Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.1 CRITICAL
CVE-2026-34178 — Importing a crafted backup leads to project restriction bypass

In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a …

lxd | Remote | Misconfiguration
Apr 09, 2026 Apr 22, 2026
Apr 09, 2026
Apr 22, 2026
9.1 CRITICAL
CVE-2026-34177 — VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of k…

lxd | Remote | Misconfiguration
Apr 09, 2026 Apr 22, 2026
Apr 09, 2026
Apr 22, 2026
7.5 HIGH
CVE-2025-62188 — Apache DolphinScheduler: Users can access sensitive information through the actuator endp…

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, inclu…

dolphinscheduler | Remote | Information Disclosure
Apr 09, 2026 Apr 17, 2026
Apr 09, 2026
Apr 17, 2026
Showing 20 of 5783 Results