🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-33207 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2026-40900 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2026-33121 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2026-40901 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocit…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2026-33083 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2026-33084 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2019-25701 | High | 8.4 |
Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that a…
|
⚡ Exploit | Apr 12, 2026 |
| CVE-2019-25705 | High | 8.4 |
Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or e…
|
⚡ Exploit | Apr 12, 2026 |
| CVE-2019-25689 | High | 8.4 |
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code …
|
⚡ Exploit | Apr 12, 2026 |
| CVE-2019-25713 | High | 7.1 |
MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL querie…
|
⚡ Exploit | Apr 12, 2026 |
| CVE-2019-25699 | High | 7.1 |
Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authentic…
|
⚡ Exploit | Apr 12, 2026 |
| CVE-2019-25707 | High | 7.1 |
eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL qu…
|
⚡ Exploit | Apr 12, 2026 |
| CVE-2019-25703 | High | 7.1 |
ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipul…
|
⚡ Exploit | Apr 12, 2026 |
| CVE-2026-35653 | High | 8.1 |
OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that all…
|
⚡ Exploit ✅ Patch | Apr 10, 2026 |
| CVE-2026-35641 | High | 7.8 |
OpenClaw before 2026.3.24 contains an arbitrary code execution vulnerability in local plugin and hook installation that …
|
⚡ Exploit | Apr 10, 2026 |
| CVE-2026-35668 | High | 7.7 |
OpenClaw before 2026.3.24 contains a path traversal vulnerability in sandbox enforcement allowing sandboxed agents to re…
|
⚡ Exploit | Apr 10, 2026 |
| CVE-2026-29002 | High | 7.2 |
CouchCMS contains a privilege escalation vulnerability that allows authenticated Admin-level users to create SuperAdmin …
|
⚡ Exploit | Apr 10, 2026 |
| CVE-2026-35632 | High | 7.1 |
OpenClaw through 2026.2.22 contains a symlink traversal vulnerability in agents.create and agents.update handlers that u…
|
⚡ Exploit | Apr 9, 2026 |
| CVE-2026-35525 | High | 7.5 |
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for {% include %},…
|
⚡ Exploit | Apr 8, 2026 |
| CVE-2026-39883 | High | 7.0 |
OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed th…
|
⚡ Exploit | Apr 8, 2026 |