A stack-based buffer overflow vulnerability was found in the VPN Clients on t... (CVE-2026-6643)In the Linux kernel, the following vulnerability has been resolved:
X (CVE-2026-31430)CrowdStrike has released security updates to address a critical unauthenticat... (CVE-2026-40050)** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerabilit... (CVE-2026-6058)BlueprintUE is a tool to help Unreal Engine developers (CVE-2026-40585)Xrdp is an open source RDP server (CVE-2026-32105)User‑Controlled HTTP Header in Fortra's GoAnywhere MFT prior to version 7 (CVE-2026-1089)A weakness has been identified in BichitroGan ISP Billing Software 2025 (CVE-2026-6624)Craftql v1 (CVE-2026-31317)Invalid pointer in the JavaScript: WebAssembly component (CVE-2026-6757)Libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B (CVE-2026-29013)Spoofing issue in the DOM: Core & HTML component (CVE-2026-6762)ChurchCRM is an open-source church management system (CVE-2026-40485)The Flipbox Addon for Elementor plugin for WordPress is vulnerable to Stored ... (CVE-2026-6048)Mcp-neo4j-cypher is an MCP server for executing Cypher queries against Neo4j ... (CVE-2026-35402)A security flaw has been discovered in langflow-ai langflow up to 1 (CVE-2026-6596)The Keycloak authentication manager in `apache-airflow-providers-keycloak` di... (CVE-2026-40948)DNN (formerly DotNetNuke) is an open-source web content management platform (... (CVE-2026-40306)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32957)An improper session timeout issue in Fortra's GoAnywhere MFT prior to version 7 (CVE-2026-0971)In Dolibarr ERP & CRM <= 22 (CVE-2026-31018)A vulnerability was identified in ProjectsAndPrograms School Management Syste... (CVE-2026-6595)A security vulnerability has been detected in langflow-ai langflow up to 1 (CVE-2026-6598)The EMC – Easily Embed Calendly Scheduling Features plugin for WordPress is v... (CVE-2026-0868)A vulnerability was determined in kodcloud KodExplorer up to 4 (CVE-2026-6568)A security flaw has been discovered in vibrantlabsai RAGAS up to 0 (CVE-2026-6587)A stack-use-after-return issue exists in the Arduino_Core_STM32 library prior... (CVE-2026-26399)The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPre... (CVE-2026-6675)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32959)ConnectWise has released a security update for ConnectWise Automate™ that add... (CVE-2026-6066)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-40570)Information disclosure in the Form Autofill component (CVE-2026-6765)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32955)Mitigation bypass in the DOM: Security component (CVE-2026-6774)Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Fe... (CVE-2026-23774)FreeScout is a free self-hosted help desk and shared mailbox (CVE-2026-41189)NVIDIA KAI Scheduler contains a vulnerability where an attacker could access ... (CVE-2026-24177)Firebird is an open-source relational database management system (CVE-2026-34232)OpenBao is an open source identity-based secrets management system (CVE-2026-39388)OpenBao is an open source identity-based secrets management system (CVE-2026-40264)Anviz CX7 Firmware is
vulnerable because the application embeds reusable cer... (CVE-2026-32324)Fudo Enterprise in versions from 5 (CVE-2025-13480)OpenClaw before 2026 (CVE-2026-41296)OpenClaw before 2026 (CVE-2026-41331)Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC I... (CVE-2026-39386)October is a Content Management System (CMS) and web platform (CVE-2026-26067)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32963)A SQL injection vulnerability in CodeAstro Simple Attendance Management Syste... (CVE-2026-37749)A vulnerability was detected in langgenius dify up to 0 (CVE-2026-6617)Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived... (CVE-2026-33432)ChurchCRM is an open-source church management system (CVE-2026-40483)Lawnchair is a free, open-source home app for Android (CVE-2026-39866)Zervit's portable HTTP/web server is vulnerable to remote DoS attacks when a ... (CVE-2025-13826)Information disclosure due to uninitialized memory in the Graphics: Canvas2D ... (CVE-2026-6749)A vulnerability was determined in TransformerOptimus SuperAGI up to 0 (CVE-2026-6585)Movary is a self hosted web app to track and rate a user's watched movies (CVE-2026-40349)Incorrect boundary conditions in the Libraries component in NSS (CVE-2026-6766)DNN (formerly DotNetNuke) is an open-source web content management platform (... (CVE-2026-40305)Xrdp is an open source RDP server (CVE-2026-33145)OpenClaw versions 2026 (CVE-2026-41389)SQL Injection vulnerability in Apartment Visitors Management System Apartment... (CVE-2026-39111)Zrok is software for sharing web services, files, and network resources (CVE-2026-40304)Mitigation bypass in the Networking: Cookies component (CVE-2026-6768)A flaw has been found in liangliangyy DjangoBlog up to 2 (CVE-2026-6609)This vulnerability exists in Quantum Networks router due to inadequate saniti... (CVE-2026-41036)ComfyUI up to 0 (CVE-2026-6592)The Email Encoder WordPress plugin before 2 (CVE-2024-7083)SD-330AC and AMC Manager provided by silex technology, Inc (CVE-2026-32958)In JetBrains Junie before 252 (CVE-2026-41153)A vulnerability was detected in classroombookings up to 2 (CVE-2026-6486)NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform (CVE-2026-32135)Giskard is an open-source testing framework for AI models (CVE-2026-40320)Privilege escalation in the Networking component (CVE-2026-6761)OpenHarness before commit bd4df81 contains a permission bypass vulnerability ... (CVE-2026-40515)PAC4J is vulnerable to Cross-Site Request Forgery (CSRF) (CVE-2026-40458)In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0 (CVE-2026-29648)Metasoft 美特软件 MetaCRM up to 6 (CVE-2026-6629)A security vulnerability has been detected in TransformerOptimus SuperAGI up ... (CVE-2026-6616)Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that disclose... (CVE-2026-32648)Dell PowerProtect Data Domain, versions 7 (CVE-2026-24506)OpenHarness before commit bd4df81 contains a server-side request forgery vuln... (CVE-2026-40516)OpenBao is an open source identity-based secrets management system (CVE-2026-39396)Net::Dropbear versions before 0 (CVE-2025-15638)Postiz is an AI social media scheduling tool (CVE-2026-40487)HCL BigFix Service Management is susceptible to HTTP Request Smuggling (CVE-2025-31958)Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 ... (CVE-2026-32650)SQL Injection vulnerability in Apartment Visitors Management System Apartment... (CVE-2026-39110)Editorconfig-core-c is an EditorConfig core library for use by plugins suppo... (CVE-2026-40489)WeGIA is a web manager for charitable institutions (CVE-2026-40285)ByteDance DeerFlow before commit 2176b2b contains a path traversal and arbitr... (CVE-2026-40518)
