🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-6033 | Medium | 6.3 |
A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /updatedet…
|
— | Apr 10, 2026 |
| CVE-2026-6005 | Medium | 6.3 |
A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function…
|
— | Apr 10, 2026 |
| CVE-2026-5999 | Medium | 6.3 |
A vulnerability has been found in JeecgBoot up to 3.9.1. This impacts an unknown function of the component SysAnnounceme…
|
— | Apr 10, 2026 |
| CVE-2026-6007 | Medium | 6.3 |
A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the fi…
|
— | Apr 10, 2026 |
| CVE-2026-6030 | Medium | 6.3 |
A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of…
|
— | Apr 10, 2026 |
| CVE-2026-6010 | Medium | 6.3 |
A security flaw has been discovered in CodeAstro Online Classroom 1.0/2.php. Affected by this vulnerability is an unknow…
|
— | Apr 10, 2026 |
| CVE-2026-35667 | Medium | 6.1 |
OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-27486 where the !stop chat command uses an unpatched k…
|
— | Apr 10, 2026 |
| CVE-2026-4305 | Medium | 6.1 |
The Royal WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the…
|
— | Apr 10, 2026 |
| CVE-2026-35670 | Medium | 5.9 |
OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies t…
|
— | Apr 10, 2026 |
| CVE-2026-35655 | Medium | 5.7 |
OpenClaw before 2026.3.22 contains an identity spoofing vulnerability in ACP permission resolution that trusts conflicti…
|
— | Apr 10, 2026 |
| CVE-2026-6011 | Medium | 5.6 |
A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the …
|
— | Apr 10, 2026 |
| CVE-2026-33119 | Medium | 5.4 |
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized …
|
— | Apr 10, 2026 |
| CVE-2026-2712 | Medium | 5.4 |
The WP-Optimize plugin for WordPress is vulnerable to unauthorized access of functionality due to missing capability che…
|
— | Apr 10, 2026 |
| CVE-2026-35620 | Medium | 5.4 |
OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handle…
|
— | Apr 10, 2026 |
| CVE-2026-35665 | Medium | 5.3 |
OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request…
|
— | Apr 10, 2026 |
| CVE-2026-35664 | Medium | 5.3 |
OpenClaw before 2026.3.25 contains an authentication bypass vulnerability in raw card send surface that allows unpaired …
|
— | Apr 10, 2026 |
| CVE-2026-4664 | Medium | 5.3 |
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to authentication bypass in all versions up to, …
|
— | Apr 10, 2026 |
| CVE-2026-5998 | Medium | 5.3 |
A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file…
|
— | Apr 10, 2026 |
| CVE-2026-35647 | Medium | 5.3 |
OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks an…
|
— | Apr 10, 2026 |
| CVE-2026-35654 | Medium | 5.3 |
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows…
|
— | Apr 10, 2026 |