Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
3.1 LOW
CVE-2026-33405 — Pi-hole has a Stored HTML Injection in queries.js

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, the formatInfo() function in queries.js renders …

| Cross-Site Scripting
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
0.0 NA
CVE-2026-31354 — Feehi CMS Cross-Site Scripting (XSS) Vulnerability

Multiple authenticated stored cross-site scripting (XSS) vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafte…

| Cross-Site Scripting
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
0.0 NA
CVE-2026-31353 — Feehi CMS Stored XSS Vulnerability

An authenticated stored cross-site scripting (XSS) vulnerability in the Category module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload i…

| Cross-Site Scripting
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
0.0 NA
CVE-2026-31352 — Feehi CMS Cross-Site Scripting

An authenticated stored cross-site scripting (XSS) vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted pa…

| Cross-Site Scripting
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
0.0 NA
CVE-2026-31351 — Feehi CMS Stored Cross-Site Scripting (XSS)

An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted p…

| Cross-Site Scripting
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
0.0 NA
CVE-2026-31350 — Feehi CMS Stored Cross-Site Scripting Vulnerability

An authenticated stored cross-site scripting (XSS) vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Page Sign param…

| Cross-Site Scripting
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.8 HIGH
CVE-2026-21382 — Buffer Copy Without Checking Size of Input in Power Management IC

Memory Corruption when handling power management requests with improperly sized input/output buffers.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.6 HIGH
CVE-2026-21381 — Buffer Over-read in WLAN Firmware

Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.

Remote | Denial of Service
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.8 HIGH
CVE-2026-21380 — Use After Free in DSP Service

Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.8 HIGH
CVE-2026-21378 — Buffer Over-read in Camera

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.8 HIGH
CVE-2026-21376 — Buffer Over-read in Camera

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.8 HIGH
CVE-2026-21375 — Buffer Over-read in Camera

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.8 HIGH
CVE-2026-21374 — Buffer Over-read in Camera

Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.8 HIGH
CVE-2026-21373 — Buffer Over-read in Camera

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.8 HIGH
CVE-2026-21372 — Heap-Based Buffer Overflow in Power Management IC

Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.8 HIGH
CVE-2026-21371 — Buffer Over-read in WinBlast Driver

Memory Corruption when retrieving output buffer with insufficient size validation.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.6 HIGH
CVE-2026-21367 — Buffer Over-read in WLAN Firmware

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.

Remote | Denial of Service
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.1 HIGH
CVE-2025-47400 — Buffer Over-read in Computer Vision

Cryptographic issue while copying data to a destination buffer without validating its size.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
8.8 HIGH
CVE-2025-47392 — Integer Overflow or Wraparound in GPS

Memory corruption when decoding corrupted satellite data files with invalid signature offsets.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
7.8 HIGH
CVE-2025-47391 — Stack-based Buffer Overflow in Camera Driver

Memory corruption while processing a frame request from user.

| Memory Corruption
Apr 06, 2026 Apr 06, 2026
Apr 06, 2026
Apr 06, 2026
Showing 20 of 5949 Results