub

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket ...

Vendor: pip
Product: marimo
Published: Apr 08, 2026
Source: GitHub
CVE-2026-5805 HIGH - 7.3

A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of the file /users/contact_us.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been made available t...

Published: Apr 08, 2026
Source: NVD
CVE-2026-5803 MEDIUM - 6.3

A security flaw has been discovered in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c. The affected element is an unknown function of the file server.js of the component API Proxy Endpoint. Performing a manipulation of the argument Query results in server-side request forge...

Published: Apr 08, 2026
Source: NVD
CVE-2026-5451 MEDIUM - 6.4

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it pos...

Published: Apr 08, 2026
Source: NVD
CVE-2026-5436 HIGH - 8.1

The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1. This is due to insufficient validation of the $name parameter (upload field key) passed to the generate_user_file_dirpath() function, which uses WordPress's path_join() โ€” a f...

Published: Apr 08, 2026
Source: NVD
CVE-2026-39892 MEDIUM - 9.8

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulnerability is fixed in ...

Vendor: pyca
Product: cryptography
Published: Apr 08, 2026
Source: NVD
CVE-2026-39891 HIGH - 8.8

PraisonAI is a multi-agent teams system. Prior to 4.5.115, the create_agent_centric_tools() function returns tools (like acp_create_file) that process file content using template rendering. When user input from agent.start() is passed directly into these tools without escaping, template expressions ...

Vendor: MervinPraison
Product: PraisonAI
Published: Apr 08, 2026
Source: NVD