2026-04-07
2026-04-07 15:17Z
HIGH

CVE-2026-4740 — Open: Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-4740

A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge a client certificate that can be approved by the OCM controller. This enables cross-cluster privilege escalation and may allow an attacker to gain control over other managed clusters, including the hub cluster. CVSSv3.1 8.2 (HIGH)

CWECWE 295TYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-04-07
2026-04-07 15:17Z
CRIT

CVE-2026-4277 — Djangoproject Django: An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-4277

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. Add permissions on inline model instances were not validated on submission of forged `POST` data in `GenericInlineModelAdmin`. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank N05ec@LZU-DSLab for reporting this issue. CVSSv3.1 9.8 (CRITICAL)

CWECWE 862VNDDjangoprojectTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 15:17Z
HIGH

CVE-2026-35463 — Pyload-ng_project Pyload-ng: A non-admin user with SETTINGS permission can change this path to achieve remote code

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-35463

pyLoad is a free and open-source download manager written in Python. In 0.5.0b3.dev96 and earlier, the ADMIN_ONLY_OPTIONS protection mechanism restricts security-critical configuration values (reconnect scripts, SSL certs, proxy credentials) to admin-only access. However, this protection is only applied to core config options, not to plugin config options. The AntiVirus plugin stores an executable path (avfile) in its config, which is passed directly to subprocess.Popen(). A CVSSv3.1 8.8 (HIGH)

CWECWE 78VNDPyload Ng ProjectTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-07
2026-04-07 15:17Z
CRIT

CVE-2026-35458 — Thecodingmachine Gotenberg: In 8.29.1 and earlier, Gotenberg uses dlclark/regexp2 to compile user-supplied scope patterns without setting

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-35458

Gotenberg is an API for converting document formats. In 8.29.1 and earlier, Gotenberg uses dlclark/regexp2 to compile user-supplied scope patterns without setting a proper timeout. Users with access to features using this logic can hang workers indefinitely. CVSSv3.1 9.8 (CRITICAL)

CWECWE 1333VNDThecodingmachineVNDGotenbergTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 15:17Z
HIGH

CVE-2026-35457 — Protocol Libp2p: libp2p-rust is the official rust language Implementation of the libp2p networking stack.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-35457

libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to 0.17.1, the rendezvous server stores pagination cookies without bounds. An unauthenticated peer can repeatedly issue DISCOVER requests and force unbounded memory growth. This vulnerability is fixed in 0.17.1. CVSSv3.1 8.2 (HIGH)

CWECWE 770TYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-04-07
2026-04-07 15:17Z
CRIT

CVE-2026-30079 — Openairinterface Oai-cn5g-amf: In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-30079

In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeComplete message is sent after InitialUERegistration, a registration reject is received followed by a registration accept! This leads the UE to be registered without proper authentication. CVSSv3.1 9.8 (CRITICAL)

CWECWE 288VNDOpenairinterfaceTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 15:17Z
HIGH

CVE-2026-24660 — Libraw Libraw: A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-24660

A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVSSv3.1 8.1 (HIGH)

CWECWE 190VNDLibrawTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
728 × 90 / responsive · programmatic ad slot
2026-04-07
2026-04-07 15:17Z
HIGH

CVE-2026-24450 — Libraw Libraw: An integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of LibRaw Commit 8dc68e2.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-24450

An integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVSSv3.1 8.1 (HIGH)

CWECWE 190VNDLibrawTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-04-07
2026-04-07 15:17Z
CRIT

CVE-2026-21413 — Libraw Libraw: A heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw functionality of LibRaw Commit 0b56545

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-21413

A heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVSSv3.1 9.8 (CRITICAL)

CWECWE 129VNDLibrawTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 15:17Z
CRIT

CVE-2026-20911 — Libraw Libraw: A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-20911

A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVSSv3.1 9.8 (CRITICAL)

CWECWE 131VNDLibrawTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 15:17Z
CRIT

CVE-2026-20889 — Libraw Libraw: A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-20889

A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVSSv3.1 9.8 (CRITICAL)

CWECWE 190VNDLibrawTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 15:17Z
HIGH

CVE-2026-20884 — Libraw Libraw: An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit 8dc68e2.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-20884

An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVSSv3.1 8.1 (HIGH)

CWECWE 190VNDLibrawTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-04-07
2026-04-07 15:17Z
CRIT

CVE-2025-62818 — Samsung Exynos_990_firmware: An out-of-bounds write occurs due to a mismatch between the TP-UDHI and UDL values

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-62818

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. An out-of-bounds write occurs due to a mismatch between the TP-UDHI and UDL values when processing an SMS TP-UD packet. CVSSv3.1 9.8 (CRITICAL)

CWECWE 787VNDSamsungTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 15:17Z
CRIT

CVE-2025-52909 — Samsung Exynos_1280_firmware: Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52909

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2 of 2. CVSSv3.1 9.8 (CRITICAL)

CWECWE 120VNDSamsungTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 14:16Z
HIGH

CVE-2026-5627 — Mintplexlabs Anythingllm: A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5627

A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the `AgentFlows` component. The vulnerability arises from improper handling of user input in the `loadFlow` and `deleteFlow` methods in `server/utils/agentFlows/index.js`. Specifically, the combination of `path.join` and `normalizePath` allows attackers to bypass directory restrictions and access or delete arbitrary `.json` files on the server. This can lead to infor CVSSv3.1 7.2 (HIGH)

CWECWE 29VNDMintplexlabsTYPVulnerability
7.2
CVSS v3.1
86
Edit Score
2026-04-07
2026-04-07 14:16Z
HIGH

CVE-2026-35554 — Apache: A race condition in the Apache Kafka Java producer client’s buffer pool management can

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-35554

A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is prematurely deallocated and returned to the buffer pool. If a subsequent producer batch—potentially destined for a different topic—reuses this freed buffer before the original network CVSSv3.1 8.7 (HIGH)

CWECWE 416CWECWE 362VNDApacheTYPVulnerability
8.7
CVSS v3.1
94
Edit Score
2026-04-07
2026-04-07 13:16Z
CRIT

CVE-2026-5735 — Mozilla Firefox: Some of these bugs showed evidence of memory corruption and we presume that with

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5735

Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2 and Thunderbird 149.0.2. CVSSv3.1 9.8 (CRITICAL)

CWECWE 787VNDMozillaTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 13:16Z
CRIT

CVE-2026-5734 — Mozilla Firefox: Some of these bugs showed evidence of memory corruption and we presume that with

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5734

Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1. CVSSv3.1 9.8 (CRITICAL)

CWECWE 120CWECWE 787VNDMozillaTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 13:16Z
HIGH

CVE-2026-5733 — Mozilla Firefox: Incorrect boundary conditions in the Graphics: WebGPU component.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5733

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 149.0.2 and Thunderbird 149.0.2. CVSSv3.1 8.8 (HIGH)

CWECWE 119VNDMozillaTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-07
2026-04-07 13:16Z
HIGH

CVE-2026-5732 — Mozilla Firefox: Incorrect boundary conditions, integer overflow in the Graphics: Text component.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1. CVSSv3.1 8.8 (HIGH)

CWECWE 190VNDMozillaTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-07
2026-04-07 13:16Z
CRIT

CVE-2026-5731 — Memory: Some of these bugs showed evidence of memory corruption and we presume that with

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5731

Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1. CVSSv3.1 9.8 (CRITICAL)

CWECWE 119TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 13:16Z
CRIT

CVE-2026-28808 — Erlang Erlang\/inets: Incorrect Authorization vulnerability in Erlang OTP (inets modules) allows unauthenticated access to CGI scripts

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-28808

Incorrect Authorization vulnerability in Erlang OTP (inets modules) allows unauthenticated access to CGI scripts protected by directory rules when served via script_alias. When script_alias maps a URL prefix to a directory outside DocumentRoot, mod_auth evaluates directory-based access controls against the DocumentRoot-relative path while mod_cgi executes the script at the ScriptAlias-resolved path. This path mismatch allows unauthenticated access to CGI scripts that directo CVSSv3.1 9.8 (CRITICAL)

CWECWE 863VNDErlangTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 13:16Z
HIGH

CVE-2026-23818 — Hpe Aruba_networking_private_5g_core: A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-23818

A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Private 5G Core On-Prem that could allow an attacker to abuse an open redirect vulnerability in the login flow using a crafted URL. Successful exploitation may redirect an authenticated user to an attacker-controlled server hosting a spoofed login page prompting the unsuspecting victim to give away their credentials, which could then be captured by the attacker, before being redi CVSSv3.1 8.8 (HIGH)

CWECWE 601VNDHpeTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-07
2026-04-07 13:16Z
CRIT

CVE-2026-22679 — Weaver E-cology: (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-22679

Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking exposed debug functionality. Attackers can craft POST requests with attacker-controlled interfaceName and methodName parameters to reach command-execution helpers and achieve arbitrary command execution on the system. Exploitation e CVSSv3.1 9.8 (CRITICAL)

CWECWE 306VNDWeaverTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-07
2026-04-07 13:16Z
CRIT

CVE-2021-4473 — Topsecgroup Tianxin_internet_behavior_management_system: Tianxin Internet Behavior Management System contains a command injection vulnerability in the Reporter component

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2021-4473

Tianxin Internet Behavior Management System contains a command injection vulnerability in the Reporter component endpoint that allows unauthenticated attackers to execute arbitrary commands by supplying a crafted objClass parameter containing shell metacharacters and output redirection. Attackers can exploit this vulnerability to write malicious PHP files into the web root and achieve remote code execution with the privileges of the web server process. This vulnerability has CVSSv3.1 9.8 (CRITICAL)

CWECWE 78VNDTianxinVNDTopsecgroupTYPVulnerability
9.8
CVSS v3.1
99
Edit Score