2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5871 — Google Chrome: Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5871

Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)

CWECWE 843VNDGoogleVNDTypeTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5870 — Google Chrome: Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5870

Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)

CWECWE 190CWECWE 472VNDGoogleTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5868 — Google Chrome: Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5868

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)

CWECWE 122VNDGoogleVNDHeapTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5866 — Google Chrome: Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5866

Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)

CWECWE 416VNDGoogleTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5865 — Google Chrome: Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5865

Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)

CWECWE 843VNDGoogleVNDTypeTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5863 — Google Chrome: Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5863

Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)

VNDGoogleVNDInappropriateTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5862 — Google Chrome: Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5862

Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)

VNDGoogleVNDInappropriateTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
728 × 90 / responsive · programmatic ad slot
2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5861 — Google Chrome: Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5861

Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)

CWECWE 416VNDGoogleTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5860 — Google Chrome: Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5860

Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)

CWECWE 416VNDGoogleTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5859 — Google Chrome: Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5859

Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) CVSSv3.1 8.8 (HIGH)

CWECWE 472VNDGoogleTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 22:16Z
HIGH

CVE-2026-5858 — Google Chrome: Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5858

Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) CVSSv3.1 8.8 (HIGH)

CWECWE 122VNDGoogleVNDHeapTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 22:16Z
CRIT

CVE-2026-40035 — Unfurl: through 2025.08 contains an improper input validation vulnerability in config parsing that enables

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-40035

Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by default. The debug configuration value is read as a string and passed directly to app.run(), causing any non-empty string to evaluate truthy, allowing attackers to access the Werkzeug debugger and disclose sensitive information or achieve remote code execution. CVSSv3.1 9.1 (CRITICAL)

CWECWE 489VNDUnfurlTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-04-08
2026-04-08 22:00Z
HIGH

Tearing down a car telematic unit (and finding an accident on Facebook)

Quarkslab·blog.quarkslab.com

Quarkslab researchers performed a physical teardown and firmware extraction of a BYD vehicle telematic unit (TCU) containing a Qualcomm MDM9628 modem. Analysis of the extracted filesystem revealed cleartext Wi-Fi credentials, unauthenticated guest access, enabled debugging interfaces (ADB, Telnet), and forensic GNSS logs that reconstructed the vehicle's complete journey across three countries and correlated to a real accident via OSINT.

SRFHardwareVNDQualcommVNDBydTYPResearchTYPWriteupSTGDiscoverySTGCollectionTECT1005
78
Edit Score
2026-04-08
2026-04-08 21:44Z
HIGH

kernel-hack-drill — Linux kernel exploitation experiments

GitHub · kernel exploits·github.comGITHUB POC

kernel-hack-drill is an open-source Linux kernel exploitation playground providing intentionally vulnerable kernel modules and corresponding proof-of-concept exploits. The repository demonstrates fundamental kernel exploitation techniques including use-after-free (UAF), out-of-bounds writes, and privilege escalation via ROP chains, Dirty Pipe, and page table manipulation on x86_64 systems.

SRFOsTACTA0004TACTA0005TYPResearchTYPToolTYPWriteupSTGDefense EvasionSTGPrivesc
72
Edit Score
2026-04-08
2026-04-08 21:25Z
INFO

v9.0.0-rc3

BloodHound releases·github.com

BloodHound v9.0.0-rc3 release candidate published with bug fixes and feature updates including auditor permission bypass fix (BED-7764), UI alignment corrections, and client bearer auth feature flag enablement. This is a pre-release version in the v9.0.0 development cycle.

VNDBloodhoundVNDSpecteropsTYPTool
28
Edit Score
2026-04-08
2026-04-08 21:17Z
HIGH

CVE-2026-5436 — Form: The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5436

The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1. This is due to insufficient validation of the $name parameter (upload field key) passed to the generate_user_file_dirpath() function, which uses WordPress's path_join() — a function that returns absolute paths unchanged, discarding the intended base directory. The attacker-controlled key is injected via the mwf_upload_files[] POST parameter, which is loaded CVSSv3.1 8.1 (HIGH) · EPSS 47th percentile

CWECWE 22VNDFormTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-04-08
2026-04-08 21:17Z
CRIT

CVE-2026-39892 — Cryptography.io Cryptography: Hash.update()), this could lead to buffer overflows.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulnerability is fixed in 46.0.7. CVSSv3.1 9.8 (CRITICAL)

CWECWE 119CWECWE 131VNDCryptography IoTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-08
2026-04-08 21:17Z
HIGH

CVE-2026-39891 — PraisonAI: Prior to 4.5.115, the create_agent_centric_tools() function returns tools (like acp_create_file) that process file content

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-39891

PraisonAI is a multi-agent teams system. Prior to 4.5.115, the create_agent_centric_tools() function returns tools (like acp_create_file) that process file content using template rendering. When user input from agent.start() is passed directly into these tools without escaping, template expressions in the input are executed rather than treated as literal text. This vulnerability is fixed in 4.5.115. CVSSv3.1 8.8 (HIGH)

CWECWE 94VNDPraisonaiTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 21:17Z
CRIT

CVE-2026-39890 — PraisonAI: This allows an attacker to craft a malicious YAML file that, when parsed, executes

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-39890

PraisonAI is a multi-agent teams system. Prior to 4.5.115, the AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files without disabling dangerous tags (such as !!js/function and !!js/undefined). This allows an attacker to craft a malicious YAML file that, when parsed, executes arbitrary JavaScript code. An attacker can exploit this vulnerability by uploading a malicious agent definition file via the API endpoint, leading to remote code execution (R CVSSv3.1 9.8 (CRITICAL)

CWECWE 502VNDPraisonaiTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-08
2026-04-08 21:17Z
CRIT

CVE-2026-39888 — PraisonAI: Prior to 1.5.115, execute_code() in praisonaiagents.tools.python_tools defaults to sandbox_mode="sandbox", which runs user code in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-39888

PraisonAI is a multi-agent teams system. Prior to 1.5.115, execute_code() in praisonaiagents.tools.python_tools defaults to sandbox_mode="sandbox", which runs user code in a subprocess wrapped with a restricted __builtins__ dict and an AST-based blocklist. The AST blocklist embedded inside the subprocess wrapper (blocked_attrs of python_tools.py) contains only 11 attribute names — a strict subset of the 30+ names blocked in the direct-execution path. The four attributes that CVSSv3.1 9.9 (CRITICAL)

CWECWE 693CWECWE 657VNDPraisonaiTYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2026-04-08
2026-04-08 21:17Z
CRIT

CVE-2026-39860 — Nix: In multi-user installations, this allows all users able to submit builds to the Nix

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-39860

Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds (typically the Nix daemon running as root in multi-user installations) by following symlinks during fixed-output derivation output registration. This affects sandboxed Linux builds - sandboxed macOS builds are unaffected. The location of the temporary output used for the output copy was lo CVSSv3.1 9.0 (CRITICAL)

CWECWE 61VNDNixTYPVulnerability
9.0
CVSS v3.1
95
Edit Score
2026-04-08
2026-04-08 21:16Z
HIGH

CVE-2026-39429 — Kubernetes: This allows anyone who can access the root shard to read and write to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-39429

kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads. Prior to 0.30.3 and 0.29.3, the cache server is directly exposed by the root shard and has no authentication or authorization in place. This allows anyone who can access the root shard to read and write to the cache server. This vulnerability is fixed in 0.30.3 and 0.29.3. CVSSv3.1 8.2 (HIGH)

CWECWE 862CWECWE 302VNDKubernetesTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-04-08
2026-04-08 20:16Z
HIGH

CVE-2026-35478 — InvenTree: From 0.16.0 to before 1.2.7, any authenticated InvenTree user can create a valid API

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-35478

InvenTree is an Open Source Inventory Management System. From 0.16.0 to before 1.2.7, any authenticated InvenTree user can create a valid API token attributed to any other user in the system — including administrators and superusers — by supplying the target's user ID in the user field of a POST /api/user/tokens/ request. The returned token is immediately usable for full API authentication as the target user, from any network location, with no further interaction required. Th CVSSv3.1 8.3 (HIGH)

CWECWE 639VNDInventreeTYPVulnerability
8.3
CVSS v3.1
92
Edit Score
2026-04-08
2026-04-08 19:25Z
HIGH

CVE-2026-35169 — LORIS: From to before 27.0.3 and 28.0.1, the help_editor module of LORIS did not properly

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-35169

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From to before 27.0.3 and 28.0.1, the help_editor module of LORIS did not properly sanitize some user supplied variables which could result in a reflected cross-site scripting attack if a user is tricked into following an invalid link. The same input vector could also allow an attacker to download arbitrary markdown fi CVSSv3.1 8.7 (HIGH)

CWECWE 552CWECWE 79VNDLorisTYPVulnerability
8.7
CVSS v3.1
94
Edit Score
2026-04-08
2026-04-08 19:25Z
HIGH

CVE-2026-30818 — Tp-link Archer_ax53_firmware: An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-30818

An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow the attacker to modify device configuration, access sensitive information, or further compromise system integrity. This issue affects AX53 v1.0: before 1.7.1 Build 20260213. CVSSv3.1 8.0 (HIGH)

CWECWE 78VNDTp LinkTYPVulnerability
8.0
CVSS v3.1
90
Edit Score