Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.8 HIGH
CVE-2026-4525 — Vault Token Leaked to Backends via Authorization: Bearer Passthrough Header

If a Vault auth mount is configured to pass through the "Authorization" header, and the "Authorization" header is used to authenticate to Vault, Vault forwarded the Vault token to the auth plugin bac…

vault | Remote | Authentication
Apr 17, 2026 Apr 27, 2026
Apr 17, 2026
Apr 27, 2026
8.1 HIGH
CVE-2026-3605 — Vault KVv2 Metadata and Secret Deletion Policy Bypass Denial-of-Service

An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulne…

vault | Authorization
Apr 17, 2026 Apr 25, 2026
Apr 17, 2026
Apr 25, 2026
7.2 HIGH
CVE-2026-5231 — WP Statistics <= 14.16.4 - Unauthenticated Stored Cross-Site Scripting via 'utm_source' P…

The WP Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'utm_source' parameter in all versions up to, and including, 14.16.4. This is due to insufficient input san…

wp_statistics | Remote | Cross-Site Scripting
Apr 17, 2026 Apr 22, 2026
Apr 17, 2026
Apr 22, 2026
6.4 MEDIUM
CVE-2026-5162 — Royal Addons for Elementor <= 1.7.1056 - Authenticated (Contributor+) Stored Cross-Site S…

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagram_follow_text' setting in all versions up to, and including, …

royal_elementor_addons | Remote | Cross-Site Scripting
Apr 17, 2026 Apr 22, 2026
Apr 17, 2026
Apr 22, 2026
6.5 MEDIUM
CVE-2026-4817 — MasterStudy LMS <= 3.7.25 - Authenticated (Subscriber+) Time-based Blind SQL Injection vi…

The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulnerable to Time-based Blind SQL Injection via the 'order' and 'orderby' parameters in the /lms/stm-lms…

masterstudy_lms | Remote | Injection
Apr 17, 2026 Apr 22, 2026
Apr 17, 2026
Apr 22, 2026
6.5 MEDIUM
CVE-2026-3488 — WP Statistics <= 14.16.4 - Missing Authorization to Authenticated (Subscriber+) Sensitive…

The WP Statistics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 14.16.4. This is due to missing capability checks on multiple AJAX handlers includi…

wp_statistics | Remote | Authorization
Apr 17, 2026 Apr 22, 2026
Apr 17, 2026
Apr 22, 2026
5.4 MEDIUM
CVE-2026-40922 — SiYuan: Incomplete sanitization of bazaar README allows stored XSS via iframe srcdoc (inc…

SiYuan is an open-source personal knowledge management system. In versions 3.6.1 through 3.6.3, a prior fix for XSS in bazaar README rendering (incomplete fix for CVE-2026-33066) enabled the Lute HTM…

siyuan | Remote | Cross-Site Scripting
Apr 17, 2026 Apr 20, 2026
Apr 17, 2026
Apr 20, 2026
5.9 MEDIUM
CVE-2026-40265 — Note Mark has Broken Access Control on Asset Download

Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset download endpoint at /api/notes/{noteID}/assets/{assetID} is registered without authentication middleware,…

note_mark | Remote | Authorization
Apr 17, 2026 Apr 17, 2026
Apr 17, 2026
Apr 17, 2026
3.7 LOW
CVE-2026-40263 — Note Mark: Username Enumeration via Login Endpoint Timing Side-Channel

Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the login endpoint performs bcrypt password verification only when the supplied username exists, returning immediate…

note_mark | Remote | Information Disclosure
Apr 17, 2026 Apr 17, 2026
Apr 17, 2026
Apr 17, 2026
8.7 HIGH
CVE-2026-40262 — Note Mark has Stored XSS via Unrestricted Asset Upload

Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset delivery handler serves uploaded files inline and relies on magic-byte detection for content type, which d…

note_mark | Remote | Cross-Site Scripting
Apr 17, 2026 Apr 17, 2026
Apr 17, 2026
Apr 17, 2026
6.9 MEDIUM
CVE-2026-40260 — pypdf: Manipulated XMP metadata entity declarations can exhaust RAM

pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can cra…

pypdf | Remote | Denial of Service
Apr 17, 2026 Apr 22, 2026
Apr 17, 2026
Apr 22, 2026
8.6 HIGH
CVE-2026-22734 — Cloud Foundry UAA SAML 2.0 Signature Bypass

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions …

Remote | Authentication
Apr 17, 2026 Apr 17, 2026
Apr 17, 2026
Apr 17, 2026
Showing 20 of 6252 Results