Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12600
Total
849
Critical
3629
High
3944
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-34568 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34567 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34566 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34565 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34564 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34563 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34562 | MEDIUM | 4.7 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34561 | MEDIUM | 4.7 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34560 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34559 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-5312 | MEDIUM | 5.3 | A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, … | Apr 01, 2026 |
| CVE-2026-4820 | MEDIUM | 4.3 | IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able … | Apr 01, 2026 |
| CVE-2026-4364 | MEDIUM | 5.4 | IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 … | Apr 01, 2026 |
| CVE-2026-4101 | HIGH | 8.1 | IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 … | Apr 01, 2026 |
| CVE-2026-34873 | UNKNOWN | — | An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session. | Apr 01, 2026 |
| CVE-2026-34545 | UNKNOWN | — | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to … | Apr 01, 2026 |
| CVE-2026-34544 | UNKNOWN | — | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to … | Apr 01, 2026 |
| CVE-2026-34543 | UNKNOWN | — | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to … | Apr 01, 2026 |
| CVE-2026-34531 | MEDIUM | 6.5 | Flask-HTTPAuth provides Basic, Digest and Token HTTP authentication for Flask routes. Prior to version 4.8.1, in a situation where the client makes a request to … | Apr 01, 2026 |
| CVE-2026-34530 | MEDIUM | 6.9 | File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the SPA … | Apr 01, 2026 |
| CVE-2026-34529 | HIGH | 7.6 | File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the EPUB … | Apr 01, 2026 |
| CVE-2026-34528 | HIGH | 8.1 | File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the signupHandler … | Apr 01, 2026 |
| CVE-2026-34525 | UNKNOWN | — | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has … | Apr 01, 2026 |
| CVE-2026-34520 | UNKNOWN | — | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null … | Apr 01, 2026 |
| CVE-2026-34519 | UNKNOWN | — | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter when creating a … | Apr 01, 2026 |