Total CVEs

145,906

Critical Severity

4,292

High Severity

15,777

Last 7 Days

2,205
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 23,621 - 23,640 of 42,311 CVEs
CVE-2026-3691 MEDIUM - 5.3

OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an OAuth authorization flow...

Published: Apr 11, 2026
Source: NVD
CVE-2026-3690 HIGH - 7.4

OpenClaw Canvas Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of OpenClaw. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the the authentication ...

Published: Apr 11, 2026
Source: NVD
CVE-2026-3689 MEDIUM - 6.5

OpenClaw Canvas Path Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the path...

Published: Apr 11, 2026
Source: NVD
CVE-2026-40199 MEDIUM - 6.5

Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. _pack_ipv6() includes the sentinel byte from _pack_ipv4() when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces an 18 byte value inst...

Vendor: STIGTSP
Product: Net::CIDR::Lite
Published: Apr 10, 2026
Source: NVD
CVE-2026-40198 HIGH - 7.5

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. _pack_ipv6() does not check that uncompressed IPv6 addresses (without ::) have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are acc...

Vendor: STIGTSP
Product: Net::CIDR::Lite
Published: Apr 10, 2026
Source: NVD
CVE-2026-33119 MEDIUM - 5.4

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Vendor: microsoft
Product: edge
Published: Apr 10, 2026
Source: NVD
CVE-2026-33118 MEDIUM - 4.3

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Vendor: microsoft
Product: edge_chromium
Published: Apr 10, 2026
Source: NVD

The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce authentication and authorization, but the streaming AdminService/StreamWorkflowReplicationMessages endpoint accepted request...

Vendor: go
Product: go.temporal.io/server
Published: Apr 10, 2026
Source: NVD

FastGPT is an AI Agent building platform. Prior to 4.14.10.4, Broken Access Control vulnerability (IDOR/BOLA) allows any authenticated team to access and execute applications belonging to other teams by supplying a foreign appId. While the API correctly validates the team token, it does not verify t...

Vendor: labring
Product: FastGPT
Published: Apr 10, 2026
Source: NVD
CVE-2026-40242 HIGH - 7.2

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.17.3, the /api/templates/fetch endpoint accepts a caller-supplied url parameter and performs a server-side HTTP GET request to that URL without authentication and without URL scheme or host validation. T...

Vendor: getarcaneapp
Product: arcane
Published: Apr 10, 2026
Source: NVD

phpseclib is a PHP secure communications library. Prior to 3.0.51, 2.0.53, and 1.0.28, phpseclib\Net\SSH2::get_binary_packet() uses PHP's != operator to compare a received SSH packet HMAC against the locally computed HMAC. != on equal-length binary strings in PHP uses memcmp(), which short-circ...

Vendor: phpseclib
Product: phpseclib
Published: Apr 10, 2026
Source: NVD

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.4-beta-1f46165, ClearanceKit's Endpoint Security event handler only checked the source path of dual-path file operations against File Access Authorization (FAA) rules and App Jail ...

Vendor: craigjbass
Product: clearancekit
Published: Apr 10, 2026
Source: NVD
CVE-2026-40258 CRITICAL - 9.1

The Gramps Web API is a Python REST API for the genealogical research software Gramps. Versions 1.6.0 through 3.11.0 have a path traversal vulnerability (Zip Slip) in the media archive import feature. An authenticated user with owner-level privileges can craft a malicious ZIP file with directory-tra...

Vendor: pip
Product: gramps-webapi
Published: Apr 10, 2026
Source: GitHub
CVE-2026-40260 MEDIUM - 5.3

pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. This issue has be...

Vendor: pip
Product: pypdf
Published: Apr 10, 2026
Source: GitHub
CVE-2026-40190 MEDIUM - 5.6

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.5.18, the LangSmith JavaScript/TypeScript SDK (langsmith) contains an incomplete prototype pollution fix in its internally vendored lodash set() utility. The baseAssignValue() function only guards agains...

Vendor: langchain-ai
Product: langsmith-sdk
Published: Apr 10, 2026
Source: NVD
CVE-2026-40189 CRITICAL - 9.8

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.4, goshs enforces the documented per-folder .goshs ACL/basic-auth mechanism for directory listings and file reads, but it does not enforce the same authorization checks for state-changing routes. An unauthenticated attacker can upload fi...

Vendor: patrickhener
Product: goshs
Published: Apr 10, 2026
Source: NVD
CVE-2026-40188 HIGH - 7.7

goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4.

Vendor: patrickhener
Product: goshs
Published: Apr 10, 2026
Source: NVD
CVE-2026-40185 HIGH - 7.1

TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo management routes. This vulnerability is fixed in 2.7.2.

Vendor: mauriceboe
Product: TREK
Published: Apr 10, 2026
Source: NVD

TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2.

Vendor: mauriceboe
Product: TREK
Published: Apr 10, 2026
Source: NVD

Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients and server stubs generation. Prior to 2.16.0 and 2.15.0-lts, the unzip() method in ApicurioCodegenWrapper.java extracts ZIP entries without validating that the resolved file path stays within the intended output dir...

Vendor: quarkiverse
Product: quarkus-openapi-generator
Published: Apr 10, 2026
Source: NVD