🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-32212 | Medium | 5.5 |
Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorize…
|
— | Apr 14, 2026 |
| CVE-2026-32214 | Medium | 5.5 |
Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information loca…
|
— | Apr 14, 2026 |
| CVE-2026-27300 | Medium | 5.5 |
Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could…
|
— | Apr 14, 2026 |
| CVE-2026-27288 | Medium | 5.4 |
Adobe Experience Manager versions FP11.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability t…
|
— | Apr 14, 2026 |
| CVE-2026-34624 | Medium | 5.4 |
Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vuln…
|
— | Apr 14, 2026 |
| CVE-2026-34623 | Medium | 5.4 |
Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vuln…
|
— | Apr 14, 2026 |
| CVE-2026-34625 | Medium | 5.4 |
Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vuln…
|
— | Apr 14, 2026 |
| CVE-2025-15565 | Medium | 5.3 |
The Nexi XPay plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization check…
|
— | Apr 14, 2026 |
| CVE-2026-34262 | Medium | 5.0 |
Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer
|
— | Apr 14, 2026 |
| CVE-2026-21643 | Critical | 9.8 |
Fortinet FortiClient EMS — CVE-2026-21643
Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow…
|
— | Apr 13, 2026 |
| CVE-2012-1854 | Critical | 9.8 |
Microsoft Visual Basic for Applications (VBA) — CVE-2012-1854
Microsoft Visual Basic for Applications (VBA) contains an …
|
— | Apr 13, 2026 |
| CVE-2023-21529 | Critical | 9.8 |
Microsoft Exchange Server — CVE-2023-21529
Microsoft Exchange Server contains a deserialization of untrusted data that a…
|
— | Apr 13, 2026 |
| CVE-2023-36424 | Critical | 9.8 |
Microsoft Windows — CVE-2023-36424
Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulner…
|
— | Apr 13, 2026 |
| CVE-2026-34621 | Critical | 9.8 |
Adobe Acrobat and Reader — CVE-2026-34621
Adobe Acrobat and Reader contain a prototype pollution vulnerability that allo…
|
— | Apr 13, 2026 |
| CVE-2025-60710 | Critical | 9.8 |
Microsoft Windows — CVE-2025-60710
Microsoft Windows contains a link following vulnerability that allows for privilege e…
|
— | Apr 13, 2026 |
| CVE-2020-9715 | Critical | 9.8 |
Adobe Acrobat — CVE-2020-9715
Adobe Acrobat contains a use-after-free vulnerability that allows for code execution
Requ…
|
— | Apr 13, 2026 |
| CVE-2026-6136 | High | 8.8 |
A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the…
|
— | Apr 13, 2026 |
| CVE-2026-6135 | High | 8.8 |
A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the fi…
|
— | Apr 13, 2026 |
| CVE-2026-6157 | High | 8.8 |
A vulnerability was detected in Totolink A800R 4.1.2cu.5137_B20200730. This impacts the function setAppEasyWizardConfig …
|
— | Apr 13, 2026 |
| CVE-2026-6168 | High | 8.8 |
A flaw has been found in TOTOLINK A7000R up to 9.1.0u.6115. The affected element is the function setWiFiEasyGuestCfg of …
|
— | Apr 13, 2026 |