🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-39860 | Critical | 9.0 |
Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary ove…
|
✅ Patch | Apr 8, 2026 |
| CVE-2026-3357 | High | 8.8 |
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the sys…
|
— | Apr 8, 2026 |
| CVE-2026-3243 | High | 8.8 |
The Advanced Members for ACF plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path…
|
— | Apr 8, 2026 |
| CVE-2026-3499 | High | 8.8 |
The Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce plugin for WordPress is vulnerable to C…
|
— | Apr 8, 2026 |
| CVE-2026-1342 | High | 8.5 |
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 …
|
— | Apr 8, 2026 |
| CVE-2026-4788 | High | 8.4 |
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a loc…
|
— | Apr 8, 2026 |
| CVE-2026-5436 | High | 8.1 |
The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1.…
|
— | Apr 8, 2026 |
| CVE-2026-30815 | High | 8.0 |
An OS command injection vulnerability in the OpenVPN module
of TP-Link Archer AX53 v1.0 allows an authenticated adjacent…
|
— | Apr 8, 2026 |
| CVE-2026-30814 | High | 8.0 |
A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attac…
|
— | Apr 8, 2026 |
| CVE-2026-30818 | High | 8.0 |
An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent…
|
— | Apr 8, 2026 |
| CVE-2026-40031 | High | 7.8 |
MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking acr…
|
— | Apr 8, 2026 |
| CVE-2026-40030 | High | 7.8 |
parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument (-v flag) is …
|
— | Apr 8, 2026 |
| CVE-2026-40029 | High | 7.8 |
parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsa…
|
— | Apr 8, 2026 |
| CVE-2026-40032 | High | 7.8 |
UAC (Unix-like Artifacts Collector) before 3.3.0-rc1 contains a command injection vulnerability in the placeholder subst…
|
— | Apr 8, 2026 |
| CVE-2026-5726 | High | 7.8 |
ASDA-Soft Stack-based Buffer Overflow Vulnerability
|
— | Apr 8, 2026 |
| CVE-2025-50652 | High | 7.5 |
An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint…
|
— | Apr 8, 2026 |
| CVE-2025-50654 | High | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of the id parameter in th…
|
— | Apr 8, 2026 |
| CVE-2025-52222 | High | 7.5 |
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-840…
|
— | Apr 8, 2026 |
| CVE-2025-50650 | High | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the ro…
|
— | Apr 8, 2026 |
| CVE-2025-50653 | High | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem paramet…
|
— | Apr 8, 2026 |