Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.5 HIGH
CVE-2026-5710 — Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.6 - Unauthenticated Limite…

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary File Read in versions up to and including 1.3.9.6. This is due to t…

drag_and_drop_multiple_file_upload_-_contact_form_7 | Remote | Path Traversal
Apr 17, 2026 Apr 22, 2026
Apr 17, 2026
Apr 22, 2026
7.8 HIGH
CVE-2026-40320 — Giskard has an Unsandboxed Jinja2 Template Rendering in ConformityCheck

Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the ConformityCheck class rendered the rule parameter through Jinja2's default Template() constructor, silentl…

giskard | Denial of Service
Apr 17, 2026 Apr 24, 2026
Apr 17, 2026
Apr 24, 2026
5.5 MEDIUM
CVE-2026-40319 — Giskard has a Regular Expression Denial of Service (ReDoS) in RegexMatching Check

Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes a user-supplied regular expression pattern directly to Python's re.search() wit…

giskard | Denial of Service
Apr 17, 2026 Apr 24, 2026
Apr 17, 2026
Apr 24, 2026
7.9 HIGH
CVE-2025-65104 — Firebird: Information leak vulnerability in firebird3 client when used with newer server

Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher se…

firebird | Information Disclosure
Apr 17, 2026 Apr 24, 2026
Apr 17, 2026
Apr 24, 2026
Showing 20 of 6224 Results