{"@context":{"@vocab":"https://schema.org/","dcterms":"http://purl.org/dc/terms/","prov":"http://www.w3.org/ns/prov#"},"@type":"ItemList","@id":"https://api.ai-analytics.org/api/v1/nvd/recent","_source":{"data_provider":"AI Analytics","data_provider_url":"https://api.ai-analytics.org","license":"https://creativecommons.org/publicdomain/zero/1.0/","dcterms:license":"https://creativecommons.org/publicdomain/zero/1.0/","generated_at":"2026-05-16T06:15:13.692Z","primary_source":"https://nvd.nist.gov/"},"filter":{"severity":null,"min_score":null,"q":null},"count":50,"items":[{"cve_id":"CVE-2026-7584","published":"2026-05-01T08:16:01.913","last_modified":"2026-05-04T18:23:58.433","vuln_status":"Analyzed","cvss_base_score":7.8,"cvss_severity":"HIGH","description_excerpt":"The LabOne Q serialization framework uses a class-loading mechanism (import_cls) to dynamically import and instantiate Python classes during deserialization. Prior to the fix, this mechanism accepted arbitrary fully-qualified class names from the serialized data without any valid","cwes_json":"[\"CWE-502\"]","affected_products":"[\"zhinst:labone_q\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7584"},{"cve_id":"CVE-2026-42996","published":"2026-05-01T07:15:59.787","last_modified":"2026-05-01T23:16:18.233","vuln_status":"Deferred","cvss_base_score":null,"cvss_severity":null,"description_excerpt":"JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp.","cwes_json":"[\"CWE-121\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42996"},{"cve_id":"CVE-2026-7555","published":"2026-05-01T06:16:32.670","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":7.3,"cvss_severity":"HIGH","description_excerpt":"A vulnerability was identified in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/login.php. Such manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit is publicly available and","cwes_json":"[\"CWE-74\",\"CWE-89\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7555"},{"cve_id":"CVE-2026-7554","published":"2026-05-01T06:16:32.420","last_modified":"2026-05-06T18:10:51.343","vuln_status":"Analyzed","cvss_base_score":5.6,"cvss_severity":"MEDIUM","description_excerpt":"A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes weak password recovery. The attack can be initiated remotely. A high degree of complexity is needed for the attack","cwes_json":"[\"CWE-640\"]","affected_products":"[\"dlink:m60_firmware\",\"dlink:m60\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7554"},{"cve_id":"CVE-2026-6127","published":"2026-05-01T06:16:32.233","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":6.4,"cvss_severity":"MEDIUM","description_excerpt":"The Elementor Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the _elementor_data meta field in versions up to, and including, 4.0.4. This is due to insufficient input sanitization when processing form-encoded REST API requests. The plugin re","cwes_json":"[\"CWE-79\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6127"},{"cve_id":"CVE-2024-13362","published":"2026-05-01T06:16:30.050","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":6.1,"cvss_severity":"MEDIUM","description_excerpt":"Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts","cwes_json":"[\"CWE-79\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-13362"},{"cve_id":"CVE-2026-7553","published":"2026-05-01T05:16:04.020","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":4.7,"cvss_severity":"MEDIUM","description_excerpt":"A vulnerability was found in code-projects Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit_exercises.php. The manipulation of the argument edit_exercise results in sql injection. It is possible to launch the attack rem","cwes_json":"[\"CWE-74\",\"CWE-89\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7553"},{"cve_id":"CVE-2026-7550","published":"2026-05-01T05:16:03.847","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":7.3,"cvss_severity":"HIGH","description_excerpt":"A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=save_customer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The ex","cwes_json":"[\"CWE-74\",\"CWE-89\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7550"},{"cve_id":"CVE-2026-7549","published":"2026-05-01T05:16:03.657","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":7.3,"cvss_severity":"HIGH","description_excerpt":"A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_customer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The expl","cwes_json":"[\"CWE-74\",\"CWE-89\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7549"},{"cve_id":"CVE-2026-42994","published":"2026-05-01T05:16:01.510","last_modified":"2026-05-04T18:23:38.433","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident.","cwes_json":"[\"CWE-78\",\"CWE-94\"]","affected_products":"[\"bitwarden:cli\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42994"},{"cve_id":"CVE-2026-7548","published":"2026-05-01T03:16:01.467","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":8.8,"cvss_severity":"HIGH","description_excerpt":"A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. This affects the function sub_41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The ex","cwes_json":"[\"CWE-74\",\"CWE-77\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7548"},{"cve_id":"CVE-2026-7546","published":"2026-05-01T03:16:01.270","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. The impacted element is the function find_host_ip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely. The","cwes_json":"[\"CWE-119\",\"CWE-121\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7546"},{"cve_id":"CVE-2026-7545","published":"2026-05-01T02:16:04.723","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":7.3,"cvss_severity":"HIGH","description_excerpt":"A weakness has been identified in SourceCodester Advanced School Management System 1.0. The affected element is an unknown function of the file commonController.php of the component checkEmail Endpoint. This manipulation causes sql injection. Remote exploitation of the attack is ","cwes_json":"[\"CWE-74\",\"CWE-89\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7545"},{"cve_id":"CVE-2026-7538","published":"2026-05-01T02:16:04.533","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument proto leads to os command injection. The attack may be initiated r","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7538"},{"cve_id":"CVE-2026-7536","published":"2026-05-01T02:16:04.347","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":5.3,"cvss_severity":"MEDIUM","description_excerpt":"A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsf_sess_add_by_ip_address of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a manipulation of the argument ipv4Addr can lead to denial of service. The attack ","cwes_json":"[\"CWE-404\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7536"},{"cve_id":"CVE-2026-7535","published":"2026-05-01T01:16:18.087","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":4.3,"cvss_severity":"MEDIUM","description_excerpt":"A vulnerability was found in Open5GS up to 2.7.7. This affects the function amf_namf_comm_handle_registration_status_update_request in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-contexts/{ueContextId}/transfer-update. Performing a manipulation of the argument ue","cwes_json":"[\"CWE-404\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7535"},{"cve_id":"CVE-2026-7519","published":"2026-05-01T01:16:17.910","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":7.3,"cvss_severity":"HIGH","description_excerpt":"A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has be","cwes_json":"[\"CWE-22\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7519"},{"cve_id":"CVE-2026-7518","published":"2026-05-01T01:16:17.307","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":4.3,"cvss_severity":"MEDIUM","description_excerpt":"A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amf_namf_callback_handle_sdm_data_change_notify of the file /namf-callback/v1/{id}/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes ","cwes_json":"[\"CWE-404\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7518"},{"cve_id":"CVE-2026-7513","published":"2026-05-01T00:16:25.443","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":8.8,"cvss_severity":"HIGH","description_excerpt":"A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public ","cwes_json":"[\"CWE-119\",\"CWE-120\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7513"},{"cve_id":"CVE-2026-7512","published":"2026-05-01T00:16:25.257","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":8.8,"cvss_severity":"HIGH","description_excerpt":"A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.","cwes_json":"[\"CWE-119\",\"CWE-120\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7512"},{"cve_id":"CVE-2026-5656","published":"2026-05-01T00:16:25.097","last_modified":"2026-05-01T19:23:19.983","vuln_status":"Analyzed","cvss_base_score":7,"cvss_severity":"HIGH","description_excerpt":"Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution","cwes_json":"[\"CWE-22\"]","affected_products":"[\"wireshark:wireshark\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-5656"},{"cve_id":"CVE-2026-5405","published":"2026-05-01T00:16:24.963","last_modified":"2026-05-04T20:16:20.830","vuln_status":"Modified","cvss_base_score":7.8,"cvss_severity":"HIGH","description_excerpt":"RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution","cwes_json":"[\"CWE-122\",\"CWE-787\"]","affected_products":"[\"wireshark:wireshark\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-5405"},{"cve_id":"CVE-2026-5404","published":"2026-05-01T00:16:24.820","last_modified":"2026-05-01T19:22:11.793","vuln_status":"Analyzed","cvss_base_score":4.7,"cvss_severity":"MEDIUM","description_excerpt":"K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service","cwes_json":"[\"CWE-120\"]","affected_products":"[\"wireshark:wireshark\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-5404"},{"cve_id":"CVE-2026-5403","published":"2026-05-01T00:16:24.670","last_modified":"2026-05-01T19:18:04.737","vuln_status":"Analyzed","cvss_base_score":7.8,"cvss_severity":"HIGH","description_excerpt":"SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution","cwes_json":"[\"CWE-122\",\"CWE-787\"]","affected_products":"[\"wireshark:wireshark\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-5403"},{"cve_id":"CVE-2026-22726","published":"2026-05-01T00:16:23.650","last_modified":"2026-05-04T18:30:01.760","vuln_status":"Analyzed","cvss_base_score":5,"cvss_severity":"MEDIUM","description_excerpt":"Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on interna","cwes_json":"[\"CWE-923\"]","affected_products":"[\"cloudfoundry:cf-deployment\",\"cloudfoundry:routing_release\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22726"},{"cve_id":"CVE-2026-7510","published":"2026-04-30T23:16:21.300","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":6.3,"cvss_severity":"MEDIUM","description_excerpt":"A vulnerability was determined in OWAP DefectDojo up to 2.55.4. Affected by this vulnerability is an unknown functionality of the component Benchmark/Engagement/Product/Survey. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. The exp","cwes_json":"[\"CWE-285\",\"CWE-639\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7510"},{"cve_id":"CVE-2026-7508","published":"2026-04-30T23:16:21.097","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":6.3,"cvss_severity":"MEDIUM","description_excerpt":"A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the at","cwes_json":"[\"CWE-74\",\"CWE-94\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7508"},{"cve_id":"CVE-2026-7506","published":"2026-04-30T23:16:20.917","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":7.3,"cvss_severity":"HIGH","description_excerpt":"A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument room_type leads to sql injection. The attack may be launched remotely. The exploit has been d","cwes_json":"[\"CWE-74\",\"CWE-89\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7506"},{"cve_id":"CVE-2026-7505","published":"2026-04-30T23:16:20.740","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":7.3,"cvss_severity":"HIGH","description_excerpt":"A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used. Upgr","cwes_json":"[\"CWE-266\",\"CWE-285\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7505"},{"cve_id":"CVE-2026-4178","published":"2026-04-30T23:16:20.657","last_modified":"2026-04-30T23:16:20.657","vuln_status":"Rejected","cvss_base_score":null,"cvss_severity":null,"description_excerpt":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.","cwes_json":"[]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4178"},{"cve_id":"CVE-2026-28909","published":"2026-04-30T23:16:20.437","last_modified":"2026-05-04T18:22:48.623","vuln_status":"Analyzed","cvss_base_score":6.5,"cvss_severity":"MEDIUM","description_excerpt":"Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3.","cwes_json":"[\"CWE-522\"]","affected_products":"[\"apple:container\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28909"},{"cve_id":"CVE-2026-7551","published":"2026-04-30T22:16:27.097","last_modified":"2026-05-04T18:22:28.753","vuln_status":"Analyzed","cvss_base_score":8.8,"cvss_severity":"HIGH","description_excerpt":"HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text ","cwes_json":"[\"CWE-78\"]","affected_products":"[\"hkuds:openharness\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7551"},{"cve_id":"CVE-2026-7503","published":"2026-04-30T22:16:26.920","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":8.8,"cvss_severity":"HIGH","description_excerpt":"A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cste_modules/wireless.so of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument wepkey2 results in buffer overflow. Th","cwes_json":"[\"CWE-119\",\"CWE-120\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7503"},{"cve_id":"CVE-2026-7502","published":"2026-04-30T22:16:26.710","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":5.4,"cvss_severity":"MEDIUM","description_excerpt":"A security vulnerability has been detected in LinkStackOrg LinkStack up to 4.8.6. The affected element is the function saveLink of the file app/Http/Controllers/UserController.php of the component Management Endpoint. The manipulation leads to authorization bypass. The attack can","cwes_json":"[\"CWE-285\",\"CWE-639\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7502"},{"cve_id":"CVE-2026-6543","published":"2026-04-30T22:16:26.467","last_modified":"2026-05-11T17:04:58.980","vuln_status":"Analyzed","cvss_base_score":8.8,"cvss_severity":"HIGH","description_excerpt":"IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This allows reading sensitive environment variables (API keys, DB credentials), modifying files, or launching further attacks on","cwes_json":"[\"CWE-94\"]","affected_products":"[\"langflow:langflow_desktop\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6543"},{"cve_id":"CVE-2026-6542","published":"2026-04-30T22:16:26.340","last_modified":"2026-05-04T18:21:23.047","vuln_status":"Analyzed","cvss_base_score":6.5,"cvss_severity":"MEDIUM","description_excerpt":"IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow.","cwes_json":"[\"CWE-639\"]","affected_products":"[\"langflow:langflow\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6542"},{"cve_id":"CVE-2026-6389","published":"2026-04-30T22:16:26.207","last_modified":"2026-05-05T00:17:29.920","vuln_status":"Analyzed","cvss_base_score":8.8,"cvss_severity":"HIGH","description_excerpt":"IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster‑wide permissions, including unrestricted read access to all secrets. An attacker that compromises the operator or its service account can exfiltrate sensi","cwes_json":"[\"CWE-269\",\"NVD-CWE-noinfo\"]","affected_products":"[\"ibm:turbonomic_prometurbo_agent\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6389"},{"cve_id":"CVE-2026-40687","published":"2026-04-30T22:16:25.923","last_modified":"2026-05-01T19:17:51.200","vuln_status":"Analyzed","cvss_base_score":4.8,"cvss_severity":"MEDIUM","description_excerpt":"In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connection instance, or erroneous data processing that divulges data from uninitialized heap memory.","cwes_json":"[\"CWE-909\"]","affected_products":"[\"exim:exim\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40687"},{"cve_id":"CVE-2026-40686","published":"2026-04-30T22:16:25.787","last_modified":"2026-05-01T17:44:15.677","vuln_status":"Analyzed","cvss_base_score":3.7,"cvss_severity":"LOW","description_excerpt":"In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present (malformed UTF-8 header data). Information might be divulged within an error message produced during handling of an unrelated e-mail message.","cwes_json":"[\"CWE-125\"]","affected_products":"[\"exim:exim\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40686"},{"cve_id":"CVE-2026-40685","published":"2026-04-30T22:16:25.633","last_modified":"2026-05-01T17:51:06.830","vuln_status":"Analyzed","cvss_base_score":6.5,"cvss_severity":"MEDIUM","description_excerpt":"In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \\ skipping.","cwes_json":"[\"CWE-684\",\"CWE-787\"]","affected_products":"[\"exim:exim\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40685"},{"cve_id":"CVE-2026-40684","published":"2026-04-30T22:16:25.477","last_modified":"2026-05-01T18:16:15.343","vuln_status":"Modified","cvss_base_score":5.9,"cvss_severity":"MEDIUM","description_excerpt":"In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in octal printing.","cwes_json":"[\"CWE-684\"]","affected_products":"[\"exim:exim\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40684"},{"cve_id":"CVE-2026-3345","published":"2026-04-30T22:16:25.337","last_modified":"2026-05-11T17:05:14.423","vuln_status":"Analyzed","cvss_base_score":6.5,"cvss_severity":"MEDIUM","description_excerpt":"IBM Langflow Desktop <=1.8.4 Langflow could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system.","cwes_json":"[\"CWE-22\"]","affected_products":"[\"langflow:langflow_desktop\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-3345"},{"cve_id":"CVE-2026-2311","published":"2026-04-30T22:16:25.147","last_modified":"2026-05-01T19:33:39.563","vuln_status":"Analyzed","cvss_base_score":6.4,"cvss_severity":"MEDIUM","description_excerpt":"IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check.  A malicious actor could cause user-controlled code to run with administrator privilege.","cwes_json":"[\"CWE-284\"]","affected_products":"[\"ibm:i\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-2311"},{"cve_id":"CVE-2026-1577","published":"2026-04-30T22:16:25.017","last_modified":"2026-05-10T14:16:46.437","vuln_status":"Modified","cvss_base_score":6.5,"cvss_severity":"MEDIUM","description_excerpt":"IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic.","cwes_json":"[\"CWE-1284\",\"CWE-20\"]","affected_products":"[\"ibm:db2\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1577"},{"cve_id":"CVE-2025-36335","published":"2026-04-30T22:16:24.873","last_modified":"2026-05-12T19:25:00.013","vuln_status":"Analyzed","cvss_base_score":6.2,"cvss_severity":"MEDIUM","description_excerpt":"IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user.","cwes_json":"[\"CWE-256\"]","affected_products":"[\"ibm:watsonx.data\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-36335"},{"cve_id":"CVE-2025-36180","published":"2026-04-30T22:16:24.737","last_modified":"2026-05-12T19:23:30.040","vuln_status":"Analyzed","cvss_base_score":5.3,"cvss_severity":"MEDIUM","description_excerpt":"IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pods without restrictions.","cwes_json":"[\"CWE-923\"]","affected_products":"[\"ibm:watsonx.data\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-36180"},{"cve_id":"CVE-2025-36122","published":"2026-04-30T22:16:24.597","last_modified":"2026-05-01T17:52:18.300","vuln_status":"Analyzed","cvss_base_score":6.5,"cvss_severity":"MEDIUM","description_excerpt":"IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system resources.","cwes_json":"[\"CWE-770\"]","affected_products":"[\"ibm:db2\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-36122"},{"cve_id":"CVE-2025-14688","published":"2026-04-30T22:16:24.093","last_modified":"2026-05-01T17:52:29.293","vuln_status":"Analyzed","cvss_base_score":5.3,"cvss_severity":"MEDIUM","description_excerpt":"IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when certain configurations exi","cwes_json":"[\"CWE-1284\"]","affected_products":"[\"ibm:db2\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14688"},{"cve_id":"CVE-2026-7501","published":"2026-04-30T21:16:34.360","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":3.5,"cvss_severity":"LOW","description_excerpt":"A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument pageDescription can lead to cross site scripting. It is possible to launch the att","cwes_json":"[\"CWE-79\",\"CWE-94\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7501"},{"cve_id":"CVE-2026-7435","published":"2026-04-30T21:16:34.100","last_modified":"2026-05-04T14:16:36.650","vuln_status":"Deferred","cvss_base_score":7.2,"cvss_severity":"HIGH","description_excerpt":"SSCMS v7.4.0 contains a SQL injection vulnerability in the stl:sqlContent tag where the queryString attribute is passed directly to database execution without parameterization or sanitization. Attackers can craft encrypted payloads submitted to the /api/stl/actions/dynamic endpoi","cwes_json":"[\"CWE-89\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7435"}]}