Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.3 MEDIUM
CVE-2024-0391 — Username Enumeration via Email OTP Flow in Multiple WSO2 Products Allows User Account Dis…

The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the existence of registered user accounts. The discovery of valid use…

identity_server identity_server_as_key_manager open_banking_iam wso2_identity_server wso2_open_banking_iam wso2_identity_server_as_key_manager +2 more | Remote | Information Disclosure
May 11, 2026 May 27, 2026
May 11, 2026
May 27, 2026
6.5 MEDIUM
CVE-2026-43826 — Apache Airflow Providers OpenSearch: OpenSearch task-log handler leaks credentials embedd…

The OpenSearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:[email protected]:9200`), wrote the full host URL — including the embed…

apache-airflow-providers-opensearch | Remote | Information Disclosure
May 11, 2026 May 13, 2026
May 11, 2026
May 13, 2026
6.5 MEDIUM
CVE-2026-41018 — Apache Airflow Providers Elasticsearch: Elasticsearch task-log handler leaks credentials …

The Elasticsearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:[email protected]:9200`), wrote the full host URL — including the em…

apache-airflow-providers-elasticsearch | Remote | Information Disclosure
May 11, 2026 May 13, 2026
May 11, 2026
May 13, 2026
6.5 MEDIUM
CVE-2026-5084 — WebDyne::Session versions through 2.075 for Perl generates the session id insecurely

WebDyne::Session versions through 2.075 for Perl generates the session id insecurely. The session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function…

Remote | Cryptography
May 11, 2026 May 12, 2026
May 11, 2026
May 12, 2026
7.8 HIGH
CVE-2026-43500 — rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and th…

linux_kernel | Memory Corruption
May 11, 2026 May 17, 2026
May 11, 2026
May 17, 2026
Showing 20 of 7525 Results