Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.5 MEDIUM
CVE-2026-39309 — Trilium Notes: macOS TCC Bypass via Prompt Spoofing

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to …

trilium trilium | Misconfiguration
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
6.8 MEDIUM
CVE-2026-35593 — Trilium Notes has Local File Inclusion via upload modified file API endpoint

Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, al…

trilium | Remote | Path Traversal
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
5.3 MEDIUM
CVE-2026-34970 — MantisBT Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. Th…

mantisbt | Remote | Authorization
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
4.3 MEDIUM
CVE-2026-34754 — MantisBT allows unauthorized users to upload attachments to restricted issues via REST API

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private Issues they are not authorized to access. This is…

mantisbt | Remote | Authorization
May 20, 2026 May 20, 2026
May 20, 2026
May 20, 2026
Showing 20 of 7584 Results