Latest CVE Vulnerabilities

8.8 HIGH

CVE-2026-34329 — Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

None

May 12, 2026 May 12, 2026

May 12, 2026

7.8 HIGH

CVE-2026-33841 — Windows Kernel Elevation of Privilege Vulnerability

None

May 12, 2026 May 12, 2026

May 12, 2026

7.8 HIGH

CVE-2026-33840 — Win32k Elevation of Privilege Vulnerability

None

May 12, 2026 May 12, 2026

May 12, 2026

7.0 HIGH

CVE-2026-33839 — Win32k Elevation of Privilege Vulnerability

None

May 12, 2026 May 12, 2026

May 12, 2026

7.8 HIGH

CVE-2026-33834 — Windows Event Logging Service Elevation of Privilege Vulnerability

None

May 12, 2026 May 12, 2026

May 12, 2026

9.1 CRITICAL

CVE-2026-33117 — Azure SDK for Java Security Feature Bypass Vulnerability

None

May 12, 2026 May 12, 2026

May 12, 2026

6.7 MEDIUM

CVE-2026-21530 — Windows Rich Text Edit Elevation of Privilege Vulnerability

None

May 12, 2026 May 12, 2026

May 12, 2026

7.3 HIGH

CVE-2026-32177 — .NET Elevation of Privilege Vulnerability

None

May 12, 2026 May 12, 2026

May 12, 2026

7.8 HIGH

CVE-2026-32204 — Azure Monitor Agent Elevation of Privilege Vulnerability

None

May 12, 2026 May 12, 2026

May 12, 2026

9.3 CRITICAL

CVE-2026-40379 — Microsoft Enterprise Security Token Service (ESTS) Spoofing Vulnerability

None

May 12, 2026 May 12, 2026

May 12, 2026

0.0 NA

CVE-2026-43891 — changedetection.io: Arbitrary Local File Read via crafted backup restore

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vu…

| Path Traversal

May 12, 2026 May 12, 2026

May 12, 2026

6.5 MEDIUM

CVE-2025-53870 — Fortinet FortiAP OS Command Injection

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5, FortiAP 7.2 all versi…

| Injection

May 12, 2026 May 12, 2026

May 12, 2026

6.1 MEDIUM

CVE-2025-53680 — Fortinet FortiAP OS Command Injection Vulnerability

An improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5…

| Injection

May 12, 2026 May 12, 2026

May 12, 2026

5.2 MEDIUM

CVE-2025-67604 — Fortinet FortiAnalyzer and FortiManager HTTP Request Crash Vulnerability

A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions,…

Remote | Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

6.3 MEDIUM

CVE-2025-53681 — Fortinet FortiMail SQL Injection

An improper neutralization of special elements used in an SQL Command ("SQL Injection&") vulnerability [CWE-89] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5,…

Remote | Injection

May 12, 2026 May 12, 2026

May 12, 2026

4.0 MEDIUM

CVE-2026-25690 — Fortinet FortiDeceptor Argument Injection Vulnerability

An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2…

Remote | Injection

May 12, 2026 May 12, 2026

May 12, 2026

8.3 HIGH

CVE-2025-53844 — Fortinet FortiOS OOB Write Code Execution Vulnerability

A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via spe…

Remote | Memory Corruption

May 12, 2026 May 12, 2026

May 12, 2026

5.0 MEDIUM

CVE-2026-44279 — Fortinet FortiTokenAndroid Improper Component Export Vulnerability

A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow atta…

| Authorization

May 12, 2026 May 12, 2026

May 12, 2026

2.1 LOW

CVE-2026-44278 — Fortinet FortiClient Hard-Coded Cryptographic Key Information Disclosure Vulnerability

A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via <insert at…

| Cryptography

May 12, 2026 May 12, 2026

May 12, 2026

5.1 MEDIUM

CVE-2026-25088 — Fortinet FortiNDR SQL Injection Vulnerability

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiNDR 7.6.0 through 7.6.2, FortiNDR 7.4.0 through 7.4.9, FortiNDR 7.2 all versions…

Remote | Injection

May 12, 2026 May 12, 2026

May 12, 2026

Browse by Apps

Latest CVE Feed

Cookie Preferences