CVE Database

110702+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-6543
8.8 HIGH

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This allows reading …

Apr 30, 2026
CVE-2026-6542
6.5 MEDIUM

IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging to other …

Apr 30, 2026
CVE-2026-6389
8.8 HIGH

IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster‑wide permissions, including unrestricted read access to all secrets. An attacker …

Apr 30, 2026
CVE-2026-40687
4.8 MEDIUM

In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the …

Apr 30, 2026
CVE-2026-40686
3.7 LOW

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present (malformed UTF-8 header data). …

Apr 30, 2026
CVE-2026-40685
6.5 MEDIUM

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted …

Apr 30, 2026
CVE-2026-40684
5.9 MEDIUM

In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in …

Apr 30, 2026
CVE-2026-3345
6.5 MEDIUM

IBM Langflow Desktop <=1.8.4 Langflow could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request …

Apr 30, 2026
CVE-2026-2311
6.4 MEDIUM

IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check. A …

Apr 30, 2026
CVE-2026-1577
6.5 MEDIUM

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause …

Apr 30, 2026
CVE-2025-36335
6.2 MEDIUM

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user.

Apr 30, 2026
CVE-2025-36180
5.3 MEDIUM

IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pods without …

Apr 30, 2026
CVE-2025-36122
6.5 MEDIUM

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause …

Apr 30, 2026
CVE-2025-14688
5.3 MEDIUM

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause …

Apr 30, 2026
CVE-2026-7501
3.5 LOW

A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the …

Apr 30, 2026
CVE-2026-7435
7.2 HIGH

SSCMS v7.4.0 contains a SQL injection vulnerability in the stl:sqlContent tag where the queryString attribute is passed directly to database execution without parameterization or sanitization. …

Apr 30, 2026
CVE-2026-6539
4.4 MEDIUM

Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure …

Apr 30, 2026
CVE-2026-4503
7.5 HIGH

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference through a …

Apr 30, 2026
CVE-2026-4502
6.5 MEDIUM

IBM Langflow Desktop 1.2.0 through 1.8.4 Langflow could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially crafted …

Apr 30, 2026
CVE-2026-41263
3.7 LOW

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a timing side-channel vulnerability in Traefik's BasicAuth …

Apr 30, 2026
CVE-2026-41174
6.4 MEDIUM

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a potential vulnerability in Traefik's Kubernetes CRD …

Apr 30, 2026
CVE-2026-40951
5.5 MEDIUM

CVE-2026-40951 is a memory corruption vulnerability on Secure Access Windows clients prior to 14.50. Attackers with local control of the Windows client can send malformed …

Apr 30, 2026
CVE-2026-40950
6.5 MEDIUM

CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access server prior to 14.50. Attackers with control of a modified client can send a specially …

Apr 30, 2026
CVE-2026-40949
4.4 MEDIUM

CVE-2026-40949 is a buffer overflow vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can use …

Apr 30, 2026
CVE-2026-40912
8.2 HIGH

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in …

Apr 30, 2026
CVE-2026-3346
6.4 MEDIUM

IBM Langflow Desktop 1.6.0 through 1.8.4 Lanflow is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in …

Apr 30, 2026
CVE-2026-3340
6.5 MEDIUM

IBM Langflow Desktop 1.0.0 through 1.8.4 IBM Langflow is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests …

Apr 30, 2026
CVE-2026-39858
10.0 CRITICAL

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in …

Apr 30, 2026
CVE-2026-35051
10.0 CRITICAL

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is an authentication bypass vulnerability in Traefik's ForwardAuth …

Apr 30, 2026
CVE-2026-33452
5.5 MEDIUM

CVE-2026-33452 is a buffer overflow vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can use …

Apr 30, 2026
CVE-2026-33451
7.8 HIGH

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send …

Apr 30, 2026
CVE-2026-33450
5.5 MEDIUM

CVE-2026-33450 is an out of bounds read vulnerability in the Secure Access MacOS client prior to 14.50. Attackers with control of a modified server can …

Apr 30, 2026
CVE-2026-33449
7.5 HIGH

CVE-2026-33449 is a buffer overflow in a message handling function of the Secure Access client prior to 14.50. Attackers with control of a modified server …

Apr 30, 2026
CVE-2026-28532
6.5 MEDIUM

FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16_t accumulator variable truncates …

Apr 30, 2026
CVE-2026-7429
4.6 MEDIUM

SSCMS v7.4.0 contains a reflected cross-site scripting vulnerability in the STL processing endpoint that allows attackers to execute arbitrary JavaScript by crafting malicious STL template …

Apr 30, 2026
CVE-2026-33448
3.3 LOW

CVE-2026-33448 is a format string vulnerability in the logging subsystem of Secure Access client for MacOS prior to 14.50. Attackers with control of a modified …

Apr 30, 2026
CVE-2026-33447
9.8 CRITICAL

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server …

Apr 30, 2026
CVE-2026-33446
9.8 CRITICAL

CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can …

Apr 30, 2026
CVE-2025-56568
7.5 HIGH

Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to …

Apr 30, 2026
CVE-2025-46115
7.5 HIGH

An issue in open5gs v.2.7.3 allows a remote attacker to cause a denial of service via a crafted PDU Session Modification Request

Apr 30, 2026
CVE-2026-7461
7.2 HIGH

Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before …

Apr 30, 2026
CVE-2026-40904
8.1 HIGH

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew …

Apr 30, 2026
CVE-2026-40603
6.5 MEDIUM

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew …

Apr 30, 2026
CVE-2026-40601
7.5 HIGH

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew …

Apr 30, 2026
CVE-2026-40600
8.1 HIGH

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew …

Apr 30, 2026
CVE-2026-40595
7.5 HIGH

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew …

Apr 30, 2026
CVE-2026-35514
6.5 MEDIUM

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, the …

Apr 30, 2026
CVE-2026-32148
5.9 MEDIUM

Insufficient Verification of Data Authenticity vulnerability in hexpm hex (Hex.RemoteConverger module) allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in …

Apr 30, 2026
CVE-2026-3833
6.5 MEDIUM

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints …

Apr 30, 2026
CVE-2026-3832
3.7 LOW

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during …

Apr 30, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.