Latest CVE Feed
CVE Intelligence
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Score
Vulnerability
Published
8.1
HIGH
CVE-2026-40588
— blueprintUE: Authenticated Password Change Does Not Verify Current Password
blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the password change form at /profile/{slug}/edit/ does not include a current_password field and does not verify the user's exis…
Remote
|
Authentication
Apr 21, 2026
Apr 22, 2026
Apr 21, 2026
Apr 22, 2026
6.5
MEDIUM
CVE-2026-40587
— blueprintUE: Active Sessions Are Not Invalidated After Password Change or Reset
blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a user changes their password via the profile edit page, or when a password reset is completed via the reset link, neither…
Remote
|
Authentication
Apr 21, 2026
Apr 22, 2026
Apr 21, 2026
Apr 22, 2026