Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,704
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 16,241 - 16,260 of 38,432 CVEs
CVE-2026-36763 MEDIUM - 6.1

A stored cross-site scripting (XSS) vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the content parameter.

Published: Apr 30, 2026
Source: NVD
CVE-2026-36762 HIGH - 8.8

An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations.

Published: Apr 30, 2026
Source: NVD
CVE-2026-36761 MEDIUM - 6.1

A stored cross-site scripting (XSS) vulnerability in the /msg/msgInner/save endpoint of JeeSite v5.15.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the msgContent parameter.

Published: Apr 30, 2026
Source: NVD
CVE-2026-33845 HIGH - 7.5

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.

Vendor: Red Hat
Product: Red Hat Enterprise Linux 10, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Hardened Images, Red Hat OpenShift Container Platform 4
Published: Apr 30, 2026
Source: NVD
CVE-2026-42449 HIGH - 8.5

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. In versions 2.47.4 through 2.47.13, the SDK embedder path (N8NDocumentationMCPServer constructor, getN8nApiClient(), and validateInstanceContext()), the synchronous URL validator in SSR...

Vendor: npm
Product: n8n-mcp
Published: Apr 30, 2026
Source: GitHub
CVE-2026-42032 MEDIUM - 9.1

CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, a vulnerability in datastore_search_sql allowed attackers to bypass authorization in order to gain access to private resources and PostgreSQL system information This vulnerabilit...

Vendor: pip
Product: ckan
Published: Apr 30, 2026
Source: GitHub
CVE-2026-41654 MEDIUM - 8.1

Weblate is a web based localization tool. Prior to version 5.17.1, an authenticated user with project.add permission (default on hosted Weblate SaaS and for any user holding an active billing/trial plan) can import a crafted project backup ZIP whose components/<name>.json contains an attacker-...

Vendor: pip
Product: weblate
Published: Apr 30, 2026
Source: GitHub
CVE-2026-41519 MEDIUM - 4.2

Weblate is a web based localization tool. Prior to version 5.17.1, when a user changes their password, browser sessions are correctly invalidated via "cycle_session_keys()", but DRF API tokens ("wlu_*" prefix) stored in "authtoken_token" are not revoked. This issue has ...

Vendor: pip
Product: weblate
Published: Apr 30, 2026
Source: GitHub
CVE-2026-40281 CRITICAL - 10.0

Gotenberg is a Docker-powered stateless API for PDF files. In versions 8.30.1 and earlier, the metadata write endpoint validates metadata keys for control characters but leaves metadata values unsanitized. A newline character in a metadata value splits the ExifTool stdin line into two separate argum...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: Apr 30, 2026
Source: GitHub

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with attacker-...

Vendor: npm
Product: @jupyter-notebook/help-extension
Published: Apr 30, 2026
Source: GitHub
CVE-2026-39383 HIGH - 8.6

Gotenberg is an API-based document conversion tool. In version 8.29.1, an unauthenticated attacker with network access can force the server to make outbound HTTP POST requests to arbitrary internal or external destinations by supplying a crafted URL in the Gotenberg-Webhook-Url request header. The F...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: Apr 30, 2026
Source: GitHub
CVE-2026-40280 CRITICAL - 9.3

Gotenberg is an API-based document conversion tool. In versions 8.30.1 and earlier, the default private-IP deny-lists for the --webhook-deny-list and --api-download-from-deny-list flags use a case-sensitive regular expression (^https?://) to match URL schemes. Because Go's net/url.Parse() norma...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: Apr 30, 2026
Source: GitHub
CVE-2026-36767 CRITICAL - 10.0

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request.

Published: Apr 30, 2026
Source: NVD
CVE-2026-36764 MEDIUM - 5.0

A Server-Side Request Forgery (SSRF) in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request.

Published: Apr 30, 2026
Source: NVD
CVE-2026-36760 CRITICAL - 9.6

An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload is enabled.

Published: Apr 30, 2026
Source: NVD
CVE-2026-36757 MEDIUM - 4.3

A Server-Side Request Forgery (SSRF) in the /plugins/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request.

Published: Apr 30, 2026
Source: NVD
CVE-2025-71284 CRITICAL - 9.8

Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can i...

Vendor: Synway Information Engineering Co., Ltd.
Product: Synway SMG Gateway Management Software
Published: Apr 30, 2026
Source: NVD
CVE-2025-51846 HIGH - 7.5

CryptPad 2025.3.1 allows unbounded WebSocket frame flood. A remote, unauthenticated attacker can significantly degrade or deny service for all users of a CryptPad instance. Fixed in 2026.2.2.

Vendor: CryptPad
Product: CryptPad
Published: Apr 30, 2026
Source: NVD
CVE-2022-50993 CRITICAL - 9.8

Weaver (Fanwei) E-office versions prior to 10.0_20221201 contain an unauthenticated arbitrary file upload vulnerability in the OfficeServer.php endpoint that allows remote attackers to upload malicious files by sending multipart POST requests with arbitrary filenames and disguised content types. Att...

Vendor: Weaver Network Co., Ltd.
Product: E-office
Published: Apr 30, 2026
Source: NVD
CVE-2022-50992 HIGH - 7.5

Weaver (Fanwei) E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachment and WorkflowServi...

Vendor: Weaver Network Co., Ltd.
Product: E-cology
Published: Apr 30, 2026
Source: NVD