2026-04-10
2026-04-10 17:17Z
HIGH

CVE-2026-35643 — Openclaw Openclaw: before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject arbitrary

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-35643

OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject arbitrary instructions. Untrusted pages can invoke the canvas bridge to execute malicious code within the Android application context. CVSSv3.1 8.8 (HIGH)

CWECWE 940VNDOpenclawTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-10
2026-04-10 17:17Z
HIGH

CVE-2026-35595 — Vikunja: Prior to 2.3.0, the CanUpdate check at pkg/models/project_permissions.go:139-148 only requires CanWrite on the new

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-35595

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the CanUpdate check at pkg/models/project_permissions.go:139-148 only requires CanWrite on the new parent project when changing parent_project_id. However, Vikunja's permission model uses a recursive CTE that walks up the project hierarchy to compute permissions. Moving a project under a different parent changes the permission inheritance chain. When a user has inherited Write access (from a paren CVSSv3.1 8.3 (HIGH)

CWECWE 269VNDVikunjaTYPVulnerability
8.3
CVSS v3.1
92
Edit Score
2026-04-10
2026-04-10 16:16Z
CRIT

CVE-2026-23781 — BMC: If left unchanged, these credentials can be easily obtained and may allow unauthorized access

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-23781

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A set of default debug user credentials is hardcoded in cleartext within the application package. If left unchanged, these credentials can be easily obtained and may allow unauthorized access to the MFT API debug interface. CVSSv3.1 9.8 (CRITICAL)

CWECWE 798VNDBmcTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-10
2026-04-10 15:57Z
INFO

Z-Hound — Single-file, browser-based Active Directory attack graph tool for SharpHound and AzureHound collection data. No server.

GitHub · AD attack tooling·github.comGITHUB POC

Z-Hound is a single-file, browser-based Active Directory attack graph visualization tool that parses SharpHound and AzureHound collection data without requiring Neo4j, server infrastructure, or installation. It provides interactive graph rendering, automated risk scoring, attack path analysis, NTLM relay chain synthesis, ADCS ESC detection, and Azure/Entra ID support—all processing occurs client-side in the browser with no data exfiltration.

SRFOsTACTA0006TACTA0007SRFIdentityVNDMicrosoftTYPResearchTYPToolSTGDiscovery
78
Edit Score
2026-04-10
2026-04-10 15:36Z
INFO

v3.4.0.56

Mythic releases·github.com

Mythic v3.4.0.56 released with a Dockerfile tag bump to match the release version. No detailed changelog or feature notes are provided in the GitHub release page.

VNDMythicTYPTool
15
Edit Score
2026-04-10
2026-04-10 15:16Z
CRIT

CVE-2026-36236 — Janobe Engineers_online_portal: SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-36236

SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the new_password parameter. CVSSv3.1 9.8 (CRITICAL)

CWECWE 89VNDJanobeVNDSourcecodesterTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-10
2026-04-10 15:16Z
CRIT

CVE-2026-36235 — Itsourcecode Online_student_enrollment_system: A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-36235

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation. CVSSv3.1 9.8 (CRITICAL)

CWECWE 89VNDItsourcecodeTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
728 × 90 / responsive · programmatic ad slot
2026-04-10
2026-04-10 15:16Z
CRIT

CVE-2026-36234 — Itsourcecode Online_student_enrollment_system: Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-36234

itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter. CVSSv3.1 9.8 (CRITICAL)

CWECWE 89VNDItsourcecodeVNDOnlineTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-10
2026-04-10 15:16Z
CRIT

CVE-2026-36233 — Itsourcecode Online_student_enrollment_system: A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-36233

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for appropriate cleaning or validation. CVSSv3.1 9.8 (CRITICAL)

CWECWE 89VNDItsourcecodeTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-10
2026-04-10 15:16Z
CRIT

CVE-2026-36232 — Itsourcecode Online_student_enrollment_system: A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-36232

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $_GET['classId'] is directly concatenated into the SQL query without any sanitization or validation. CVSSv3.1 9.8 (CRITICAL)

CWECWE 89VNDItsourcecodeTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-10
2026-04-10 15:16Z
CRIT

CVE-2026-29861 — PHP: PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php. CVSSv3.1 9.8 (CRITICAL)

CWECWE 89TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-10
2026-04-10 15:16Z
HIGH

CVE-2026-23780 — BMC: A SQL injection vulnerability in the MFT API's debug interface allows an authenticated attacker

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-23780

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A SQL injection vulnerability in the MFT API's debug interface allows an authenticated attacker to inject malicious queries due to improper input validation and unsafe dynamic SQL handling. Successful exploitation can enable arbitrary file read/write operations and potentially lead to remote code execution. CVSSv3.1 8.8 (HIGH)

CWECWE 89VNDBmcTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-10
2026-04-10 15:16Z
CRIT

CVE-2025-44560 — owntone-server 2ca10d9 is vulnerable to Buffer Overflow due to lack of recursive checking.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-44560

owntone-server 2ca10d9 is vulnerable to Buffer Overflow due to lack of recursive checking. CVSSv3.1 9.8 (CRITICAL)

CWECWE 120TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-10
2026-04-10 15:00Z
INFO

Janus: Listen to Your Logs

SpecterOps·specterops.io

SpecterOps released Janus, an open-source tool that parses C2 server logs (Mythic, Ghostwriter, Cobalt Strike) to surface operational friction—failed commands, retries, and workarounds—that normally disappear into scratch notes. The tool normalizes task/result telemetry into JSON, applies configurable retention controls, and generates analyzers across command, workflow, and tooling layers to identify which tools fail, which techniques require improvisation, and where operators lose time.

SRFApplicationTACTA0007TYPResearchTYPToolSTGDiscoverySTGCollection
72
Edit Score
2026-04-10
2026-04-10 14:57Z
INFO

v3.4.0.55

Mythic releases·github.com

Mythic v3.4.0.55 released with a Dockerfile tag bump to match the release version. No detailed changelog or feature/fix information is provided in the GitHub release page.

SRFApplicationVNDMythicTYPTool
15
Edit Score
2026-04-10
2026-04-10 14:16Z
CRIT

CVE-2026-6068 — Nasm Netwide_assembler: contains a heap use after free vulnerability in response file (-@) processing where

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-6068

NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code execution. CVSSv3.1 9.6 (CRITICAL) · EPSS 9th percentile

CWECWE 416VNDNasmTYPVulnerability
9.6
CVSS v3.1
98
Edit Score
2026-04-10
2026-04-10 14:16Z
HIGH

CVE-2026-40217 — LiteLLM: through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-40217

LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/test_custom_code URI. CVSSv3.1 8.8 (HIGH)

CWECWE 420VNDLitellmTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-10
2026-04-10 14:16Z
HIGH

CVE-2025-58913 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58913

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CactusThemes VideoPro videopro allows PHP Local File Inclusion.This issue affects VideoPro: from n/a through <= 2.3.8.1. CVSSv3.1 8.1 (HIGH) · EPSS 15th percentile

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-04-10
2026-04-10 13:42Z
INFO

v3.4.0.54

Mythic releases·github.com

Mythic v3.4.0.54 released with a Dockerfile tag bump to match the release version. No detailed changelog or feature notes are provided in the GitHub release page.

SRFApplicationVNDMythicTYPTool
15
Edit Score
2026-04-10
2026-04-10 13:16Z
CRIT

CVE-2026-5412 — Juju: This allows a low-privileged user to access sensitive credentials.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5412

In Juju versions prior to 2.9.57 and 3.6.21, an authorization issue exists in the Controller facade. An authenticated user can call the CloudSpec API method to extract the cloud credentials used to bootstrap the controller. This allows a low-privileged user to access sensitive credentials. This issue is resolved in Juju versions 2.9.57 and 3.6.21. CVSSv3.1 9.9 (CRITICAL)

CWECWE 285VNDJujuTYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2026-04-10
2026-04-10 10:16Z
CRIT

CVE-2026-6057 — FalkorDB: Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-6057

FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API that allows remote attackers to write arbitrary files and achieve remote code execution. CVSSv3.1 9.8 (CRITICAL)

CWECWE 22VNDFalkordbTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-10
2026-04-10 10:16Z
HIGH

CVE-2021-47961 — A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2021-47961

A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence the user's PIN code due to insecure storage. This may lead to unauthorized VPN configuration and potential interception of subsequent VPN traffic when combined with user interaction. CVSSv3.1 8.1 (HIGH)

CWECWE 256TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-04-10
2026-04-10 07:16Z
CRIT

CVE-2026-6029 — Totolink: The manipulation of the argument User results in os command injection.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-6029

A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument User results in os command injection. The attack may be launched remotely. The exploit is now public and may be used. CVSSv3.1 9.8 (CRITICAL)

CWECWE 77CWECWE 78VNDTotolinkTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-10
2026-04-10 07:16Z
CRIT

CVE-2026-6028 — The manipulation of the argument enable leads to os command injection.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-6028

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. CVSSv3.1 9.8 (CRITICAL)

CWECWE 77CWECWE 78TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-10
2026-04-10 07:16Z
CRIT

CVE-2026-6027 — Executing a manipulation of the argument enable can lead to os command injection.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-6027

A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. CVSSv3.1 9.8 (CRITICAL)

CWECWE 77CWECWE 78TYPVulnerability
9.8
CVSS v3.1
99
Edit Score