Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.1 CRITICAL
CVE-2026-34950 — fast-jwt has an incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace…

fast-jwt provides fast JSON Web Token (JWT) implementation. In 6.1.0 and earlier, the publicKeyPemMatcher regex in fast-jwt/src/crypto.js uses a ^ anchor that is defeated by any leading whitespace in…

fast-jwt | Remote | Cryptography
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
0.0 NONE
CVE-2026-34940 — KubeAI has an OS Command Injection via Model URL in Ollama Engine startup probe allows ar…

KubeAI is an AI inference operator for kubernetes. Prior to 0.23.2, the ollamaStartupProbeScript() function in internal/modelcontroller/engine_ollama.go constructs a shell command string using fmt.Sp…

Remote | Injection
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
2.3 LOW
CVE-2026-34764 — Electron has a use-after-free in offscreen shared texture release() callback

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 33.0.0-alpha.1 to before 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, apps that use offscre…

electron | Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
6.5 MEDIUM
CVE-2026-34756 — vLLM Affected by Unauthenticated OOM Denial of Service via Unbounded `n` Parameter in Ope…

vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.19.0, a Denial of Service vulnerability exists in the vLLM OpenAI-compatible API server. Due to the la…

vllm | Remote | Denial of Service
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
6.5 MEDIUM
CVE-2026-34755 — vLLM Affected by Denial of Service via Unbounded Frame Count in video/jpeg Base64 Process…

vLLM is an inference and serving engine for large language models (LLMs). From 0.7.0 to before 0.19.0, the VideoMediaIO.load_base64() method at vllm/multimodal/media/video.py splits video/jpeg data U…

vllm | Remote | Denial of Service
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
5.4 MEDIUM
CVE-2026-34753 — vLLM affected by Server-Side Request Forgery (SSRF) in `download_bytes_from_url `

vLLM is an inference and serving engine for large language models (LLMs). From 0.16.0 to before 0.19.0, a server-side request forgery (SSRF) vulnerability in download_bytes_from_url allows any actor …

vllm | Remote | Server-Side Request Forgery
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
8.4 HIGH
CVE-2026-34589 — OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, the DWA …

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
8.6 HIGH
CVE-2026-34588 — OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internal…

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.9 HIGH
CVE-2026-34444 — Lupa has a Sandbox escape and RCE due to incomplete attribute_filter enforcement in getat…

Lupa integrates the runtimes of Lua or LuaJIT2 into CPython. In 2.6 and earlier, attribute_filter is not consistently applied when attributes are accessed through built-in functions like getattr and …

Remote | Authentication
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
8.1 HIGH
CVE-2026-34402 — Time Based Blind SQL Injection via Property Value in ChurchCRM

ChurchCRM is an open-source church management system. Prior to 7.1.0, authenticated users with Edit Records or Manage Groups permissions can exploit a time-based blind SQL injection vulnerability in …

Remote | Injection
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
5.9 MEDIUM
CVE-2026-34380 — OpenEXR has a signed integer overflow (undefined behavior) in undo_pxr24_impl may allow b…

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a signed…

Remote | Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.1 HIGH
CVE-2026-34379 — OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (…

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a misali…

Remote | Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
6.5 MEDIUM
CVE-2026-34378 — OpenEXR has a signed integer overflow in generic_unpack() when parsing EXR files with cra…

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on …

Remote | Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
6.9 MEDIUM
CVE-2026-34217 — SandboxJS has a Sandbox Escape via Prop Object Leak in New Handler

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, a scope modification vulnerability exists in @nyariv/sandboxjs. The vulnerability allows untrusted sandboxed code to leak internal inter…

Remote | Information Disclosure
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
6.9 MEDIUM
CVE-2026-34211 — SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, the @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker …

Remote | Denial of Service
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
10.0 CRITICAL
CVE-2026-34208 — SandboxJS: Sandbox integrity escape

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, SandboxJS blocks direct assignment to global objects (for example Math.random = ...), but this protection can be bypassed through an exp…

Remote | Misconfiguration
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.5 HIGH
CVE-2026-34148 — Fedify affected by resource exhaustion caused by unbounded redirect following during remo…

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to 1.9.6, 1.10.5, 2.0.8, and 2.1.1, @fedify/fedify follows HTTP redirects recursively in its remote doc…

Remote | Misconfiguration
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
8.6 HIGH
CVE-2026-33752 — Redirect-based SSRF leading to internal network access in curl_cffi (with TLS impersonati…

curl_cffi is the a Python binding for curl. Prior to 0.15.0, curl_cffi does not restrict requests to internal IP ranges, and follows redirects automatically via the underlying libcurl. Because of thi…

Remote | Server-Side Request Forgery
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
6.4 MEDIUM
CVE-2026-33727 — Pi-hole has a Local Privilege Escalation (post-compromise, pihole -> root).

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. Version 6.4 has a local privilege-escalation vulnerability allows code execution as root from the low-privile…

| Authentication
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
3.1 LOW
CVE-2026-33405 — Pi-hole has a Stored HTML Injection in queries.js

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, the formatInfo() function in queries.js renders …

| Cross-Site Scripting
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
Showing 20 of 6004 Results