Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.9 MEDIUM
CVE-2026-40178 — ajenti.plugin.core has a race conditions in 2FA

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an …

ajenti | Remote | Authentication
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
9.3 CRITICAL
CVE-2026-40177 — Password bypass when 2FA is activated

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerabil…

ajenti | Remote | Authentication
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
10.0 CRITICAL
CVE-2026-40175 — Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0, the Axios library is vulnerable to a specific "Gadget" attack chain that allows Prototype Pollution in any third-par…

axios | Remote | Supply Chain
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
8.2 HIGH
CVE-2026-40168 — Postiz has Server-Side Request Forgery via Redirect Bypass in /api/public/stream

Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the initially supplied URL and blocks direct p…

postiz | Remote | Server-Side Request Forgery
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
5.3 MEDIUM
CVE-2026-39922 — GeoNode < 4.4.5, 5.0.2 SSRF via Service Registration

GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability in the service registration endpoint that allows authenticated attackers to trigger outbound…

geonode | Remote | Server-Side Request Forgery
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
5.3 MEDIUM
CVE-2026-39921 — GeoNode < 4.4.5, 5.0.2 SSRF via Document Upload

GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability that allows authenticated users with document upload permissions to trigger arbitrary outbou…

geonode | Remote | Server-Side Request Forgery
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.7 HIGH
CVE-2026-32252 — Chartbrew Cross-Tenant Template Export and Secret Disclosure in `GET /team/:team_id/templ…

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.9.0, a cross-tenant authorization bypass exists in Chartbrew …

chartbrew | Remote | Authorization
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.8 HIGH
CVE-2026-30232 — Chartbrew has SSRF in API Data Connection - No IP Validation on User-Provided URLs

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.8.5, Chartbrew allows authenticated users to create API data …

chartbrew | Remote | Server-Side Request Forgery
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
6.0 MEDIUM
CVE-2026-3446 — Base64 decoding stops at first padded quad by default

When calling base64.b64decode() or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This ca…

python | Remote | Misconfiguration
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
5.3 MEDIUM
CVE-2026-33737 — Chamilo LMS has an XML External Entity (XXE) Injection

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, multiple files use simplexml_load_string() without XXE protection. With LIBXML_NOENT flag, arbitrary server files can be …

chamilo_lms | Remote | XML External Entity
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
6.5 MEDIUM
CVE-2026-33736 — Chamilo LMS has an Insecure Direct Object Reference (IDOR) - User Data Exposure

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user (including ROLE_STUDENT) can enumerate all platform users and access personal information (email, phone, roles…

chamilo_lms | Remote | Authorization
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.5 HIGH
CVE-2026-33710 — Chamilo LMS has Weak REST API Key Generation (Predictable)

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, REST API keys are generated using md5(time() + (user_id * 5) - rand(10000, 10000)). The rand(10000, 10000) call always re…

chamilo_lms | Remote | Authentication
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
6.5 MEDIUM
CVE-2026-33708 — Chamilo LMS has REST API PII Exposure via get_user_info_from_username

Chamilo LMS is a learning management system. Prior to 1.11.38, the get_user_info_from_username REST API endpoint returns personal information (email, first name, last name, user ID, active status) of…

chamilo_lms | Remote | Authorization
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
9.4 CRITICAL
CVE-2026-33707 — Weak Password Recovery Mechanism for Forgotten Password in chamilo/chamilo-lms

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, the default password reset mechanism generates tokens using sha1($email) with no random component, no expiration, and no …

chamilo_lms | Remote | Authentication
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-33706 — Chamilo LMS has a REST API Self-Privilege Escalation (Student → Teacher)

Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user with a REST API key can modify their own status field via the update_user_from_username endpoint. A student (stat…

chamilo_lms | Remote | Authorization
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
5.3 MEDIUM
CVE-2026-33705 — Chamilo LMS has unauthenticated access to Twig template source files exposes application …

Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files (.tpl) under /main/template/default/ are directly accessible without authentication via HTTP GET requests. These tem…

chamilo_lms | Remote | Information Disclosure
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-33704 — Chamilo LMS Affected by Authenticated Arbitrary File Write via BigUpload endpoint

Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user (including students) can write arbitrary content to files on the server via the BigUpload endpoint. The key param…

chamilo_lms | Remote | Path Traversal
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-33703 — Chamilo LMS Critical IDOR: Any Authenticated User Can Extract All Users’ Personal Data an…

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the /social-network/personal-data/{userId} endpoint allows any authentica…

chamilo_lms | Remote | Information Disclosure
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
7.1 HIGH
CVE-2026-33702 — Chamilo LMS has an Insecure Direct Object Reference (IDOR)

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an Insecure Direct Object Reference (IDOR) vulnerability in the Learning Path progress saving endpoi…

chamilo_lms | Remote | Authorization
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
9.3 CRITICAL
CVE-2026-33698 — Chamilo LMS affected by unauthenticated RCE in main/install folder

Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code from the main/install/ directory and allow an unauthenticated attacker to modify …

chamilo_lms | Remote | Misconfiguration
Apr 10, 2026 Apr 10, 2026
Apr 10, 2026
Apr 10, 2026
Showing 20 of 6224 Results