2026-04-01
2026-04-01 22:16Z
HIGH

CVE-2026-34570 — Ci4-cms-erp Ci4ms: This behavior breaks the intended access control policy and results in persistent unauthorized access.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34570

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when an account is deleted. Due to a logic flaw in the backend design, account state changes are enforced only during authentication (login), not for already-established sessions. The system implicitly assumes that authenticated users remain trus CVSSv3.1 8.8 (HIGH)

CWECWE 284CWECWE 613CWECWE 1254VNDCi4 Cms ErpVNDCi4msTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-01
2026-04-01 22:16Z
CRIT

CVE-2026-34569 — Ci4-cms-erp Ci4ms: This stored payload is later rendered unsafely across public-facing blog category pages, administrative interfaces

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34569

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog categories. An attacker can inject a malicious JavaScript payload into the category title field, which is then stored server-side. This stored payload is later rendered unsafely across public-facing blog category pag CVSSv3.1 9.9 (CRITICAL)

CWECWE 79VNDCi4 Cms ErpVNDCi4msTYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2026-04-01
2026-04-01 22:16Z
CRIT

CVE-2026-34568 — Ci4-cms-erp Ci4ms: This stored payload is later rendered unsafely in multiple application views without proper output

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34568

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts. An attacker can inject a malicious JavaScript payload into blog post content, which is then stored server-side. This stored payload is later rendered unsafely in multiple application views without proper outpu CVSSv3.1 9.1 (CRITICAL)

CWECWE 79VNDCi4 Cms ErpVNDCi4msTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-04-01
2026-04-01 22:16Z
CRIT

CVE-2026-34567 — Ci4-cms-erp Ci4ms: This stored payload is later rendered unsafely when the Categories are viewed via blog

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34567

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts within the Categories section. An attacker can inject a malicious JavaScript payload into the Categories content, which is then stored server-side. This stored payload is later rendered unsafely when the Catego CVSSv3.1 9.1 (CRITICAL)

CWECWE 79VNDCi4 Cms ErpVNDCi4msTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-04-01
2026-04-01 22:16Z
CRIT

CVE-2026-34566 — Ci4-cms-erp Ci4ms: These stored values are later rendered without proper output encoding across administrative page lists

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34566

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input within the Page Management functionality when creating or editing pages. Multiple input fields accept attacker-controlled JavaScript payloads that are stored server-side. These stored values are later rendered without proper output encoding acros CVSSv3.1 9.1 (CRITICAL)

CWECWE 79VNDCi4 Cms ErpVNDCi4msTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-04-01
2026-04-01 22:16Z
CRIT

CVE-2026-34565 — Ci4-cms-erp Ci4ms: These stored values are later rendered unsafely within administrative dashboards and public-facing navigation menus

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34565

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when adding Posts to navigation menus through the Menu Management functionality. Post-related data selected via the Posts section is stored server-side and rendered without proper output encoding. These stored values are later rendered unsafely w CVSSv3.1 9.1 (CRITICAL)

CWECWE 79VNDCi4 Cms ErpVNDCi4msTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-04-01
2026-04-01 22:16Z
CRIT

CVE-2026-34564 — Ci4-cms-erp Ci4ms: This stored payload is later rendered unsafely within administrative interfaces and public-facing navigation menus

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34564

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when adding Pages to navigation menus through the Menu Management functionality. Page-related data selected via the Pages section is stored server-side and rendered without proper output encoding. This stored payload is later rendered unsafely wi CVSSv3.1 9.1 (CRITICAL)

CWECWE 79VNDCi4 Cms ErpVNDCi4msTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
728 × 90 / responsive · programmatic ad slot
2026-04-01
2026-04-01 22:16Z
CRIT

CVE-2026-34563 — Ci4-cms-erp Ci4ms: An attacker can inject a malicious JavaScript payload into the backup filename via the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34563

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when handling backup uploads and processing backup metadata. An attacker can inject a malicious JavaScript payload into the backup filename via the uploaded xss.sql, which uses SQL functionality to insert the XSS payload server-side. This stored CVSSv3.1 9.1 (CRITICAL)

CWECWE 79VNDCi4 Cms ErpVNDCi4msTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-04-01
2026-04-01 22:16Z
CRIT

CVE-2026-34560 — Ci4-cms-erp Ci4ms: If any stored XSS payload exists within logged data, it is rendered without proper

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34560

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application renders user-controlled input unsafely within the logs interface. If any stored XSS payload exists within logged data, it is rendered without proper output encoding. This issue becomes a Blind XSS scenario because the attacker does not see immediate execution. Instead, the payload is stored wit CVSSv3.1 9.1 (CRITICAL)

CWECWE 79VNDCi4 Cms ErpVNDCi4msTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-04-01
2026-04-01 22:16Z
CRIT

CVE-2026-34559 — Ci4-cms-erp Ci4ms: This stored payload is later rendered unsafely across public tag pages and administrative interfaces

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34559

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog tags. An attacker can inject a malicious JavaScript payload into the tag name field, which is then stored server-side. This stored payload is later rendered unsafely across public tag pages and administrative interfa CVSSv3.1 9.1 (CRITICAL)

CWECWE 79VNDCi4 Cms ErpVNDCi4msTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-04-01
2026-04-01 22:00Z
INFO

SightHouse: Automated function identification

Quarkslab·blog.quarkslab.com

Quarkslab released SightHouse, an open-source tool for automated function identification and binary similarity analysis. The tool integrates with IDA Pro, Ghidra, and Binary Ninja to identify known functions across binaries by querying a signature database built on BSIM, and includes an automated pipeline for signature extraction from compiled projects.

SRFApplicationTYPResearchTYPToolSTGReconTECT1518
62
Edit Score
2026-04-01
2026-04-01 21:17Z
HIGH

CVE-2026-4101 — Ibm Security_verify_access: Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-4101

IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 under certain load conditions could allow an attacker to bypass authentication mechanisms and gain unauthorized access to the application. CVSSv3.1 8.1 (HIGH)

CWECWE 287VNDIbmTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-04-01
2026-04-01 21:17Z
CRIT

CVE-2026-34873 — Arm Mbed_tls: An issue was discovered in Mbed TLS 3.5.0 through 4.0.0.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session. CVSSv3.1 9.1 (CRITICAL)

CWECWE 287VNDArmVNDMbedTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-04-01
2026-04-01 21:17Z
HIGH

CVE-2026-34528 — Filebrowser Filebrowser: Prior to version 2.62.2, the signupHandler in File Browser applies default user permissions via

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34528

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the signupHandler in File Browser applies default user permissions via d.settings.Defaults.Apply(user), then strips only Admin. The Execute permission and Commands list from the default user template are not stripped. When an administrator has enabled signup, server-side execution, and set Execute=true in the default CVSSv3.1 8.1 (HIGH)

CWECWE 269VNDFilebrowserTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-04-01
2026-04-01 20:16Z
HIGH

CVE-2026-34748 — Payloadcms Payload: Prior to version 3.78.0 in @payloadcms/next, a stored Cross-Site Scripting (XSS) vulnerability existed in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34748

Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/next, a stored Cross-Site Scripting (XSS) vulnerability existed in the admin panel. An authenticated user with write access to a collection could save content that, when viewed by another user, would execute in their browser. This issue has been patched in version 3.78.0. CVSSv3.1 8.7 (HIGH)

CWECWE 79VNDPayloadcmsVNDPayloadTYPVulnerability
8.7
CVSS v3.1
94
Edit Score
2026-04-01
2026-04-01 20:16Z
HIGH

CVE-2026-34747 — Payloadcms Payload: Prior to version 3.79.1, certain request inputs were not properly validated.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34747

Payload is a free and open source headless content management system. Prior to version 3.79.1, certain request inputs were not properly validated. An attacker could craft requests that influence SQL query execution, potentially exposing or modifying data in collections. This issue has been patched in version 3.79.1. CVSSv3.1 8.5 (HIGH)

CWECWE 89VNDPayloadcmsVNDPayloadTYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2026-04-01
2026-04-01 18:16Z
CRIT

CVE-2026-34875 — Arm Mbed_tls: A buffer overflow can occur in public key export for FFDH keys.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys. CVSSv3.1 9.8 (CRITICAL)

CWECWE 120VNDArmVNDMbedTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-01
2026-04-01 18:16Z
HIGH

CVE-2026-34236 — Auth0 Auth0-php: From version 8.0.0 to before version 8.19.0, in applications built with the Auth0 PHP

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34236

Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. From version 8.0.0 to before version 8.19.0, in applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies. This issue has been patched in version 8.19.0. CVSSv3.1 8.2 (HIGH)

CWECWE 331VNDAuth0TYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-04-01
2026-04-01 18:16Z
CRIT

CVE-2026-34159 — Ggml Llama.cpp: Combined with pointer leaks from ALLOC_BUFFER/BUFFER_GET_BASE, this gives full ASLR bypass and remote code

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34159

llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserialize_tensor() skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPH_COMPUTE messages. Combined with pointer leaks from ALLOC_BUFFER/BUFFER_GET_BASE, this gives full ASLR bypass and remote code execution. No authentication required, just TCP access to the RPC server port. Th CVSSv3.1 9.8 (CRITICAL) · EPSS 35th percentile

CWECWE 119VNDGgmlTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-01
2026-04-01 18:16Z
HIGH

CVE-2026-34072 — Fccview Cronmaster: Prior to version 2.2.0, an authentication bypass in middleware allows unauthenticated requests with an

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34072

Cr*nMaster (cronmaster) is a Cronjob management UI with human readable syntax, live logging and log history for cronjobs. Prior to version 2.2.0, an authentication bypass in middleware allows unauthenticated requests with an invalid session cookie to be treated as authenticated when the middleware’s session-validation fetch fails. This can result in unauthorized access to protected pages and unauthorized execution of privileged Next.js Server Actions. This issue has been patc CVSSv3.1 8.3 (HIGH) · EPSS 27th percentile

CWECWE 306CWECWE 287CWECWE 693VNDFccviewVNDCronjobTYPVulnerability
8.3
CVSS v3.1
92
Edit Score
2026-04-01
2026-04-01 17:28Z
CRIT

CVE-2026-33990 — Docker Model_runner: Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33990

Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's WWW-Authenticate header without validating the scheme, hostname, or IP range. A malicious OCI registry can set the realm to an internal URL (e.g., http://127.0.0.1:3000/), causing Model Runner CVSSv3.1 9.1 (CRITICAL)

CWECWE 918VNDDockerTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-04-01
2026-04-01 17:28Z
HIGH

CVE-2026-33949 — Ssw Tinacms\/graphql: Prior to version 2.2.2, a path traversal vulnerability in @tinacms/graphql allows unauthenticated users to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33949

Tina is a headless content management system. Prior to version 2.2.2, a path traversal vulnerability in @tinacms/graphql allows unauthenticated users to write and overwrite arbitrary files within the project root. This is achieved by manipulating the relativePath parameter in GraphQL mutations. The impact includes the ability to replace critical server configuration files and potentially execute arbitrary commands by sabotaging build script. This issue has been patched in ver CVSSv3.1 8.1 (HIGH)

CWECWE 22CWECWE 73VNDSswVNDTinaTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-04-01
2026-04-01 17:28Z
CRIT

CVE-2026-30643 — Dedecms Dedecms: An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-30643

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload. CVSSv3.1 9.8 (CRITICAL)

CWECWE 94VNDDedecmsTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-01
2026-04-01 17:28Z
CRIT

CVE-2026-20160 — Cisco Smart_software_manager_on-prem: A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-20160

A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SSM On-Prem host. This vulnerability is due to the unintentional exposure of an internal service. An attacker could exploit this vulnerability by sending a crafted request to the API of the exposed service. A successful exploit could allow the attacker to execute commands o CVSSv3.1 9.8 (CRITICAL) · EPSS 56th percentile

CWECWE 668VNDCiscoTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-01
2026-04-01 17:28Z
HIGH

CVE-2026-20155 — Cisco Evolved_programmable_network_manager: A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM)

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-20155

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access. This vulnerability is due to improper authorization checks on a REST API endpoint of an affected device. An attacker could exploit this vulnerability by querying the affected endpoint. A successful exploit could allow the attac CVSSv3.1 8.0 (HIGH) · EPSS 19th percentile

CWECWE 862VNDCiscoTYPVulnerability
8.0
CVSS v3.1
90
Edit Score