🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2023-54361 | Medium | 6.1 |
Joomla iProperty Real Estate 4.1.1 contains a reflected cross-site scripting vulnerability that allows attackers to inje…
|
— | Apr 9, 2026 |
| CVE-2023-54360 | Medium | 6.1 |
Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicio…
|
— | Apr 9, 2026 |
| CVE-2026-21904 | Medium | 6.1 |
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Network…
|
— | Apr 9, 2026 |
| CVE-2023-54363 | Medium | 6.1 |
Joomla Solidres 2.13.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to …
|
— | Apr 9, 2026 |
| CVE-2023-54358 | Medium | 6.1 |
WordPress adivaha Travel Plugin 2.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated …
|
— | Apr 9, 2026 |
| CVE-2026-35622 | Medium | 5.9 |
OpenClaw before 2026.3.22 contains an improper authentication verification vulnerability in Google Chat app-url webhook …
|
— | Apr 9, 2026 |
| CVE-2026-33773 | Medium | 5.8 |
An Incorrect Initialization of Resource vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS…
|
— | Apr 9, 2026 |
| CVE-2026-33776 | Medium | 5.5 |
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user w…
|
— | Apr 9, 2026 |
| CVE-2026-33786 | Medium | 5.5 |
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Junipe…
|
— | Apr 9, 2026 |
| CVE-2026-33787 | Medium | 5.5 |
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Junipe…
|
— | Apr 9, 2026 |
| CVE-2026-4124 | Medium | 5.4 |
The Ziggeo plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1. The …
|
— | Apr 9, 2026 |
| CVE-2026-5986 | Medium | 5.3 |
A weakness has been identified in Zod jsVideoUrlParser up to 0.5.1. The impacted element is the function getTime in the …
|
— | Apr 9, 2026 |
| CVE-2026-35640 | Medium | 5.3 |
OpenClaw before 2026.3.25 parses JSON request bodies before validating webhook signatures, allowing unauthenticated atta…
|
— | Apr 9, 2026 |
| CVE-2026-35633 | Medium | 5.3 |
OpenClaw before 2026.3.22 contains an unbounded memory allocation vulnerability in remote media HTTP error handling that…
|
— | Apr 9, 2026 |
| CVE-2026-5833 | Medium | 5.3 |
A security vulnerability has been detected in awwaiid mcp-server-taskwarrior up to 1.0.1. This impacts the function serv…
|
— | Apr 9, 2026 |
| CVE-2026-35626 | Medium | 5.3 |
OpenClaw before 2026.3.22 contains an unauthenticated resource exhaustion vulnerability in voice call webhook handling t…
|
— | Apr 9, 2026 |
| CVE-2026-2519 | Medium | 5.3 |
The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to price manipulation v…
|
— | Apr 9, 2026 |
| CVE-2026-35634 | Medium | 5.1 |
OpenClaw before 2026.3.23 contains an authentication bypass vulnerability in the Canvas gateway where authorizeCanvasReq…
|
— | Apr 9, 2026 |
| CVE-2026-1340 | Critical | 9.8 |
Ivanti Endpoint Manager Mobile (EPMM) — CVE-2026-1340
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vu…
|
— | Apr 8, 2026 |
| CVE-2026-1346 | Critical | 9.3 |
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 …
|
— | Apr 8, 2026 |