Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
0.0 NA
CVE-2026-39412 — LiquidJS has an ownPropertyOnly bypass via sort_natural filter — prototype property infor…

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.4, the sort_natural filter bypasses the ownPropertyOnly security option, allowing template authors t…

| Information Disclosure
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
0.0 NA
CVE-2026-39411 — LobeHub has an unauthenticated authentication bypass on `webapi` routes via forgeable `X-…

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, the webapi authentication layer trusts a client-controlled X-lobe-chat-…

| Authentication
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
0.0 NA
CVE-2026-39362 — InvenTree has SSRF via Remote Image Download — No IP/Hostname Validation on remote_image …

InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, when INVENTREE_DOWNLOAD_FROM_URL is enabled (opt-in), authenticated users can supply remote_image URLs that are fetc…

| Server-Side Request Forgery
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
0.0 NA
CVE-2026-35525 — LiquidJS has a root restriction bypass for partial and layout loading through symlinked t…

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for {% include %}, {% render %}, and {% layout %}, LiquidJS checks whether the candidate path is …

| Path Traversal
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
0.0 NA
CVE-2026-35479 — InvenTree Plugin Installation - Insufficient Permissions

InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, any users who have staff access permissions can install plugins via the API, without requiring "superuser" account a…

| Authorization
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
0.0 NA
CVE-2026-35476 — InvenTree Affected by Privilege Escalation via API

InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, a non-staff authenticated user can elevate their account to a staff level via a POST request against their user acco…

| Authorization
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
5.3 MEDIUM
CVE-2026-39851 — Saleor has a user enumeration vulnerability due to different error messages

Saleor is an e-commerce platform. From 2.10.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, the requestEmailChange() mutation was revealing the existence of user-provided email addresses in err…

Remote | Information Disclosure
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
7.3 HIGH
CVE-2026-35455 — immich has Stored XSS via OCR Text in 360° Panorama Viewer

immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting (XSS) in the 360° panorama viewer allows any authenticated user to execute a…

| Cross-Site Scripting
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
7.7 HIGH
CVE-2026-35446 — LORIS has a path traversal in FilesDownloadHandler

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From 24.0.0 to before 27.0.3 and 28.0.1,…

Remote | Path Traversal
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
5.9 MEDIUM
CVE-2026-35407 — Saleor has Cross-Account Email Change via Unbound Confirmation Token

Saleor is an e-commerce platform. From 2.10.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, a business-logic and authorization flaw was found in the account email change workflow, the confirmat…

Remote | Authorization
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
6.5 MEDIUM
CVE-2026-35403 — LORIS has potential cross-site scripting in survey_accounts module

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From 15.10 to before 27.0.3 and 28.0.1, …

Remote | Cross-Site Scripting
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
7.5 HIGH
CVE-2026-35401 — Saleor has a resource exhaustion vulnerability in GraphQL queries

Saleor is an e-commerce platform. From 2.0.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, a malicious actor can include many GraphQL mutations or queries in a single API call using aliases or …

Remote | Denial of Service
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
3.5 LOW
CVE-2026-35400 — LORIS incorrectly trusts user input in publication module

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1,…

Remote | Server-Side Request Forgery
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
8.7 HIGH
CVE-2026-35169 — LORIS has potential cross-site scripting in help_editor module

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From to before 27.0.3 and 28.0.1, the h…

Remote | Cross-Site Scripting
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
6.3 MEDIUM
CVE-2026-35165 — LORIS has incorrect access checks in document_repository

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From 21.0.0 to before 27.0.3 and 28.0.1,…

Remote | Authorization
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
6.3 MEDIUM
CVE-2026-34985 — LORIS has incorrect access checks in media module

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From 16.1.0 to before 27.0.3 and 28.0.1,…

Remote | Authorization
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
5.3 MEDIUM
CVE-2026-34837 — Zammad is miissing authorization in AI assistance controller for context data used in tex…

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, he REST endpoint POST /api/v1/ai_assistance/text_tools/:id contains an authorization failure. Context data (e.g., a…

Remote | Authorization
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
5.3 MEDIUM
CVE-2026-34782 — Zammad has improper access control in AI assistance controller for text tools

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the REST endpoint POST /api/v1/ai_assistance/text_tools/:id was not checking if a user is privileged to u…

Remote | Authorization
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
8.7 HIGH
CVE-2026-34724 — Zammad has a server-side template injection leading to RCE via AI Agent

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vulnerability which leads to RCE via AI Agent exists. Impact is limited to enviro…

Remote | Injection
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
8.7 HIGH
CVE-2026-34723 — Zammad has incorrect access control in getting_started_controller

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauthenticated remote attackers were able to access the getting started endpoint to get access to sensit…

Remote | Information Disclosure
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
Showing 20 of 6489 Results