🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-22661 | High | 8.1 |
prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attacker…
|
— | Apr 3, 2026 |
| CVE-2026-22664 | High | 7.7 |
prompts.chat prior to commit 30a8f04 contains a server-side request forgery vulnerability in Fal.ai media status polling…
|
— | Apr 3, 2026 |
| CVE-2020-37216 | High | 7.5 |
Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet…
|
— | Apr 3, 2026 |
| CVE-2026-22663 | High | 7.5 |
prompts.chat prior to commit 7b81836 contains multiple authorization bypass vulnerabilities due to missing isPrivate che…
|
— | Apr 3, 2026 |
| CVE-2026-4108 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Perm…
|
— | Apr 3, 2026 |
| CVE-2026-27655 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on M…
|
— | Apr 3, 2026 |
| CVE-2026-3880 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client P…
|
— | Apr 3, 2026 |
| CVE-2026-4107 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count a…
|
— | Apr 3, 2026 |
| CVE-2026-3879 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Deta…
|
— | Apr 3, 2026 |
| CVE-2026-28703 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Betwee…
|
— | Apr 3, 2026 |
| CVE-2022-4987 | High | 7.3 |
Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of…
|
— | Apr 3, 2026 |
| CVE-2026-28756 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on D…
|
— | Apr 3, 2026 |
| CVE-2026-28754 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists rep…
|
— | Apr 3, 2026 |
| CVE-2017-20238 | High | 7.1 |
Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorizat…
|
— | Apr 3, 2026 |
| CVE-2026-34793 | High | 8.8 |
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet…
|
— | Apr 2, 2026 |
| CVE-2026-34121 | High | 8.8 |
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v…
|
— | Apr 2, 2026 |
| CVE-2026-3692 | High | 8.8 |
In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may cr…
|
— | Apr 2, 2026 |
| CVE-2026-34791 | High | 8.8 |
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet…
|
— | Apr 2, 2026 |
| CVE-2026-5349 | High | 8.8 |
A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function add_apcdb of the file…
|
⚡ Exploit | Apr 2, 2026 |
| CVE-2026-34792 | High | 8.8 |
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet…
|
— | Apr 2, 2026 |