Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-6615 | HIGH | 7.3 | A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the … | Apr 20, 2026 |
| CVE-2026-5966 | HIGH | 8.1 | ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers with web access can exploit Path Traversal to delete arbitrary files … | Apr 20, 2026 |
| CVE-2026-5964 | CRITICAL | 9.8 | EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database … | Apr 20, 2026 |
| CVE-2026-5963 | CRITICAL | 9.8 | EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database … | Apr 20, 2026 |
| CVE-2026-41282 | MEDIUM | 4.0 | ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets (not the default configuration). | Apr 20, 2026 |
| CVE-2026-6644 | UNKNOWN | — | A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative user to break out of the … | Apr 20, 2026 |
| CVE-2026-6643 | UNKNOWN | — | A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf() and passing … | Apr 20, 2026 |
| CVE-2026-6614 | MEDIUM | 6.3 | A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the function get_project/update_project/get_projects_organisation of the file superagi/controllers/project.py. The … | Apr 20, 2026 |
| CVE-2026-6613 | MEDIUM | 6.3 | A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function delete_agent/stop_schedule/get_schedule_data of the file superagi/controllers/agent.py. The manipulation of the argument agent_id … | Apr 20, 2026 |
| CVE-2026-6612 | MEDIUM | 6.3 | A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get_agent_execution/update_agent_execution of the file superagi/controllers/agent_execution.py of the component Agent Execution Endpoint. … | Apr 20, 2026 |
| CVE-2026-6611 | LOW | 3.1 | A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component File Upload Endpoint. … | Apr 20, 2026 |
| CVE-2024-7083 | LOW | 3.5 | The Email Encoder WordPress plugin before 2.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin … | Apr 20, 2026 |
| CVE-2026-6610 | LOW | 3.7 | A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file djangoblog/settings.py of the component … | Apr 20, 2026 |
| CVE-2026-6609 | MEDIUM | 6.3 | A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function form_valid of the file oauth/views.py. This manipulation of … | Apr 20, 2026 |
| CVE-2026-6608 | MEDIUM | 5.3 | A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function add_text of the component Arena Side-by-Side View Handler. The manipulation results … | Apr 20, 2026 |
| CVE-2026-6607 | MEDIUM | 5.3 | A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api_generate of the component Worker API Endpoint. The … | Apr 20, 2026 |
| CVE-2026-6606 | HIGH | 7.3 | A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function _process_audio_block of the file src/agentscope/agent/_agent_base.py. Executing a manipulation of … | Apr 20, 2026 |
| CVE-2026-6605 | HIGH | 7.3 | A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function _get_bytes_from_web_url of the file src/agentscope/_utils/_common.py of the component Internal … | Apr 20, 2026 |
| CVE-2026-6604 | HIGH | 7.3 | A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function _parse_url/prepare_image/openai_audio_to_text of the file src/agentscope/tool/_multi_modality/_openai_tools.py of the component … | Apr 20, 2026 |
| CVE-2026-6603 | HIGH | 7.3 | A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerability is the function execute_python_code/execute_shell_command of the file src/AgentScope/tool/_coding/_python.py. This manipulation causes … | Apr 20, 2026 |
| CVE-2026-6602 | HIGH | 7.3 | A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The manipulation of the … | Apr 20, 2026 |
| CVE-2026-6601 | MEDIUM | 4.3 | A vulnerability has been found in Lagom WHMCS Template up to 2.4.2. This impacts an unknown function of the component Datatables. The manipulation leads to … | Apr 20, 2026 |
| CVE-2026-6600 | LOW | 3.5 | A flaw has been found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the file src/frontend/src/modals/IOModal/components/chatView/chatMessage/components/edit-message.tsx of the component Frontend React … | Apr 20, 2026 |
| CVE-2026-6599 | MEDIUM | 6.3 | A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function get_client_ip/install_mcp_config of the file src/backend/base/langflow/api/v1/mcp_projects.py of the component Model … | Apr 20, 2026 |
| CVE-2026-6598 | MEDIUM | 4.3 | A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the … | Apr 20, 2026 |