Total CVEs

145,595

Critical Severity

4,259

High Severity

15,683

Last 7 Days

2,272
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 23,941 - 23,960 of 42,000 CVEs

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vulnerability which leads to RCE via AI Agent exists. Impact is limited to environments where an attacker can control or influence type_enrichment_data (typically high-privilege admi...

Vendor: zammad
Product: zammad
Published: Apr 08, 2026
Source: NVD
CVE-2026-34723 HIGH - 7.5

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauthenticated remote attackers were able to access the getting started endpoint to get access to sensitive internal entity data, even after the system setup was completed. This vulnerability is fixed in 7...

Vendor: zammad
Product: zammad
Published: Apr 08, 2026
Source: NVD

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the used endpoint for ticket creation was missing authorization if the related parameter for adding links is used. This vulnerability is fixed in 7.0.1 and 6.5.4.

Vendor: zammad
Product: zammad
Published: Apr 08, 2026
Source: NVD

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the OAuth callback endpoints for Microsoft, Google, and Facebook external credentials do not validate a CSRF state parameter. This vulnerability is fixed in 7.0.1 and 6.5.4.

Vendor: zammad
Product: zammad
Published: Apr 08, 2026
Source: NVD

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the SSO mechanism in Zammad was not verifying the header originates from a trusted SSO proxy/gateway before applying further actions on it. This vulnerability is fixed in 7.0.1 and 6.5.4.

Vendor: zammad
Product: zammad
Published: Apr 08, 2026
Source: NVD
CVE-2026-34719 MEDIUM - 4.3

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the webhook model was missing a proper validation for loop back addresses, or link-local addresses — only the URL scheme (HTTP/HTTPS) as well as the hostname was checked. This could end up in retrieving con...

Vendor: zammad
Product: zammad
Published: Apr 08, 2026
Source: NVD

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the HTML sanitizer for ticket articles was missing proper sanitization of data: ... URI schemes, resulting in storing such malicious content in the database of the Zammad instance. The Zammad GUI is renderi...

Vendor: zammad
Product: zammad
Published: Apr 08, 2026
Source: NVD
CVE-2026-34392 HIGH - 7.5

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1, a bug in the static file router can allow an attacker to traverse outside of the intended directory,...

Vendor: aces
Product: Loris
Published: Apr 08, 2026
Source: NVD

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, customers in shared organizations (means they can see each other's tickets) could see fields which are not intended for customers - including fields not intended for them at all (e.g. priority, custom ticket att...

Vendor: zammad
Product: zammad
Published: Apr 08, 2026
Source: NVD
CVE-2026-33350 HIGH - 7.5

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to 27.0.3 and 28.0.1, a SQL injection has been identified in some code sections for the MRI feedback popup window of the imaging browse...

Vendor: aces
Product: Loris
Published: Apr 08, 2026
Source: NVD
CVE-2026-30818 HIGH - 8.0

An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow the attacker to...

Vendor: TP-Link Systems Inc.
Product: AX53 v1.0
Published: Apr 08, 2026
Source: NVD
CVE-2026-30817 MEDIUM - 5.7

An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device, pote...

Vendor: TP-Link Systems Inc.
Product: AX53 v1.0
Published: Apr 08, 2026
Source: NVD
CVE-2026-30816 MEDIUM - 5.7

An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is processed.  Successful exploitation may allow unauthorized access to arbitrary files on the device, po...

Vendor: TP-Link Systems Inc.
Product: AX53 v1.0
Published: Apr 08, 2026
Source: NVD
CVE-2026-30815 HIGH - 8.0

An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modification o...

Vendor: TP-Link Systems Inc.
Product: AX53 v1.0
Published: Apr 08, 2026
Source: NVD
CVE-2026-30814 HIGH - 8.0

A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a crash and could allow arb...

Vendor: TP-Link Systems Inc.
Product: AX53 v1.0
Published: Apr 08, 2026
Source: NVD
CVE-2026-2942 CRITICAL - 9.8

The ProSolution WP Client plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'proSol_fileUploadProcess' function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers to upload arbitrary files ...

Published: Apr 08, 2026
Source: NVD
CVE-2026-20709 MEDIUM - 6.6

Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high ...

Published: Apr 08, 2026
Source: NVD
CVE-2026-0814 MEDIUM - 4.3

The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vsz_cf7_export_to_excel' function in all versions up to, and including, 2.0.9. This makes it possible for authenticated attackers, with Subscriber-leve...

Published: Apr 08, 2026
Source: NVD
CVE-2026-0811 MEDIUM - 5.4

The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.9. This is due to missing or incorrect nonce validation on the 'vsz_cf7_save_setting_callback' function. This makes it possible for unauthenticated atta...

Published: Apr 08, 2026
Source: NVD
CVE-2025-50673 HIGH - 7.5

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the http_lanport parameter in the /webgl.asp endpoint.

Vendor: dlink
Product: di-8003_firmware
Published: Apr 08, 2026
Source: NVD