🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-6613 | Medium | 6.3 |
A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function delete_agent/stop_s…
|
— | Apr 20, 2026 |
| CVE-2026-6729 | Medium | 6.3 |
HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated…
|
— | Apr 20, 2026 |
| CVE-2026-6617 | Medium | 6.3 |
A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function get_api_tool_provid…
|
— | Apr 20, 2026 |
| CVE-2026-6586 | Medium | 6.3 |
A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function get_budget/update_b…
|
— | Apr 20, 2026 |
| CVE-2026-6628 | Medium | 6.3 |
A flaw has been found in phili67 Ecclesia CRM up to 8.0.0. This affects the function ValidateInput of the file /v2/query…
|
— | Apr 20, 2026 |
| CVE-2026-6612 | Medium | 6.3 |
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get_agent_executio…
|
— | Apr 20, 2026 |
| CVE-2026-41389 | Medium | 5.8 |
OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing …
|
— | Apr 20, 2026 |
| CVE-2026-23756 | Medium | 5.4 |
GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the s…
|
— | Apr 20, 2026 |
| CVE-2026-6585 | Medium | 5.4 |
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function update_organ…
|
— | Apr 20, 2026 |
| CVE-2026-23757 | Medium | 5.4 |
GFI HelpDesk before 4.99.10 contains a stored cross-site scripting vulnerability in the Reports module where the title p…
|
— | Apr 20, 2026 |
| CVE-2026-6584 | Medium | 5.4 |
A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function update_us…
|
— | Apr 20, 2026 |
| CVE-2026-34429 | Medium | 5.4 |
Vvveb prior to 1.0.8.1 contains a stored cross-site scripting vulnerability that allows authenticated users with media u…
|
— | Apr 20, 2026 |
| CVE-2026-6607 | Medium | 5.3 |
A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api_generate…
|
— | Apr 20, 2026 |
| CVE-2026-6608 | Medium | 5.3 |
A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function add_text of the component Arena S…
|
— | Apr 20, 2026 |
| CVE-2026-6579 | Medium | 6.5 |
A weakness has been identified in liangliangyy DjangoBlog up to 2.1.0.0. This impacts an unknown function of the file bl…
|
— | Apr 19, 2026 |
| CVE-2026-0868 | Medium | 6.4 |
The EMC – Easily Embed Calendly Scheduling Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi…
|
— | Apr 19, 2026 |
| CVE-2026-6573 | Medium | 6.3 |
A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.m…
|
— | Apr 19, 2026 |
| CVE-2026-6571 | Medium | 6.3 |
A weakness has been identified in kodcloud KodExplorer up to 4.52. Affected by this vulnerability is the function roleGr…
|
— | Apr 19, 2026 |
| CVE-2026-6576 | Medium | 6.3 |
A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHan…
|
— | Apr 19, 2026 |
| CVE-2026-6572 | Medium | 5.6 |
A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown f…
|
— | Apr 19, 2026 |