Total CVEs

142,696

Critical Severity

4,021

High Severity

14,390

Last 7 Days

1,406
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 18,801 - 18,820 of 39,101 CVEs
CVE-2026-40588 HIGH - 8.1

blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the password change form at /profile/{slug}/edit/ does not include a current_password field and does not verify the user's existing password before accepting a new one. Any attacker who obtains a valid authenticated session...

Vendor: blueprintue
Product: blueprintue-self-hosted-edition
Published: Apr 21, 2026
Source: NVD
CVE-2026-40587 MEDIUM - 6.5

blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a user changes their password via the profile edit page, or when a password reset is completed via the reset link, neither operation invalidates existing authenticated sessions for that user. A server-side session store ass...

Vendor: blueprintue
Product: blueprintue-self-hosted-edition
Published: Apr 21, 2026
Source: NVD
CVE-2026-6743 LOW - 3.5

A vulnerability has been found in WebSystems WebTOTUM 2026. This impacts an unknown function of the component Calendar. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading the affected component...

Published: Apr 21, 2026
Source: NVD
CVE-2026-5652 CRITICAL - 9.0

An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation.

Vendor: craftycontrol
Product: crafty_controller
Published: Apr 21, 2026
Source: NVD
CVE-2026-41191 HIGH - 7.1

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, `MailboxesController::updateSave()` persists `chat_start_new` outside the allowed-field filter. A user with only the mailbox `sig` permission sees only the signature field in the UI, but can still change the hidd...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD
CVE-2026-41190 HIGH - 7.1

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when `APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS` is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The `save_draft` AJAX path is weaker. A direct POST can create...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD
CVE-2026-41189 HIGH - 7.1

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through `ThreadPolicy::edit()`, which checks mailbox access but does not apply the assigned-only restriction from `ConversationPolicy`. A user who cannot view a conversation ...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD
CVE-2026-41183 MEDIUM - 4.3

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the assigned-only restriction is applied to direct conversation view and folder queries, but not to non-folder query builders. Global search and the AJAX filter path still reveal conversations that should be hidd...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD
CVE-2026-40592 MEDIUM - 5.9

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the undo-send route `GET /conversation/undo-reply/{thread_id}` checks only whether the current user can view the parent conversation. It does not verify that the current user created the reply being undone. In a ...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD
CVE-2026-40591 HIGH - 7.1

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the phone-conversation creation flow accepts attacker-controlled `customer_id`, `name`, `to_email`, and `phone` values and resolves the target customer in the backend without enforcing mailbox-scoped customer vis...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD
CVE-2026-40590 MEDIUM - 4.3

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the Change Customer modal exposes a “Create a new customer” flow via POST /customers/ajax with action=create. Under limited visibility, the endpoint drops unique-email validation. If the supplied email already be...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD
CVE-2026-40589 HIGH - 7.6

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, a low-privileged agent can edit a visible customer and add an email address already owned by a hidden customer in another mailbox. The server discloses the hidden customer’s name and profile URL in the success fl...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD
CVE-2026-40586 HIGH - 7.5

blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the login form handler performs no throttling of any kind. Failed authentication attempts are processed at full network speed with no IP-based rate limiting, no per-account attempt counter, no temporary lockout, no progressive d...

Vendor: blueprintue
Product: blueprintue-self-hosted-edition
Published: Apr 21, 2026
Source: NVD
CVE-2026-40585 HIGH - 7.4

blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a password reset is initiated, a 128-character CSPRNG token is generated and stored alongside a password_reset_at timestamp. However, the token redemption function findUserIDFromEmailAndToken() queries only for a matching e...

Vendor: blueprintue
Product: blueprintue-self-hosted-edition
Published: Apr 21, 2026
Source: NVD
CVE-2026-40584 HIGH - 7.5

RansomLook is a tool to monitor Ransomware groups and markets and extract their victims. Prior to 1.9.0, the API in the affected application improperly filters private location entries in website/web/api/genericapi.py. Because the code removes elements from a list while iterating over it, entries ma...

Vendor: RansomLook
Product: RansomLook
Published: Apr 21, 2026
Source: NVD
CVE-2026-40583 HIGH - 8.2

UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails authorization only after state mutation has already occurred.

Vendor: UltraDAGcom
Product: core
Published: Apr 21, 2026
Source: NVD
CVE-2026-40576 CRITICAL - 9.4

excel-mcp-server is a Model Context Protocol server for Excel file manipulation. A path traversal vulnerability exists in excel-mcp-server versions up to and including 0.1.7. When running in SSE or Streamable-HTTP transport mode (the documented way to use this server remotely), an unauthenticated at...

Vendor: haris-musa
Product: excel-mcp-server
Published: Apr 21, 2026
Source: NVD

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, the `load_customer_info` action in `POST /conversation/ajax` returns complete customer profile data to any authenticated user without verifying mailbox access. An attacker only needs a valid email address to retr...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD
CVE-2026-40569 CRITICAL - 9.0

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a mass assignment vulnerability in the mailbox connection settings endpoints of FreeScout (`connectionIncomingSave()` at `app/Http/Controllers/MailboxesController.php:468` and `connectionOutgoingSave()` at l...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD
CVE-2026-40568 HIGH - 8.5

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a stored cross-site scripting (XSS) vulnerability in the mailbox signature feature. The sanitization function `Helper::stripDangerousTags()` (`app/Misc/Helper.php:568`) uses an incomplete blocklist of only f...

Vendor: freescout-help-desk
Product: freescout
Published: Apr 21, 2026
Source: NVD