🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-6607 | Medium | 5.3 |
A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api_generate…
|
— | Apr 20, 2026 |
| CVE-2026-6608 | Medium | 5.3 |
A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function add_text of the component Arena S…
|
— | Apr 20, 2026 |
| CVE-2026-6579 | Medium | 6.5 |
A weakness has been identified in liangliangyy DjangoBlog up to 2.1.0.0. This impacts an unknown function of the file bl…
|
— | Apr 19, 2026 |
| CVE-2026-0868 | Medium | 6.4 |
The EMC – Easily Embed Calendly Scheduling Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi…
|
— | Apr 19, 2026 |
| CVE-2026-6576 | Medium | 6.3 |
A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHan…
|
— | Apr 19, 2026 |
| CVE-2026-6571 | Medium | 6.3 |
A weakness has been identified in kodcloud KodExplorer up to 4.52. Affected by this vulnerability is the function roleGr…
|
— | Apr 19, 2026 |
| CVE-2026-6573 | Medium | 6.3 |
A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.m…
|
— | Apr 19, 2026 |
| CVE-2026-6572 | Medium | 5.6 |
A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown f…
|
— | Apr 19, 2026 |
| CVE-2026-6578 | Medium | 5.6 |
A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the fi…
|
— | Apr 19, 2026 |
| CVE-2026-6583 | Medium | 5.4 |
A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function delete_api_key/edi…
|
— | Apr 19, 2026 |
| CVE-2026-6056 | None | — |
|
— | Apr 19, 2026 |
| CVE-2026-41113 | None | — |
|
— | Apr 19, 2026 |
| CVE-2026-4801 | Medium | 6.4 |
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via exter…
|
— | Apr 18, 2026 |
| CVE-2026-6048 | Medium | 6.4 |
The Flipbox Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Flipbox widget…
|
— | Apr 18, 2026 |
| CVE-2026-1559 | Medium | 6.4 |
The Youzify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'checkin_place_id' parameter in al…
|
— | Apr 18, 2026 |
| CVE-2026-2986 | Medium | 6.4 |
The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'other_attributes…
|
— | Apr 18, 2026 |
| CVE-2026-0894 | Medium | 6.4 |
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin…
|
— | Apr 18, 2026 |
| CVE-2026-1838 | Medium | 6.1 |
The Hostel plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcode_id' parameter in all …
|
— | Apr 18, 2026 |
| CVE-2026-2505 | Medium | 5.4 |
The Categories Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including…
|
— | Apr 18, 2026 |
| CVE-2026-40459 | High | 8.8 |
PAC4J is vulnerable to LDAP Injection in multiple methods. A low-privileged remote attacker can inject crafted LDAP synt…
|
— | Apr 17, 2026 |