Security Dashboard

Priority	CVE	Severity	CVSS	EPSS	Indicators	Published
41	CVE-2026-4478 A vulnerability was identified in Yi Technology YI Home Camera 2 2.1.1_201710241	HIGH	8.1	0.0%		2026-03-20
41	CVE-2026-4396 Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1	HIGH	8.1	0.0%		2026-03-18
41	CVE-2026-2370 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3	HIGH	8.1	0.0%	FIX	2026-03-30
41	CVE-2026-32634 ## Summary In Central Browser mode, Glances stores both the Zeroconf-advertised	HIGH	8.1	0.0%	FIX	2026-03-16
41	CVE-2026-4718 Undefined behavior in the WebRTC: Signaling component. This vulnerability affect	HIGH	8.1	0.0%	FIX	2026-03-24
41	CVE-2026-39371 RedwoodSDK is a server-first React framework. From 1.0.0-beta.50 to 1.0.5, erver	HIGH	8.1	0.0%	FIX	2026-04-07
40	CVE-2026-35442 ### Summary Aggregate functions (`min`, `max`) applied to fields with the `conc	HIGH	8.1	0.0%	FIX	2026-04-04
40	CVE-2026-5436 The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in	HIGH	8.1	0.2%		2026-04-08
40	CVE-2025-55261 HCL Aftermarket DPC is affected by Missing Functional Level Access Control which	HIGH	8.1	0.0%		2026-03-26
40	CVE-2026-34402 ChurchCRM is an open-source church management system. Prior to 7.1.0, authentica	HIGH	8.1	0.0%		2026-04-06
40	CVE-2026-25208 Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow B	HIGH	8.1	-		2026-04-13
40	CVE-2026-40393 In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occu	HIGH	8.1	-		2026-04-12
40	CVE-2025-58913 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP	HIGH	8.1	0.1%		2026-04-10
40	CVE-2026-25773 UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize categor	HIGH	8.1	0.0%		2026-04-03
40	CVE-2026-40070 BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.3.1 to before 0.8.2,	HIGH	8.1	0.0%	FIX	2026-04-09
40	CVE-2026-40259 ## Summary An authenticated publish-service reader can invoke `/api/av/removeUn	HIGH	8.1	-	FIX	2026-04-10
40	CVE-2026-40200 An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory co	HIGH	8.1	0.0%		2026-04-10
40	CVE-2026-40093 nimiq-blockchain provides persistent block storage for Nimiq's Rust implementati	HIGH	8.1	0.1%		2026-04-09
40	CVE-2026-39393 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, mo	HIGH	8.1	0.0%	FIX	2026-04-08
40	CVE-2026-39394 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, mo	HIGH	8.1	0.0%	FIX	2026-04-08
40	CVE-2026-33466 Improper Limitation of a Pathname to a Restricted Directory (CWE-22) in Logstash	HIGH	8.1	0.3%		2026-04-08
40	CVE-2026-1961 A flaw was found in Foreman. A remote attacker could exploit a command injection	HIGH	8.0	0.1%	FIX	2026-03-26
40	CVE-2026-20155 A vulnerability in the web-based management interface of Cisco Evolved Programma	HIGH	8.0	0.1%		2026-04-01
40	CVE-2025-24818 Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to	HIGH	8.0	0.1%		2026-04-07
40	CVE-2025-24817 Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to	HIGH	8.0	0.1%		2026-04-07
40	CVE-2026-20432 In Modem, there is a possible out of bounds write due to a missing bounds check.	HIGH	8.0	0.1%		2026-04-07
40	CVE-2026-3108 Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.	HIGH	8.0	0.0%	FIX	2026-03-26
40	CVE-2026-35575 ChurchCRM is an open-source church management system. Prior to 6.5.3, a Stored C	HIGH	8.0	0.0%		2026-04-07
40	CVE-2026-4248 The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information	HIGH	8.0	0.0%		2026-03-27
40	CVE-2025-41258 LibreChat version 0.8.1-rc2 uses the same JWT secret for the user session mechan	HIGH	8.0	0.0%		2026-03-18
40	CVE-2026-32813 ## Summary The MyList configuration feature in Admidio allows authenticated use	HIGH	8.0	0.0%	FIX	2026-03-16
40	CVE-2026-32014 OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability w	HIGH	8.0	0.0%	FIX	2026-03-19
40	CVE-2025-55041 MuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Group functi	HIGH	8.0	0.0%		2026-03-18
40	CVE-2026-33183 ### Impact Users with MockResponse fixtures that use path traversal. ### Patche	HIGH	8.0	0.0%	FIX	2026-03-25
40	CVE-2026-32768 ### Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from	HIGH	7.9	0.0%	FIX	2026-03-16
40	CVE-2026-40149 PraisonAI is a multi-agent teams system. Prior to 4.5.128, the gateway's /api/ap	HIGH	7.9	0.0%	FIX	2026-04-09
40	CVE-2026-34444 Lupa integrates the runtimes of Lua or LuaJIT2 into CPython. In 2.6 and earlier,	HIGH	7.9	0.1%		2026-04-06
39	CVE-2026-0634 Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows	HIGH	7.8	0.3%		2026-04-02
39	CVE-2025-33247 NVIDIA Megatron LM contains a vulnerability in quantization configuration loadin	HIGH	7.8	0.3%		2026-03-24
39	CVE-2025-63261 AWStats 8.0 is vulnerable to Command Injection via the open function	HIGH	7.8	0.2%		2026-03-20
39	CVE-2026-24157 NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an at	HIGH	7.8	0.1%	FIX	2026-03-24
39	CVE-2026-24159 NVIDIA NeMo Framework contains a vulnerability where an attacker may cause remot	HIGH	7.8	0.1%	FIX	2026-03-24
39	CVE-2026-29143 SEPPmail Secure Email Gateway before version 15.0.3 does not properly authentica	HIGH	7.8	0.1%		2026-04-02
39	CVE-2026-29144 SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass	HIGH	7.8	0.1%		2026-04-02
39	CVE-2026-33874 Gematik Authenticator securely authenticates users for login to digital health a	HIGH	7.8	0.1%		2026-03-27
39	CVE-2026-35043 Commit ce53491 (March 24) fixed command injection via `system_packages` in Docke	HIGH	7.8	0.1%	FIX	2026-04-03
39	CVE-2026-4151 GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This	HIGH	7.8	0.1%	FIX	2026-04-11
39	CVE-2026-4154 GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This	HIGH	7.8	0.1%	FIX	2026-04-11
39	CVE-2026-4150 GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This	HIGH	7.8	0.1%	FIX	2026-04-11
39	CVE-2025-33248 NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script wher	HIGH	7.8	0.1%		2026-03-24
39	CVE-2026-24151 NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may	HIGH	7.8	0.1%		2026-03-24
39	CVE-2026-24150 NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attac	HIGH	7.8	0.1%		2026-03-24
39	CVE-2026-24152 NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attac	HIGH	7.8	0.1%		2026-03-24
39	CVE-2026-34054 vcpkg is a free and open-source C/C++ package manager. Prior to version 3.6.1#3,	HIGH	7.8	0.1%		2026-03-31
39	CVE-2026-24141 NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONN	HIGH	7.8	0.1%		2026-03-24
39	CVE-2026-4152 GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerabi	HIGH	7.8	0.1%		2026-04-11
39	CVE-2026-4153 GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerabi	HIGH	7.8	0.1%	FIX	2026-04-11
39	CVE-2026-23862 Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutra	HIGH	7.8	0.1%		2026-03-16
39	CVE-2026-4775 A flaw was found in the libtiff library. A remote attacker could exploit a signe	HIGH	7.8	0.1%	FIX	2026-03-24
39	CVE-2026-24165 NVIDIA BioNeMo contains a vulnerability where a user could cause a deserializati	HIGH	7.8	0.1%		2026-03-31
39	CVE-2026-30309 InfCode's terminal auto-execution module contains a critical command filtering v	HIGH	7.8	0.0%		2026-03-31
39	CVE-2026-5493 Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Cod	HIGH	7.8	0.0%		2026-04-11
39	CVE-2026-5494 Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Cod	HIGH	7.8	0.0%		2026-04-11
39	CVE-2026-5495 Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Cod	HIGH	7.8	0.0%		2026-04-11
39	CVE-2026-5496 Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Exe	HIGH	7.8	0.0%		2026-04-11
39	CVE-2026-33298 llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an int	HIGH	7.8	0.0%	FIX	2026-03-24
39	CVE-2026-29139 SEPPmail Secure Email Gateway before version 15.0.3 allows account takeover by a	HIGH	7.8	0.0%		2026-04-02
39	CVE-2026-32857 Firecrawl version 2.8.0 and prior contain a server-side request forgery (SSRF) p	HIGH	7.8	0.0%		2026-03-26
39	CVE-2026-27309 Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free	HIGH	7.8	0.0%		2026-03-27
39	CVE-2026-23351 In the Linux kernel, the following vulnerability has been resolved: netfilter:	HIGH	7.8	0.0%	FIX	2026-03-25
39	CVE-2026-34937 ### Summary `run_python()` in `praisonai` constructs a shell command string by	HIGH	7.8	0.0%	FIX	2026-04-01
39	CVE-2026-33139 ### Summary PySpector versions `<= 0.1.6` are affected by a security validation	HIGH	7.8	0.0%	FIX	2026-03-18
39	CVE-2026-23392 In the Linux kernel, the following vulnerability has been resolved: netfilter:	HIGH	7.8	0.0%	FIX	2026-03-25
39	CVE-2026-23317 In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx:	HIGH	7.8	0.0%	FIX	2026-03-25
39	CVE-2026-23391 In the Linux kernel, the following vulnerability has been resolved: netfilter:	HIGH	7.8	0.0%	FIX	2026-03-25
39	CVE-2026-23372 In the Linux kernel, the following vulnerability has been resolved: nfc: rawsoc	HIGH	7.8	0.0%	FIX	2026-03-25
39	CVE-2026-23378 In the Linux kernel, the following vulnerability has been resolved: net/sched:	HIGH	7.8	0.0%	FIX	2026-03-25
39	CVE-2026-23340 In the Linux kernel, the following vulnerability has been resolved: net: sched:	HIGH	7.8	0.0%	FIX	2026-03-25
39	CVE-2026-23336 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80	HIGH	7.8	0.0%	FIX	2026-03-25
39	CVE-2026-23306 In the Linux kernel, the following vulnerability has been resolved: scsi: pm800	HIGH	7.8	0.0%	FIX	2026-03-25
39	CVE-2026-23243 In the Linux kernel, the following vulnerability has been resolved: RDMA/umad:	HIGH	7.8	0.0%	FIX	2026-03-18
39	CVE-2026-23273 In the Linux kernel, the following vulnerability has been resolved: macvlan: ob	HIGH	7.8	0.0%	FIX	2026-03-20
39	CVE-2026-3476 A Code Injection vulnerability affecting in SOLIDWORKS Desktop from Release 202	HIGH	7.8	0.0%		2026-03-16
39	CVE-2026-33744 ## Summary The `docker.system_packages` field in `bentofile.yaml` accepts arbit	HIGH	7.8	0.0%	FIX	2026-03-26
39	CVE-2026-3779 The application's list box calculate array logic keeps stale references to page	HIGH	7.8	0.0%		2026-04-01
39	CVE-2026-23407 In the Linux kernel, the following vulnerability has been resolved: apparmor: f	HIGH	7.8	0.0%	FIX	2026-04-01
39	CVE-2026-23383 In the Linux kernel, the following vulnerability has been resolved: bpf, arm64:	HIGH	7.8	0.0%	FIX	2026-03-25
39	CVE-2026-23408 In the Linux kernel, the following vulnerability has been resolved: apparmor: F	HIGH	7.8	0.0%	FIX	2026-04-01
39	CVE-2026-33641 ## Summary Glances supports dynamic configuration values in which substrings enc	HIGH	7.8	0.0%		2026-03-30
39	CVE-2026-23411 In the Linux kernel, the following vulnerability has been resolved: apparmor: f	HIGH	7.8	0.0%	FIX	2026-04-01

Oldest Unpatched Critical/High CVEs

CVE	Severity	CVSS	Priority	Days Open
CVE-2024-3400	CRITICAL	10.0	224	731d
CVE-2019-19781	CRITICAL	9.8	223	2298d
CVE-2020-5902	CRITICAL	9.8	223	2111d
CVE-2021-35464	CRITICAL	9.8	223	1725d
CVE-2020-10189	CRITICAL	9.8	223	2228d
CVE-2012-4681	CRITICAL	9.8	223	4976d
CVE-2022-42475	CRITICAL	9.8	223	1197d
CVE-2023-3519	CRITICAL	9.8	223	998d
CVE-2015-7450	CRITICAL	9.8	222	3753d
CVE-2023-34048	CRITICAL	9.8	222	900d

Prev 12 / 23 Next