Latest CVE Feed
CVE Intelligence
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Score
Vulnerability
Published
9.0
HIGH
CVE-2026-7151
— Tenda HG3 formIPv6Routing formUploadConfig stack-based overflow
A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6Routing. This manipulation of the argument destNet causes stack-based buffer ov…
Apr 27, 2026
Apr 30, 2026
Apr 27, 2026
Apr 30, 2026
8.8
HIGH
CVE-2026-6741
— LatePoint <= 5.4.1 - Authenticated (Agent+) Privilege Escalation to Administrator via 'co…
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 5.4.1. This is due to a missing authoriz…
Remote
|
Authorization
Apr 27, 2026
Apr 27, 2026
Apr 27, 2026
Apr 27, 2026
7.0
HIGH
CVE-2026-5394
— Pimcore Platform v12.3.3 - SQL Injection in DataObject composite index handling
An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled composite index metadata and trigger unintended SQL execution in the backend. …
Apr 27, 2026
May 05, 2026
Apr 27, 2026
May 05, 2026