| high |
CVE-2026-5935 — IBM Total Storage Service Console (TSSC) / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow a… |
vulnerability |
nvd |
CVE-2026-5935 |
|
2026-04-23 |
| medium |
CVE-2026-5926 — IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10… |
vulnerability |
nvd |
CVE-2026-5926 |
|
2026-04-23 |
| medium |
CVE-2026-4919 — IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows a… |
vulnerability |
nvd |
CVE-2026-4919 |
|
2026-04-23 |
| medium |
CVE-2026-4918 — IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability a… |
vulnerability |
nvd |
CVE-2026-4918 |
|
2026-04-23 |
| medium |
CVE-2026-4917 — IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the… |
vulnerability |
nvd |
CVE-2026-4917 |
|
2026-04-23 |
| unknown |
CVE-2026-41176 — Rclone is a command-line program to sync files and directories to and from different cloud storage p… |
vulnerability |
nvd |
CVE-2026-41176, CVE-2026-41179 |
|
2026-04-23 |
| unknown |
CVE-2026-40062 — A path Traversal vulnerability exists in Ziostation2 v2.9.8.7 and earlier. A remote unauthenticated… |
vulnerability |
nvd |
CVE-2026-40062 |
|
2026-04-23 |
| high |
CVE-2026-3621 — IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Serve… |
vulnerability |
nvd |
CVE-2026-3621 |
|
2026-04-23 |
| unknown |
CVE-2026-32679 — The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerF… |
vulnerability |
nvd |
CVE-2026-32679 |
|
2026-04-23 |
| unknown |
CVE-2026-29198 — In Rocket.Chat <8.3.0, <8.2.1, <8.1.2, <8.0.3, <7.13.5, <7.12.6, <7.11.6, and <7.10.9, a NoSQL injec… |
vulnerability |
nvd |
CVE-2026-29198 |
|
2026-04-23 |
| unknown |
CVE-2026-1726 — IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1 |
vulnerability |
nvd |
CVE-2026-1726 |
|
2026-04-23 |
| medium |
CVE-2026-1352 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 C… |
vulnerability |
nvd |
CVE-2026-1352 |
|
2026-04-23 |
| medium |
CVE-2026-1274 — IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerabi… |
vulnerability |
nvd |
CVE-2026-1274 |
|
2026-04-23 |
| low |
CVE-2026-1272 — IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to Security Misconfiguration vulnera… |
vulnerability |
nvd |
CVE-2026-1272 |
|
2026-04-23 |
| medium |
CVE-2025-36074 — IBM Security Verify Directory (Container) 10.0.0 through 10.0.0.3 IBM Security Verify Directory coul… |
vulnerability |
nvd |
CVE-2025-36074 |
|
2026-04-23 |
| high |
CVE-2026-41455 — WeKan before 8.35 contains a server-side request forgery vulnerability in webhook integration URL ha… |
vulnerability |
nvd |
CVE-2026-41455 |
|
2026-04-22 |
| high |
CVE-2026-41454 — WeKan before 8.35 contains a missing authorization vulnerability in the Integration REST API endpoin… |
vulnerability |
nvd |
CVE-2026-41454 |
|
2026-04-22 |
| high |
CVE-2026-41175 — Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.20 and… |
vulnerability |
nvd |
CVE-2026-41175 |
|
2026-04-22 |
| unknown |
CVE-2026-41171 — Squidex is an open source headless content management system and content management hub. Versions pr… |
vulnerability |
nvd |
CVE-2026-41171 |
|
2026-04-22 |
| medium |
CVE-2026-41170 — Squidex is an open source headless content management system and content management hub. Prior to ve… |
vulnerability |
nvd |
CVE-2026-41170, CVE-2026-41172, CVE-2026-41177 |
|
2026-04-22 |
| high |
CVE-2026-40517 — radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars()… |
vulnerability |
nvd |
CVE-2026-40517 |
|
2026-04-22 |
| unknown |
CVE-2026-41168 — pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability presen… |
vulnerability |
nvd |
CVE-2026-41168, CVE-2026-41312, CVE-2026-41313, CVE-2026-41314 |
|
2026-04-22 |
| critical |
CVE-2026-41167 — Jellystat is a free and open source Statistics App for Jellyfin. Prior to version 1.1.10, multiple A… |
vulnerability |
nvd |
CVE-2026-41167 |
rce |
2026-04-22 |
| high |
CVE-2026-41166 — OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has `w… |
vulnerability |
nvd |
CVE-2026-41166 |
|
2026-04-22 |
| unknown |
CVE-2026-41134 — Kiota is an OpenAPI based HTTP Client code generator. Versions prior to 1.31.1 are affected by a cod… |
vulnerability |
nvd |
CVE-2026-41134 |
|
2026-04-22 |
| high |
CVE-2026-40937 — RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-alpha.94, all four notif… |
vulnerability |
nvd |
CVE-2026-40937 |
|
2026-04-22 |
| high |
CVE-2026-40882 — OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.0, the Velbus asset… |
vulnerability |
nvd |
CVE-2026-40882 |
|
2026-04-22 |
| unknown |
CVE-2026-3837 — An authenticated attacker can persist crafted values in multiple field types and trigger client-side… |
vulnerability |
nvd |
CVE-2026-3837 |
|
2026-04-22 |
| medium |
CVE-2026-34067 — nimiq-transaction provides the transaction primitive to be used in Nimiq's Rust implementation. Prio… |
vulnerability |
nvd |
CVE-2026-34067, CVE-2026-34068 |
|
2026-04-22 |
| high |
CVE-2026-33733 — EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, the… |
vulnerability |
nvd |
CVE-2026-33733 |
|
2026-04-22 |
| critical |
CVE-2026-33656 — EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, Espo… |
vulnerability |
nvd |
CVE-2026-33656 |
|
2026-04-22 |
| unknown |
Apple fixes iOS bug that retained deleted notification data |
news |
general-news |
|
|
2026-04-22 |
| critical |
'The Gentlemen' Rapidly Rises to Ransomware Prominence |
news |
general-news |
|
ransomware |
2026-04-22 |
| unknown |
North Korean hackers siphon more than $12 million from crypto users in sprawling campaign |
news |
general-news |
|
|
2026-04-22 |
| unknown |
CVE-2026-6019 — http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript… |
vulnerability |
nvd |
CVE-2026-6019 |
|
2026-04-22 |
| unknown |
CVE-2026-3673 — An authenticated attacker can store a crafted tag value in _user_tags and trigger JavaScript executi… |
vulnerability |
nvd |
CVE-2026-3673 |
|
2026-04-22 |
| medium |
CVE-2026-34066 — nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version… |
vulnerability |
nvd |
CVE-2026-34066 |
|
2026-04-22 |
| high |
CVE-2026-34065 — nimiq-primitives contains primitives (e.g., block, account, transaction) to be used in Nimiq's Rust… |
vulnerability |
nvd |
CVE-2026-34065 |
|
2026-04-22 |
| medium |
CVE-2026-34064 — nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to versio… |
vulnerability |
nvd |
CVE-2026-34064 |
|
2026-04-22 |
| high |
CVE-2026-34063 — Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, `n… |
vulnerability |
nvd |
CVE-2026-34063 |
|
2026-04-22 |
| medium |
CVE-2026-34062 — nimiq-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, `MessageCode… |
vulnerability |
nvd |
CVE-2026-34062 |
|
2026-04-22 |
| critical |
CVE-2026-33471 — nimiq-block contains block primitives to be used in Nimiq's Rust implementation. `SkipBlockProof::ve… |
vulnerability |
nvd |
CVE-2026-33471 |
|
2026-04-22 |
| critical |
New Mirai campaign exploits RCE flaw in EoL D-Link routers |
news |
general-news |
|
botnet, rce |
2026-04-22 |
| medium |
CVE-2026-41469 — Beghelli Sicuro24 SicuroWeb does not enforce a Content Security Policy, allowing unrestricted loadin… |
vulnerability |
nvd |
CVE-2026-41469 |
|
2026-04-22 |
| high |
CVE-2026-41468 — Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbo… |
vulnerability |
nvd |
CVE-2026-41468 |
|
2026-04-22 |
| medium |
CVE-2026-41459 — Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that… |
vulnerability |
nvd |
CVE-2026-41459 |
|
2026-04-22 |
| critical |
CVE-2026-34415 — Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability… |
vulnerability |
nvd |
CVE-2026-34415 |
|
2026-04-22 |
| high |
CVE-2026-34414 — Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in t… |
vulnerability |
nvd |
CVE-2026-34414 |
rce |
2026-04-22 |
| high |
CVE-2026-34413 — Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in th… |
vulnerability |
nvd |
CVE-2026-34413 |
rce |
2026-04-22 |
| unknown |
CVE-2026-28950 — A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iP… |
vulnerability |
nvd |
CVE-2026-28950 |
|
2026-04-22 |