Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.3 MEDIUM
CVE-2026-41417 — Netty vulnerable to HTTP request smuggling and RTSP request injection via DefaultHttpRequ…

Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`. The constructors reject CRLF …

netty | Remote | Injection
May 06, 2026 May 11, 2026
May 06, 2026
May 11, 2026
5.3 MEDIUM
CVE-2026-41310 — OpenTelemetry .NET Zipkin exporter has unbounded remote endpoint cache leading to memory …

OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span a…

opentelemetry opentelemetry.exporter.zipkin opentelemetry.exporter.opentelemetryprotocol | Remote | Information Disclosure
May 06, 2026 May 11, 2026
May 06, 2026
May 11, 2026
5.4 MEDIUM
CVE-2026-40296 — PhpSpreadsheet vulnerable to XSS in HTML writer via custom number format codes

PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The HTML writer skips htmlspecialchars escaping when a cell's formatted value differs from the original value. When a c…

phpspreadsheet | Remote | Cross-Site Scripting
May 06, 2026 May 11, 2026
May 06, 2026
May 11, 2026
6.9 MEDIUM
CVE-2026-3291 — Samsung Print Service Plugin – Potential Information Disclosure

Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate …

samsung_print_service_plugin | Information Disclosure
May 06, 2026 May 11, 2026
May 06, 2026
May 11, 2026
Showing 20 of 7244 Results