🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-6586 | Medium | 6.3 |
A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function get_budget/update_b…
|
— | Apr 20, 2026 |
| CVE-2026-6634 | Medium | 6.3 |
A weakness has been identified in usememos memos up to 0.22.1. This affects the function memos_access_token of the file …
|
— | Apr 20, 2026 |
| CVE-2026-6609 | Medium | 6.3 |
A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function form_valid of the f…
|
— | Apr 20, 2026 |
| CVE-2026-6618 | Medium | 6.3 |
A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse_openai_plugin_json_to_tool_…
|
— | Apr 20, 2026 |
| CVE-2026-6628 | Medium | 6.3 |
A flaw has been found in phili67 Ecclesia CRM up to 8.0.0. This affects the function ValidateInput of the file /v2/query…
|
— | Apr 20, 2026 |
| CVE-2026-6729 | Medium | 6.3 |
HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated…
|
— | Apr 20, 2026 |
| CVE-2026-6620 | Medium | 6.3 |
A vulnerability was found in SonicCloudOrg sonic-server up to 2.0.0. The affected element is the function Upload of the …
|
— | Apr 20, 2026 |
| CVE-2026-6613 | Medium | 6.3 |
A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function delete_agent/stop_s…
|
— | Apr 20, 2026 |
| CVE-2026-6649 | Medium | 6.3 |
A vulnerability was determined in Qibo CMS 1.0. Affected by this issue is some unknown functionality of the file /index/…
|
— | Apr 20, 2026 |
| CVE-2026-6612 | Medium | 6.3 |
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get_agent_executio…
|
— | Apr 20, 2026 |
| CVE-2026-6587 | Medium | 6.3 |
A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function _try_proces…
|
— | Apr 20, 2026 |
| CVE-2026-6617 | Medium | 6.3 |
A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function get_api_tool_provid…
|
— | Apr 20, 2026 |
| CVE-2026-6616 | Medium | 6.3 |
A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extrac…
|
— | Apr 20, 2026 |
| CVE-2026-6614 | Medium | 6.3 |
A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the f…
|
— | Apr 20, 2026 |
| CVE-2026-41389 | Medium | 5.8 |
OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing …
|
— | Apr 20, 2026 |
| CVE-2026-23757 | Medium | 5.4 |
GFI HelpDesk before 4.99.10 contains a stored cross-site scripting vulnerability in the Reports module where the title p…
|
— | Apr 20, 2026 |
| CVE-2026-34429 | Medium | 5.4 |
Vvveb prior to 1.0.8.1 contains a stored cross-site scripting vulnerability that allows authenticated users with media u…
|
— | Apr 20, 2026 |
| CVE-2026-6584 | Medium | 5.4 |
A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function update_us…
|
— | Apr 20, 2026 |
| CVE-2026-6585 | Medium | 5.4 |
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function update_organ…
|
— | Apr 20, 2026 |
| CVE-2026-23756 | Medium | 5.4 |
GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the s…
|
— | Apr 20, 2026 |