| CVE-2026-5317 | A security flaw has been discovered in Nothings stb up to 1.22. This affects the function start_decoder of the file stb_vorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | medium | 2026-04-02 |
| CVE-2026-1243 | IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | medium | 2026-04-02 |
| CVE-2026-5316 | A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setup_free of the file stb_vorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | medium | 2026-04-02 |
| CVE-2026-5315 | A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbtt__buf_get8 in the library stb_truetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | medium | 2026-04-02 |
| CVE-2026-21767 | HCL BigFix Platform is affected by insufficient authentication. The application might allow users to access sensitive areas of the application without proper authentication. | medium | 2026-04-02 |
| CVE-2026-21765 | HCL BigFix Platform is affected by insecure permissions on private cryptographic keys. The private cryptographic keys located on a Windows host machine might be subject to overly permissive file system permissions. | high | 2026-04-02 |
| CVE-2026-34828 | listmonk's active sessions remain valid after password reset and password change | high | |
| CVE-2026-34825 | NocoBase Has SQL Injection via template variable substitution in workflow SQL node | high | |
| CVE-2026-34974 | phpMyFAQ: SVG Sanitizer Bypass via HTML Entity Encoding Leads to Stored XSS and Privilege Escalation | medium | |
| CVE-2026-34973 | phpMyFAQ has a LIKE Wildcard Injection in Search.php — Unescaped % and _ Metacharacters Enable Broad Content Disclosure | medium | |
| CVE-2026-34783 | Ferret: Path Traversal in IO::FS::WRITE allows arbitrary file write when scraping malicious websites | high | |
| CVE-2026-34969 | Nhost Leaks Refresh Tokens via URL Query Parameter in OAuth Provider Callback | low | |
| CVE-2026-34953 | PraisonAI Has Authentication Bypass via OAuthManager.validate_token() | critical | |
| CVE-2026-34952 | PraisonAI Has Missing Authentication in WebSocket Gateway | critical | |
| CVE-2026-34954 | PraisonAI Has SSRF in FileTools.download_file() via Unvalidated URL | high | |
| CVE-2026-34955 | PraisonAI Has Sandbox Escape via shell=True and Bypassable Blocklist in SubprocessSandbox | high | |
| CVE-2026-34940 | KubeAI: OS Command Injection via Model URL in Ollama Engine startup probe allows arbitrary command execution in model pods | high | |
| CVE-2026-34936 | PraisonAI: SSRF via Unvalidated api_base in passthrough() Fallback | high | |
| CVE-2026-34939 | PraisonAI Has ReDoS via Unvalidated User-Controlled Regex in MCPToolIndex.search_tools() | medium | |
| CVE-2026-34934 | PraisonAI Has Second-Order SQL Injection in `get_all_user_threads` | critical | |
| CVE-2026-34935 | PraisonAI: OS Command Injection in MCPHandler.parse_mcp_command() | critical | |
| CVE-2026-34937 | PraisonAI: Shell Injection in run_python() via Unescaped $() Substitution | high | |
| CVE-2026-34938 | PraisonAI: Python Sandbox Escape via str Subclass startswith() Override in execute_code | critical | |
| CVE-2026-5314 | A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | medium | 2026-04-01 |
| CVE-2026-4759 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | No Score | 2026-04-01 |
| CVE-2026-3882 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | No Score | 2026-04-01 |
| CVE-2026-32929 | V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product. | high | 2026-04-01 |
| CVE-2026-32928 | V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product. | high | 2026-04-01 |
| CVE-2026-32927 | V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product. | high | 2026-04-01 |
| CVE-2026-32926 | V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product. | high | 2026-04-01 |
| CVE-2026-32925 | V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom. Opening a crafted V7 file may lead to arbitrary code execution on the affected product. | high | 2026-04-01 |
| CVE-2025-66487 | IBM Aspera Shares 1.9.9 through 1.11.0 does not properly rate limit the frequency that an authenticated user can send emails, which could result in email flooding or a denial of service. | low | 2026-04-01 |
| CVE-2025-66486 | IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. | medium | 2026-04-01 |
| CVE-2025-66485 | IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. | medium | 2026-04-01 |
| CVE-2025-66484 | IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | medium | 2026-04-01 |
| CVE-2025-66483 | IBM Aspera Shares 1.9.9 through 1.11.0 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system. | medium | 2026-04-01 |
| CVE-2025-36375 | IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | medium | 2026-04-01 |
| CVE-2025-0711 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | No Score | 2026-04-01 |
| CVE-2026-34762 | Ella Core Has Audit Log Falsification via Path/Body IMSI Mismatch in UpdateSubscriber | low | |
| CVE-2026-34761 | Ella Core Panics Upon NGAP handover failure | medium | |
| CVE-2026-34752 | Haraka affected by DoS via `__proto__` email header | high | |
| CVE-2026-34730 | Copier `_external_data` allows path traversal and absolute-path local file read without unsafe mode | medium | |
| CVE-2026-34729 | phpMyFAQ: Stored XSS via Regex Bypass in Filter::removeAttributes() | medium | |
| CVE-2026-34728 | phpMyFAQ: Path Traversal - Arbitrary File Deletion in MediaBrowserController | high | |
| CVE-2026-34726 | Copier `_subdirectory` allows template root escape via parent-directory traversal | medium | |
| CVE-2026-34725 | dbgate-web: Stored XSS in applicationIcon leads to potential RCE in Electron due to unsafe renderer configuration | high | |
| CVE-2026-34715 | ewe Has Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Request/Response Splitting) | medium | |
| CVE-2026-34591 | Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write | high | |
| CVE-2026-5313 | A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbi__gif_load_next in the library stb_image.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | medium | 2026-04-01 |
| CVE-2026-3987 | A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and including 2026.1.2. | high | 2026-04-01 |
