Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-6634 | MEDIUM | 6.3 | A weakness has been identified in usememos memos up to 0.22.1. This affects the function memos_access_token of the file src/App.tsx of the component UpdateInstanceSetting. This … | Apr 20, 2026 |
| CVE-2026-6633 | LOW | 3.5 | A security flaw has been discovered in Yifang CMS up to 2.0.5. The impacted element is the function store of the file plugins/yifang_backend_account/logic/admin/L_rbac_admin.php of the … | Apr 20, 2026 |
| CVE-2026-5958 | UNKNOWN | — | When sed is invoked with both -i (in-place edit) and --follow-symlinks, the function open_next_file() performs two separate, non-atomic filesystem operations on the same path: 1. … | Apr 20, 2026 |
| CVE-2026-6654 | MEDIUM | 5.1 | Double-Free / Use-After-Free (UAF) in the `IntoIter::drop` and `ThinVec::clear` functions in the thin_vec crate. A panic in `ptr::drop_in_place` skips setting the length to zero. | Apr 20, 2026 |
| CVE-2026-6632 | HIGH | 8.8 | A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component httpd. The manipulation … | Apr 20, 2026 |
| CVE-2026-6631 | HIGH | 8.8 | A vulnerability was determined in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. Executing a manipulation of … | Apr 20, 2026 |
| CVE-2026-6630 | HIGH | 8.8 | A vulnerability was found in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation … | Apr 20, 2026 |
| CVE-2026-6629 | HIGH | 7.3 | A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.0. This vulnerability affects the function Statement.executeUpdate of the file sql.jsp of the component … | Apr 20, 2026 |
| CVE-2026-6628 | MEDIUM | 6.3 | A flaw has been found in phili67 Ecclesia CRM up to 8.0.0. This affects the function ValidateInput of the file /v2/query/view/ of the component Query … | Apr 20, 2026 |
| CVE-2026-6626 | MEDIUM | 6.3 | A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The … | Apr 20, 2026 |
| CVE-2026-6625 | HIGH | 7.3 | A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file … | Apr 20, 2026 |
| CVE-2026-6624 | LOW | 2.4 | A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\_route=pool/add of the component Pool List … | Apr 20, 2026 |
| CVE-2026-6623 | LOW | 2.4 | A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /?_route=settings/users-view/ of the component Profile … | Apr 20, 2026 |
| CVE-2026-6622 | LOW | 2.4 | A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\_route=customers/edit/ of the component Customer Handler. Such … | Apr 20, 2026 |
| CVE-2026-31430 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a … | Apr 20, 2026 |
| CVE-2026-31429 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a … | Apr 20, 2026 |
| CVE-2025-13480 | UNKNOWN | — | Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive … | Apr 20, 2026 |
| CVE-2026-6621 | HIGH | 7.3 | A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file index.js. This manipulation of the … | Apr 20, 2026 |
| CVE-2026-6620 | MEDIUM | 6.3 | A vulnerability was found in SonicCloudOrg sonic-server up to 2.0.0. The affected element is the function Upload of the file FileTool.java of the component File … | Apr 20, 2026 |
| CVE-2026-6619 | LOW | 3.5 | A vulnerability has been found in langgenius dify up to 1.13.3. Impacted is the function openInNewTab of the file web/app/components/base/image-uploader/image-preview.tsx of the component ImagePreview. The … | Apr 20, 2026 |
| CVE-2026-6618 | MEDIUM | 6.3 | A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse_openai_plugin_json_to_tool_bundle of the file api/core/tools/utils/parser.py of the component ApiBasedToolSchemaParser. … | Apr 20, 2026 |
| CVE-2026-5967 | HIGH | 8.8 | ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability. Authenticated remote attackers with shell access can inject OS commands and execute them with root … | Apr 20, 2026 |
| CVE-2026-39454 | HIGH | 7.8 | SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may … | Apr 20, 2026 |
| CVE-2026-6617 | MEDIUM | 6.3 | A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function get_api_tool_provider_remote_schema of the file api/services/tools/api_tools_manage_service.py of the component ApiToolManageService. Performing … | Apr 20, 2026 |
| CVE-2026-6616 | MEDIUM | 6.3 | A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extract_with_bs4/extract_with_3k/extract_with_lxml of the file superagi/helper/webpage_extractor.py of the component WebScraperTool. … | Apr 20, 2026 |