Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.5 MEDIUM
CVE-2026-5653 — Heap-based Buffer Overflow in Wireshark

DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-5409 — Uncontrolled Recursion in Wireshark

Monero protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-5408 — Uncontrolled Recursion in Wireshark

BT-DHT protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-5407 — Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-5406 — Uncontrolled Recursion in Wireshark

FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
8.8 HIGH
CVE-2026-5402 — Heap-based Buffer Overflow in Wireshark

TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution

Remote | Memory Corruption
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-5401 — Uncontrolled Recursion in Wireshark

AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-5299 — Uncontrolled Recursion in Wireshark

ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
4.0 MEDIUM
CVE-2026-42798 — Little CMS Integer Overflow Vulnerability

Little CMS (lcms2) 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c.

| Memory Corruption
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
0.0 NA
CVE-2026-42511 — Remote code execution via malicious DHCP options

The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by …

| Injection
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
6.1 MEDIUM
CVE-2026-41226 — Ricoh Web Image Monitor Open Redirect Vulnerability

Open redirect vulnerability exists in Multiple laser printers and MFPs which implement Ricoh Web Image Monitor. When accessing a specially crafted URL, the user may be redirected to an arbitrary webs…

| Misconfiguration
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
8.7 HIGH
CVE-2024-39847 — Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Serve…

Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adja…

Remote | XML External Entity
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-7379 — Missing Release of Memory after Effective Lifetime in Wireshark

Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-7378 — Heap-based Buffer Overflow in Wireshark

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-7376 — NULL Pointer Dereference in Wireshark

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-7375 — Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
5.5 MEDIUM
CVE-2026-6868 — Stack-based Buffer Overflow in Wireshark

HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

| Denial of Service
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
7.1 HIGH
CVE-2025-13030 — Django-mdeditor Missing Authentication for Critical Function RCE

All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary c…

Remote | Authentication
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
9.0 HIGH
CVE-2026-7470 — Tenda 4G300 SafeMacFilter sub_427C3C stack-based overflow

A flaw has been found in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. Affected is the function sub_427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based…

Remote | Memory Corruption
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
6.5 MEDIUM
CVE-2026-7469 — Tenda 4G300 DelFil sub_425A28 command injection

A vulnerability was detected in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. This impacts the function sub_425A28 of the file /goform/DelFil. The manipulation of the argument delflag results in comm…

Remote | Injection
Apr 30, 2026 Apr 30, 2026
Apr 30, 2026
Apr 30, 2026
Showing 20 of 5930 Results