Total CVEs

142,696

Critical Severity

4,021

High Severity

14,390

Last 7 Days

1,439
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 18,761 - 18,780 of 39,101 CVEs
CVE-2025-70420 HIGH - 8.8

A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by unsanitized user-supplied input being concatenated directly into SQL statements.

Published: Apr 21, 2026
Source: NVD
CVE-2026-41067 MEDIUM - 6.1

Astro is a web framework. Prior to 6.1.6, the defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex /<\/script>/g to sanitize values injected into inline <script> tags via the define:vars directive. HTML parsers close <script> elements...

Vendor: npm
Product: astro
Published: Apr 21, 2026
Source: GitHub
CVE-2026-41066 HIGH - 7.5

lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration (with resolve_entities=True) allows untrusted XML input to read local files. Setting the resolve_entities option explicitly to resolve_entities='int...

Vendor: pip
Product: lxml
Published: Apr 21, 2026
Source: GitHub
CVE-2026-41264 CRITICAL - 9.8

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the CSV_Agents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. An attacker can le...

Vendor: npm
Product: flowise
Published: Apr 21, 2026
Source: GitHub
CVE-2026-6819 HIGH - 8.8

HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and activation state, en...

Published: Apr 21, 2026
Source: NVD
CVE-2026-41320 MEDIUM - 6.5

Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.54.0 and 14.38.1, a specially crafted request made to a certain endpoint could result in SQL injection, allowing an attacker to extract information they wouldn't otherwise be able to. Versions 15.54.0 a...

Vendor: frappe
Product: hrms
Published: Apr 21, 2026
Source: NVD
CVE-2026-40909 HIGH - 8.7

WWBN AVideo is an open source video platform. In versions 29.0 and prior, the locale save endpoint (`locale/save.php`) constructs a file path by directly concatenating `$_POST['flag']` into the path at line 30 without any sanitization. The `$_POST['code']` parameter is then writt...

Vendor: WWBN
Product: AVideo
Published: Apr 21, 2026
Source: NVD
CVE-2026-40908 MEDIUM - 5.3

WWBN AVideo is an open source video platform. In versions 29.0 and prior, the file `git.json.php` at the web root executes `git log -1` and returns the full output as JSON to any unauthenticated user. This exposes the exact deployed commit hash (enabling version fingerprinting against known CVEs), d...

Vendor: WWBN
Product: AVideo
Published: Apr 21, 2026
Source: NVD
CVE-2026-40907 MEDIUM - 6.5

WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint `plugin/Live/view/Live_restreams/list.json.php` contains an Insecure Direct Object Reference (IDOR) vulnerability that allows any authenticated user with streaming permission to retrieve other users' live res...

Vendor: WWBN
Product: AVideo
Published: Apr 21, 2026
Source: NVD
CVE-2026-40903 CRITICAL - 9.1

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs has an ArtiPACKED vulnerability. ArtiPACKED can lead to leakage of the GITHUB_TOKEN through workflow artifacts, even though the token is not present in the repository source code. This vulnerability is fixed in 2.0.0-beta.6.

Vendor: patrickhener
Product: goshs
Published: Apr 21, 2026
Source: NVD
CVE-2026-40889 MEDIUM - 6.5

Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.2 and 16.4.2, authenticated users can access unauthorized files by exploiting certain api endpoint. Versions 15.58.2 and 16.4.2 contain a patch. No known workarounds are available.

Vendor: frappe
Product: hrms
Published: Apr 21, 2026
Source: NVD
CVE-2026-40888 MEDIUM - 6.5

Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.1 and 16.4.1, an authenticated user with default role can access unauthorized information by exploiting certain api endpoint. Versions 15.58.1 and 16.4.1 contain a patch. No known workarounds are availabl...

Vendor: frappe
Product: hrms
Published: Apr 21, 2026
Source: NVD
CVE-2026-40879 HIGH - 7.5

Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker sends many small, valid JSON messages in one TCP frame, handleData() recurses once per message; the buffer shrinks each call. maxBufferSize is never reached; call stack overflows instead. A...

Vendor: nestjs
Product: nest
Published: Apr 21, 2026
Source: NVD

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the mailcow web interface passes the raw `$_SERVER['REQUEST_URI']` to Twig as a global template variable and renders it inside a JavaScript string literal in the `setLang()` helper o...

Vendor: mailcow
Product: mailcow-dockerized
Published: Apr 21, 2026
Source: NVD

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the user dashboard's "Seen successful connections" (login history) renders the client IP from login logs without HTML escaping. Because the server trusts the X-Real-IP header as...

Vendor: mailcow
Product: mailcow-dockerized
Published: Apr 21, 2026
Source: NVD

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, no administrator verification takes place when deleting Forwarding Hosts with `/api/v1/delete/fwdhost`. Any authenticated user can call this API. Checks are only applied for edit/add actions, ...

Vendor: mailcow
Product: mailcow-dockerized
Published: Apr 21, 2026
Source: NVD

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the Quarantine details modal injects attachment filenames into HTML without escaping, allowing arbitrary HTML/JS execution. An attacker can deliver an email with a crafted attachment name so t...

Vendor: mailcow
Product: mailcow-dockerized
Published: Apr 21, 2026
Source: NVD

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the admin dashboard's Autodiscover logs render the EMailAddress value (logged as the "user" field) without HTML escaping. By submitting an unauthenticated Autodiscover request w...

Vendor: mailcow
Product: mailcow-dockerized
Published: Apr 21, 2026
Source: NVD
CVE-2026-40871 HIGH - 7.2

mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the quarantine_category field via the Mailcow API. The /api/v1/add/mailbox endpoint stores quarantine_category without validation or sanitization...

Vendor: mailcow
Product: mailcow-dockerized
Published: Apr 21, 2026
Source: NVD
CVE-2026-40372 CRITICAL - 9.1

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

Vendor: nuget
Product: Microsoft.AspNetCore.DataProtection
Published: Apr 21, 2026
Source: NVD