🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-20059 | Medium | 6.1 |
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote a…
|
— | Apr 15, 2026 |
| CVE-2026-20136 | Medium | 6.0 |
A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PI…
|
— | Apr 15, 2026 |
| CVE-2026-40915 | Medium | 5.5 |
A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by …
|
— | Apr 15, 2026 |
| CVE-2026-20161 | Medium | 5.5 |
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low …
|
— | Apr 15, 2026 |
| CVE-2026-40918 | Medium | 5.5 |
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of se…
|
— | Apr 15, 2026 |
| CVE-2026-6245 | Medium | 5.5 |
A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() function within the PA…
|
— | Apr 15, 2026 |
| CVE-2026-6383 | Medium | 5.4 |
A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization mechanism improperly…
|
— | Apr 15, 2026 |
| CVE-2026-1509 | Medium | 5.4 |
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Arbitrary WordPress Action Execution in all versions up…
|
— | Apr 15, 2026 |
| CVE-2026-20152 | Medium | 5.3 |
A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could all…
|
— | Apr 15, 2026 |
| CVE-2026-3642 | Medium | 5.3 |
The e-shot™ form builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including…
|
— | Apr 15, 2026 |
| CVE-2026-4812 | Medium | 5.3 |
The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Post/Page Disc…
|
— | Apr 15, 2026 |
| CVE-2026-1314 | Medium | 5.3 |
The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to unauth…
|
— | Apr 15, 2026 |
| CVE-2026-1782 | Medium | 5.3 |
The MetForm Pro plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 3…
|
— | Apr 15, 2026 |
| CVE-2026-3649 | Medium | 5.3 |
The Katalogportal PDF Sync plugin for WordPress is vulnerable to Missing Authorization in all versions up to and includi…
|
— | Apr 15, 2026 |
| CVE-2026-40917 | Medium | 5.0 |
A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when proces…
|
— | Apr 15, 2026 |
| CVE-2026-40916 | Medium | 5.0 |
A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a lo…
|
— | Apr 15, 2026 |
| CVE-2026-37980 | Medium | 6.9 |
A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacker with `manage-real…
|
— | Apr 14, 2026 |
| CVE-2026-32223 | Medium | 6.8 |
Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a phys…
|
— | Apr 14, 2026 |
| CVE-2026-0390 | Medium | 6.7 |
Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a sec…
|
— | Apr 14, 2026 |
| CVE-2026-32176 | Medium | 6.7 |
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized …
|
— | Apr 14, 2026 |