Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
0.0 NA
CVE-2026-6048 — Flipbox Addon for Elementor <= 2.1.1 - Authenticated (Author+) Stored Cross-Site Scriptin…

The Flipbox Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Flipbox widget's button URL `custom_attributes` field in all versions up to, and including, 2…

| Cross-Site Scripting
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
0.0 NA
CVE-2026-6518 — CMP – Coming Soon & Maintenance Plugin by NiteoThemes <= 4.1.16 - Missing Authorization t…

The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to arbitrary file upload and remote code execution in all versions up to, and including, 4.1.16 via the `c…

| Authentication
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
0.0 NA
CVE-2026-4801 — Page Builder Gutenberg Blocks <= 3.1.16 - Authenticated (Contributor+) Stored Cross-Site …

The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insuffic…

| Cross-Site Scripting
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
9.8 CRITICAL
CVE-2026-40494 — SAIL has heap buffer overflow in TGA RLE decoder — raw packet path missing bounds check

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE de…

Remote | Memory Corruption
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
9.8 CRITICAL
CVE-2026-40493 — SAIL has heap buffer overflow in PSD decoder — bpp mismatch in LAB 16-bit mode

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes…

Remote | Memory Corruption
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
9.8 CRITICAL
CVE-2026-40492 — SAIL has heap buffer overflow in XWD decoder — bits_per_pixel vs pixmap_depth type confus…

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves…

Remote | Memory Corruption
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
6.5 MEDIUM
CVE-2026-40491 — gdown Affected by Arbitrary File Write via Path Traversal in gdown.extractall

gdown is a Google Drive public file/folder downloader. Versions prior to 5.2.2 are vulnerable to a Path Traversal attack within the extractall functionality. When extracting a maliciously crafted ZIP…

Remote | Path Traversal
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
6.8 MEDIUM
CVE-2026-40490 — AsyncHttpClient leaks authorization credentials to untrusted domains on cross-origin redi…

The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When redirect following is enabled (followRedirect(true)), versio…

Remote | Authentication
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
8.6 HIGH
CVE-2026-40489 — editorconfig-core-c has incomplete fix for CVE-2023-0341

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ec_glob() that allo…

| Memory Corruption
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
8.9 HIGH
CVE-2026-40487 — Postiz Has Unrestricted File Upload via MIME Type Spoofing that Leads to Stored XSS

Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file upload validation bypass allows any authenticated user to upload arbitrary HTML, SVG, or other executable file types to t…

Remote | Cross-Site Scripting
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
8.8 HIGH
CVE-2026-35582 — Emissary has an OS Command Injection via Unvalidated IN_FILE_ENDING / OUT_FILE_ENDING in …

Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and below, Executrix.getCommand() is vulnerable to OS command injection because it interpolates temporary file paths into a /b…

| Injection
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
6.1 MEDIUM
CVE-2026-1838 — Hostel <= 1.1.6 - Reflected Cross-Site Scripting via 'shortcode_id' Parameter

The Hostel plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcode_id' parameter in all versions up to, and including, 1.1.6 due to insufficient input sanitization and…

Remote | Cross-Site Scripting
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
6.4 MEDIUM
CVE-2026-1559 — Youzify <= 1.3.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'checkin_p…

The Youzify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'checkin_place_id' parameter in all versions up to, and including, 1.3.6 due to insufficient input sanitization a…

Remote | Cross-Site Scripting
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
9.0 CRITICAL
CVE-2026-40572 — NovumOS has Arbitrary Memory Mapping via Syscall 15 (MemoryMapRange)

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 (MemoryMapRange) allows Ring 3 user-mode processes to map arbitrary virtual address …

| Memory Corruption
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
8.8 HIGH
CVE-2026-40350 — Movary User Management (/settings/users) has Authorization Bypass that Allows Low-Privile…

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can access the user-management endpoints `/settings/users` and use t…

Remote | Authentication
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
9.3 CRITICAL
CVE-2026-40317 — NovumOS has Privilege Escalation in the Syscall Interface

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 (JumpToUser) accepts an arbitrary entry point address from user-space registers with…

| Authentication
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
7.5 HIGH
CVE-2026-35465 — SecureDrop Client has path injection in read_gzip_header_filename()

SecureDrop Client is a desktop app for journalists to securely communicate with sources and handle submissions on the SecureDrop Workstation. In versions 0.17.4 and below, a compromised SecureDrop Se…

Remote | Path Traversal
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
4.8 MEDIUM
CVE-2026-40593 — ChurchCRM: Stored XSS in UserEditor.php via Login Name Field

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the User Editor (UserEditor.php) renders stored usernames directly into an HTML input value attribute without applyin…

Remote | Cross-Site Scripting
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
9.1 CRITICAL
CVE-2026-40582 — ChurchCRM: Authentication Bypass in `/api/public/user/login` Allows Bypass of 2FA and Acc…

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the /api/public/user/login endpoint validates only the username and password before returning the user's API key, byp…

Remote | Authentication
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
8.1 HIGH
CVE-2026-40581 — ChurchCRM: Cross-Site Request Forgery (CSRF) in SelectDelete.php Leading to Permanent Dat…

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the family record deletion endpoint (SelectDelete.php) performs permanent, irreversible deletion of family records an…

Remote | Cross-Site Request Forgery
Apr 18, 2026 Apr 18, 2026
Apr 18, 2026
Apr 18, 2026
Showing 20 of 6504 Results