Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.3 MEDIUM
CVE-2026-34782 — Zammad has improper access control in AI assistance controller for text tools

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the REST endpoint POST /api/v1/ai_assistance/text_tools/:id was not checking if a user is privileged to u…

Remote | Authorization
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
8.7 HIGH
CVE-2026-34724 — Zammad has a server-side template injection leading to RCE via AI Agent

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vulnerability which leads to RCE via AI Agent exists. Impact is limited to enviro…

Remote | Injection
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
8.7 HIGH
CVE-2026-34723 — Zammad has incorrect access control in getting_started_controller

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauthenticated remote attackers were able to access the getting started endpoint to get access to sensit…

Remote | Information Disclosure
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
6.9 MEDIUM
CVE-2026-34722 — Zammad is missing authorization in ticket create endpoint

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the used endpoint for ticket creation was missing authorization if the related parameter for adding links…

Remote | Authorization
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
5.9 MEDIUM
CVE-2026-34721 — Zammad has Cross-site request forgery (CSRF) in OAuth callback endpoints

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the OAuth callback endpoints for Microsoft, Google, and Facebook external credentials do not validate a C…

Remote | Cross-Site Request Forgery
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
2.3 LOW
CVE-2026-34720 — Zammad has an origin validation error in SSO mechanism

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the SSO mechanism in Zammad was not verifying the header originates from a trusted SSO proxy/gateway befo…

Remote | Authentication
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
8.3 HIGH
CVE-2026-34719 — Zammad has a Server-side request forgery (SSRF) via webhooks

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the webhook model was missing a proper validation for loop back addresses, or link-local addresses — only…

Remote | Server-Side Request Forgery
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
5.3 MEDIUM
CVE-2026-34718 — Zammad improperly neutralizes of script-related HTML tags in ticket articles

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the HTML sanitizer for ticket articles was missing proper sanitization of data: ... URI schemes, resultin…

Remote | Cross-Site Scripting
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
7.5 HIGH
CVE-2026-34392 — LORIS has a path traversal in static router

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1,…

Remote | Path Traversal
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
2.1 LOW
CVE-2026-34248 — Zammad has an information disclosure in ticket detail view of customers in shared organiz…

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, customers in shared organizations (means they can see each other's tickets) could see fields which are not intended…

Remote | Authorization
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
3.7 LOW
CVE-2026-34166 — LiquidJS has a Memory Limit Bypass via Quadratic Amplification in `replace` Filter

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, the replace filter in LiquidJS incorrectly accounts for memory usage when the memoryLimit option …

Remote | Denial of Service
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
7.5 HIGH
CVE-2026-33350 — LORIS has a SQL injection in MRI feedback popup

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to 27.0.3 and 28.0.1, a SQL inject…

Remote | Injection
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
8.5 HIGH
CVE-2026-30818 — OS Command Injection Vulnerability in dnsmasq Module in TP-Link AX53

An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file…

| Injection
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
6.8 MEDIUM
CVE-2026-30817 — Arbitrary File Reading Vulnerability in dnsmasq Module in TP-Link AX53

An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is pro…

| Misconfiguration
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
6.8 MEDIUM
CVE-2026-30816 — Arbitrary File Reading Vulnerability in OpenVPN Module in TP-Link AX53

An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is p…

| Misconfiguration
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
8.5 HIGH
CVE-2026-30815 — OS Command Injection Vulnerability in OpenVPN Module in TP-Link AX53

An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration fil…

| Injection
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
7.3 HIGH
CVE-2026-30814 — Buffer Overflow Vulnerability in TP-Link AX53

A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via …

| Memory Corruption
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
9.8 CRITICAL
CVE-2026-2942 — ProSolution WP Client <= 1.9.9 - Unauthenticated Arbitrary File Upload via proSol_fileUpl…

The ProSolution WP Client plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'proSol_fileUploadProcess' function in all versions up to, and includ…

Remote | Misconfiguration
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
7.8 HIGH
CVE-2026-27806 — Fleet Affected by Local Privilege Escalation via Tcl Command Injection in Orbit

Fleet is open source device management software. Prior to 4.81.1, the Orbit agent's FileVault disk encryption key rotation flow on collects a local user's password via a GUI dialog and interpolates i…

| Injection
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
6.6 MEDIUM
CVE-2026-20709 — Intel Pentium and Celeron Processor Default Cryptographic Key Escalation of Privilege Vul…

Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an esca…

| Cryptography
Apr 08, 2026 Apr 08, 2026
Apr 08, 2026
Apr 08, 2026
Showing 20 of 6503 Results