🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-3396 | High | 7.5 |
WCAPF – WooCommerce Ajax Product Filter plugin is vulnerable to time-based SQL Injection via the 'post-author' parameter…
|
— | Apr 8, 2026 |
| CVE-2025-50652 | High | 7.5 |
An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint…
|
— | Apr 8, 2026 |
| CVE-2026-5813 | High | 7.3 |
A weakness has been identified in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of …
|
— | Apr 8, 2026 |
| CVE-2026-5805 | High | 7.3 |
A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of…
|
— | Apr 8, 2026 |
| CVE-2026-5802 | High | 7.3 |
A vulnerability was identified in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of the component HTTP …
|
— | Apr 8, 2026 |
| CVE-2026-40027 | High | 7.3 |
ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerability in the NQ_Vault.p…
|
— | Apr 8, 2026 |
| CVE-2026-4808 | High | 7.2 |
The Gerador de Certificados – DevApps plugin for WordPress is vulnerable to arbitrary file uploads due to missing file t…
|
— | Apr 8, 2026 |
| CVE-2026-1343 | High | 7.2 |
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 …
|
— | Apr 8, 2026 |
| CVE-2026-32589 | High | 7.1 |
A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any reposit…
|
— | Apr 8, 2026 |
| CVE-2026-32590 | High | 7.1 |
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores interm…
|
— | Apr 8, 2026 |
| CVE-2026-40024 | High | 7.1 |
The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker to write fi…
|
— | Apr 8, 2026 |
| CVE-2026-39883 | High | 7.0 |
OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed th…
|
⚡ Exploit | Apr 8, 2026 |
| CVE-2026-39342 | High | 8.8 |
ChurchCRM is an open-source church management system. Prior to 7.1.0, the searchwhat parameter via QueryView.php with th…
|
⚡ Exploit | Apr 7, 2026 |
| CVE-2026-20433 | High | 8.8 |
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of…
|
— | Apr 7, 2026 |
| CVE-2026-5465 | High | 8.8 |
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object R…
|
— | Apr 7, 2026 |
| CVE-2026-30460 | High | 8.8 |
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in t…
|
⚡ Exploit | Apr 7, 2026 |
| CVE-2026-22683 | High | 8.8 |
Windmill versions 1.56.0 through 1.614.0 contain a missing authorization vulnerability that allows users with the Operat…
|
— | Apr 7, 2026 |
| CVE-2026-4740 | High | 8.2 |
A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). …
|
— | Apr 7, 2026 |
| CVE-2026-5736 | High | 7.3 |
A vulnerability was identified in PowerJob 5.1.0/5.1.1/5.1.2. Impacted is an unknown function of the file powerjob-serve…
|
— | Apr 7, 2026 |
| CVE-2026-5692 | High | 7.3 |
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setGameSpeedCfg of the fil…
|
— | Apr 7, 2026 |