| CVE-2026-7469 | A vulnerability was detected in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. This impacts the function sub_425A28 of the file /goform/DelFil. The manipulation of the argument delflag results in command injection. The attack may be launched remotely. The exploit is now public and may be used. | critical | 2026-04-30 |
| CVE-2026-7468 | A security vulnerability has been detected in 1024-lab smart-admin up to 3.30.0. This affects an unknown function of the file /smart-admin-api/druid/index.html of the component Demo Site. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. | medium | 2026-04-30 |
| CVE-2026-7447 | A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/update_customer.php. This manipulation of the argument type/length/business parameter validity causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. | medium | 2026-04-30 |
| CVE-2026-7446 | A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_results/export_results/compare_results/scan_directory/create_rule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command injection. The attack can be executed remotely. The exploit is now public and may be used. Upgrading to version 1.0.1 is able to mitigate this issue. The patch is identified as 141335da044e53c3f5b315e0386e01238405b771. It is advisable to upgrade the affected component. | medium | 2026-04-30 |
| CVE-2026-7445 | A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler. The manipulation of the argument dirname leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. | medium | 2026-04-30 |
| CVE-2026-7443 | A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0.4. Affected by this vulnerability is the function fuzz_domain of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument Request can lead to os command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | medium | 2026-04-29 |
| CVE-2026-7420 | A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | high | 2026-04-29 |
| CVE-2026-7419 | A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEdit_ap. The manipulation of the argument Profile leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. | high | 2026-04-29 |
| CVE-2026-7381 | Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting (sendfile type) to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware constructor or the Plack environment. A malicious client can set the X-Sendfile-Type header to "X-Accel-Redirect" to services running behind nginx reverse proxies, and then set the X-Accel-Mapping to map the path to an arbitrary file on the server. Since 1.0053, Plack::Middleware::XSendfile is deprecated and will be removed from future releases of Plack. This is similar to CVE-2025-61780 for Rack::Sendfile, although Plack::Middleware::XSendfile has some mitigations that disallow regular expressions to be used in the mapping, and only apply the mapping for the "X-Accel-Redirect" type. | critical | 2026-04-29 |
| CVE-2026-6221 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | No Score | 2026-04-29 |
| CVE-2026-42031 | CKAN has Unauthenticated SQL Injection and Authorization Bypass in `datastore_search_sql` | high | |
| CVE-2026-41686 | Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool | medium | |
| CVE-2026-42353 | i18next-http-middleware has path traversal / SSRF via user-controlled language and namespace parameters | high | |
| CVE-2026-42352 | pygeoapi 0.23.x: Unauthenticated SSRF via OGC API - Processes Subscriber | high | |
| CVE-2026-42351 | pygeoapi 0.23.x: Path Traversal in STAC FileSystemProvider | high | |
| CVE-2026-7418 | A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. | high | 2026-04-29 |
| CVE-2026-7417 | A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhs_publish_content of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument media_paths results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet. | medium | 2026-04-29 |
| CVE-2026-7416 | A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function build_project/run_tests of the file src/index.ts of the component MCP Interface. The manipulation of the argument Request results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet. | medium | 2026-04-29 |
| CVE-2026-7410 | A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=add_to_cart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | medium | 2026-04-29 |
| CVE-2026-7409 | A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. | medium | 2026-04-29 |
| CVE-2026-41671 | Admidio: OIDC Token Introspection Endpoint Returns Active for All Tokens Without Validation | medium | |
| CVE-2026-41670 | Admidio Sends SAML Response to Unvalidated Assertion Consumer Service URL from AuthnRequest | high | |
| CVE-2026-41669 | Admidio Ignores SAML Signature Validation Result, Processes Forged AuthnRequests and LogoutRequests | high | |
| CVE-2026-41663 | Admidio has CSRF on Admin Preferences that Triggers Unauthorized Backup, .htaccess Write, and Email Send | low | |
| CVE-2026-41662 | Admidio Missing Minimum Administrator Check in Role Membership Removal | medium | |
| CVE-2026-41661 | Admidio vulnerable to reflected XSS in msg_window.php via Square Bracket to HTML Tag Conversion | medium | |
| CVE-2026-41660 | Admidio has Inverted 2FA Reset Authorization Check that Lets Group Leaders Strip Admin TOTP | high | |
| CVE-2026-41659 | Admidio Leaks Hidden Profile Field Values via Blind Search Oracle in Member Assignment | low | |
| CVE-2026-41658 | Admidio's Missing Authorization on Inventory Module Destructive Endpoints Allows Any Authenticated User to Delete Items | medium | |
| CVE-2026-41657 | Admidio Exposes Cross-Organization Member Data via Permission Check Mismatch in contacts_data.php | medium | |
| CVE-2026-41656 | Admidio has Path Traversal via Unvalidated `name` Parameter in Document Add Mode that Enables Arbitrary Server File Read | medium | |
| CVE-2026-41655 | Admidio has Path Traversal in ECard Preview that Allows Reading Arbitrary Server Files Including Database Credentials | medium | |
| CVE-2026-42232 | n8n has XML Node Prototype Pollution that to RCE | critical | |
| CVE-2026-42231 | n8n has Prototype Pollution in XML Webhook Body Parser that Leads to RCE | critical | |
| CVE-2026-42235 | n8n Vulnerable to XSS via MCP OAuth client | high | |
| CVE-2026-42226 | n8n's Credential Authorization Bypass in dynamic-node-parameters Allows Foreign API Key Replay | high | |
| CVE-2026-42234 | n8n has a Python Task Runner Sandbox Escape Vulnerability | high | |
| CVE-2026-42227 | n8n has Public API Variables IDOR that Allows Cross-Project Secret Disclosure | medium | |
| CVE-2026-42236 | n8n Vulnerable to Unauthenticated Denial of Service via MCP Client Registration | high | |
| CVE-2026-42228 | n8n Vulnerable to Hijacking of Unauthenticated Chat Execution | medium | |
| CVE-2026-7408 | A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used. | medium | 2026-04-29 |
| CVE-2026-7407 | A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file /pizzafy/admin/ajax.php?action=save_settings of the component Setting Handler. Such manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | medium | 2026-04-29 |
| CVE-2026-7404 | A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function delete_shared_prompt of the file src/mcpo_simple_server/services/prompt_manager/base_manager.py. This manipulation of the argument detail causes relative path traversal. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | medium | 2026-04-29 |
| CVE-2026-7403 | A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function list_rules/fetch_rule of the file src/gel_mcp/server.py. The manipulation of the argument rule_name results in path traversal. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | medium | 2026-04-29 |
| CVE-2026-1858 | wget2 accepts a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpose, they may be able to reuse it for TLS server authentication. | medium | 2026-04-29 |
| CVE-2025-50328 | A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web (MotW) protections. When an archive is downloaded from the internet and extracted using B1 Free Archiver, the software fails to propagate the 'Zone.Identifier' alternate data stream to the extracted files. As a result, these files can be executed without triggering Windows Defender SmartScreen warnings or security prompts, enabling untrusted code execution without standard security restrictions. | critical | 2026-04-29 |
| CVE-2026-42229 | n8n has SQL Injection in SeaTable Node | medium | |
| CVE-2026-42230 | n8n has Open Redirect in MCP OAuth Consent Flow | medium | |
| CVE-2026-42233 | n8n has SQL Injection in Oracle Database Node via Limit Field | medium | |
| CVE-2026-42237 | n8n has SQL Injection in Snowflake and MySQL Nodes | medium | |
