Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.4 CRITICAL
CVE-2026-33707 — Weak Password Recovery Mechanism for Forgotten Password in chamilo/chamilo-lms

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, the default password reset mechanism generates tokens using sha1($email) with no random component, no expiration, and no …

Remote | Authentication
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-33706 — Chamilo LMS has a REST API Self-Privilege Escalation (Student → Teacher)

Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user with a REST API key can modify their own status field via the update_user_from_username endpoint. A student (stat…

Remote | Authorization
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
5.3 MEDIUM
CVE-2026-33705 — Chamilo LMS has unauthenticated access to Twig template source files exposes application …

Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files (.tpl) under /main/template/default/ are directly accessible without authentication via HTTP GET requests. These tem…

Remote | Information Disclosure
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-33704 — Chamilo LMS Affected by Authenticated Arbitrary File Write via BigUpload endpoint

Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user (including students) can write arbitrary content to files on the server via the BigUpload endpoint. The key param…

Remote | Path Traversal
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-33703 — Chamilo LMS Critical IDOR: Any Authenticated User Can Extract All Users’ Personal Data an…

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the /social-network/personal-data/{userId} endpoint allows any authentica…

Remote | Information Disclosure
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-33702 — Chamilo LMS has an Insecure Direct Object Reference (IDOR)

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an Insecure Direct Object Reference (IDOR) vulnerability in the Learning Path progress saving endpoi…

Remote | Authorization
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
9.3 CRITICAL
CVE-2026-33698 — Chamilo LMS affected by unauthenticated RCE in main/install folder

Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code from the main/install/ directory and allow an unauthenticated attacker to modify …

Remote | Misconfiguration
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
8.8 HIGH
CVE-2026-33618 — Chamilo LMS Affected by Remote Code Execution via eval() in Platform Settings

Chamilo LMS is a learning management system. Prior to .0.0-RC.3, the PlatformConfigurationController::decodeSettingArray() method uses PHP's eval() to parse platform settings from the database. An at…

Remote | Injection
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
6.5 MEDIUM
CVE-2026-27460 — Tandoor Recipes Affected by Denial of Service via Recipe Import

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.5, a critical Denial of Service (DoS) vulnerability was in the recipe import function…

Remote | Denial of Service
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
8.5 HIGH
CVE-2026-5483 — Odh-dashboard: odh dashboard kubernetes service account exposure

A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard` component of Red Hat OpenShift AI (RHOAI) allows for the disclosure of Kubernetes Service Account …

Remote | Information Disclosure
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
8.2 HIGH
CVE-2026-40163 — Saltcorn has an Unauthenticated Path Traversal in sync endpoints allows arbitrary file wr…

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.5, 1.5.5, and 1.6.0-beta.4, the POST /sync/offline_changes endpoint allows an unauthenticated attacker to cr…

Remote | Path Traversal
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-40162 — Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble

Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authenticat…

Remote | Path Traversal
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
6.5 MEDIUM
CVE-2026-33141 — Chamilo LMS has an IDOR in REST API Stats Endpoint Exposes Any User's Learning Data

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the REST API stats endpoint allows any authenticated user (including low-…

Remote | Authorization
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
4.7 MEDIUM
CVE-2026-32932 — Chamilo LMS has an Open Redirect via Unvalidated 'page' Parameter in Session Course Edit

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Open Redirect vulnerability in the session course edit page allows an attacker to redirect an authenticated administra…

Remote | Misconfiguration
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.5 HIGH
CVE-2026-32931 — Chamilo LMS has Arbitrary File Upload via MIME-Only Validation in Exercise Sound Upload L…

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload…

Remote | Authentication
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-32930 — Chamilo LMS has an IDOR in Gradebook Allows Cross-Course Evaluation Edit Without Ownershi…

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the gradebook evaluation edit page allows any authenticated t…

Remote | Authorization
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-32894 — Chamilo LMS has an IDOR in Gradebook Allows Cross-Course Deletion of Any Student's Grade …

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the gradebook result view page allows any authenticated teach…

Remote | Authorization
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
5.4 MEDIUM
CVE-2026-32893 — Chamilo LMS has Reflected XSS via Unsanitized http_build_query() in Exercise Question Lis…

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, a Reflected Cross-Site Scripting (XSS) vulnerability in the exercise question list admin panel allows an attacker to execute arbitrar…

Remote | Cross-Site Scripting
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
9.1 CRITICAL
CVE-2026-32892 — OS Command Injection in Chamilo LMS 1.11.36

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an OS Command Injection vulnerability in the file move function. The move() function in fileManage.l…

Remote | Injection
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.7 HIGH
CVE-2026-31941 — Server-Side Request Forgery (SSRF) in Chamilo LMS

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains a Server-Side Request Forgery (SSRF) vulnerability in the Social Wall feature. The endpoint read_url…

Remote | Server-Side Request Forgery
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
Showing 20 of 6354 Results