Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.8 CRITICAL
CVE-2026-29649 — NEMU RISC-V Hypervisor CSR Handling Implementation Flaw

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg[7:4] (CBIE/CBCFE/CBZE-related fields) is incorrectly masked/updated based on menvcfg[7:4], so a machine-mode w…

nemu | Remote | Misconfiguration
Apr 20, 2026 Apr 24, 2026
Apr 20, 2026
Apr 24, 2026
7.5 HIGH
CVE-2026-29645 — NEMU RISC-V Vector Decoder Improper Instruction Validation

NEMU (OpenXiangShan/NEMU) before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector (RVV) decoder. The decoder does not correctly validate the funct3 field when decodin…

nemu | Remote | Misconfiguration
Apr 20, 2026 Apr 24, 2026
Apr 20, 2026
Apr 24, 2026
8.1 HIGH
CVE-2026-6248 — wpForo Forum <= 3.0.5 - Authenticated (Subscriber+) Arbitrary File Deletion via Custom Pr…

The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.5. This is due to two compounding flaws: the Members::update() method does not valid…

wpforo_forum | Remote | Path Traversal
Apr 20, 2026 Apr 22, 2026
Apr 20, 2026
Apr 22, 2026
4.5 MEDIUM
CVE-2026-6060 — Possible DoS via SQL Box

A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS…

otrs | Remote | Denial of Service
Apr 20, 2026 Apr 21, 2026
Apr 20, 2026
Apr 21, 2026
Showing 20 of 6404 Results