🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-3879 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Deta…
|
— | Apr 3, 2026 |
| CVE-2026-27655 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on M…
|
— | Apr 3, 2026 |
| CVE-2026-28756 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on D…
|
— | Apr 3, 2026 |
| CVE-2026-28754 | High | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists rep…
|
— | Apr 3, 2026 |
| CVE-2017-20238 | High | 7.1 |
Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorizat…
|
— | Apr 3, 2026 |
| CVE-2026-5474 | Medium | 6.3 |
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw…
|
— | Apr 3, 2026 |
| CVE-2026-5472 | Medium | 6.3 |
A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Th…
|
— | Apr 3, 2026 |
| CVE-2026-5470 | Medium | 6.3 |
A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca6…
|
— | Apr 3, 2026 |
| CVE-2026-5475 | Medium | 5.5 |
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_…
|
— | Apr 3, 2026 |
| CVE-2017-20233 | Medium | 5.4 |
Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correc…
|
— | Apr 3, 2026 |
| CVE-2026-5484 | Medium | 5.3 |
A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the …
|
— | Apr 3, 2026 |
| CVE-2026-34511 | Medium | 5.3 |
OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth flow, exposing it thr…
|
— | Apr 3, 2026 |
| CVE-2026-3502 | Critical | 9.8 |
TrueConf Client — CVE-2026-3502
TrueConf Client contains a download of code without integrity check vulnerability. An at…
|
— | Apr 2, 2026 |
| CVE-2026-3692 | High | 8.8 |
In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may cr…
|
— | Apr 2, 2026 |
| CVE-2026-34121 | High | 8.8 |
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v…
|
— | Apr 2, 2026 |
| CVE-2026-34793 | High | 8.8 |
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet…
|
— | Apr 2, 2026 |
| CVE-2026-34792 | High | 8.8 |
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet…
|
— | Apr 2, 2026 |
| CVE-2026-34791 | High | 8.8 |
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet…
|
— | Apr 2, 2026 |
| CVE-2026-5349 | High | 8.8 |
A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function add_apcdb of the file…
|
⚡ Exploit | Apr 2, 2026 |
| CVE-2026-34794 | High | 8.8 |
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet…
|
— | Apr 2, 2026 |