| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-23821 | — | Hig | 0.47 | 7.2 | 0.01 | May 12, 2026 | A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on… | |
| CVE-2026-23820 | — | Hig | 0.47 | 7.2 | 0.01 | May 12, 2026 | A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary… | |
| CVE-2026-23819 | — | Hig | 0.57 | 8.8 | 0.00 | May 12, 2026 | A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an… | |
| CVE-2026-44184 | — | Hig | 0.52 | 8.0 | 0.00 | May 12, 2026 | Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, Cleanuparr's global CORS policy reflects every request Origin and combines it with AllowCredentials(). When… | |
| CVE-2026-44167 | Hig | 0.42 | 7.5 | 0.00 | May 12, 2026 | phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and… | ||
| CVE-2026-44166 | Hig | 0.42 | 7.6 | 0.00 | May 12, 2026 | Pocketbase is an open source web backend written in go. Prior to 0.22.42 and 0.37.4, in some situations, if an attacker knows the email address of the victim they can create and link an unverified PocketBase user in advance by authenticating with one of the OAuth2 app providers,… | ||
| CVE-2026-43929 | Hig | 0.53 | 8.2 | 0.00 | May 12, 2026 | ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address (e.g. http://[::ffff:127.0.0.1]/). The… | ||
| CVE-2026-43892 | Hig | 0.50 | 8.8 | 0.00 | May 12, 2026 | AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16. | ||
| CVE-2026-43891 | Hig | 0.49 | 7.5 | 0.00 | May 12, 2026 | changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored,… | ||
| CVE-2026-42899 | Hig | 0.42 | 7.5 | 0.02 | May 12, 2026 | Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network. | ||
| CVE-2026-42896 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-42893 | Hig | 0.48 | 7.4 | 0.00 | May 12, 2026 | Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to perform tampering over a network. | ||
| CVE-2026-42832 | Hig | 0.50 | 7.7 | 0.00 | May 12, 2026 | Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally. | ||
| CVE-2026-42831 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-42825 | Hig | 0.46 | 7.0 | 0.00 | May 12, 2026 | Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-42141 | — | Hig | 0.50 | 7.7 | 0.00 | May 12, 2026 | Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Server-Side Request Forgery (SSRF) vulnerability in the Xibo CMS allows users with Library upload permissions to make… | |
| CVE-2026-41895 | Hig | 0.42 | 7.5 | 0.00 | May 12, 2026 | changedetection.io is a free open source web page change detection tool. In 0.54.9 and earlier, xpath_filter() switches to XML mode for XML/RSS content and creates etree.XMLParser(strip_cdata=False) without explicitly disabling external entity resolution, external DTD loading,… | ||
| CVE-2026-41613 | — | Hig | 0.57 | 8.8 | 0.01 | May 12, 2026 | Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. | |
| CVE-2026-41611 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Improper neutralization of script-related html tags in a web page (basic xss) in Visual Studio Code allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-41109 | Hig | 0.57 | 8.8 | 0.01 | May 12, 2026 | Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network. | ||
| CVE-2026-41107 | Hig | 0.48 | 7.4 | 0.01 | May 12, 2026 | External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2026-41102 | Hig | 0.46 | 7.1 | 0.00 | May 12, 2026 | Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally. | ||
| CVE-2026-41101 | Hig | 0.46 | 7.1 | 0.00 | May 12, 2026 | Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally. | ||
| CVE-2026-41095 | — | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally. | |
| CVE-2026-41094 | Hig | 0.57 | 8.8 | 0.01 | May 12, 2026 | Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network. | ||
| CVE-2026-41088 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-41086 | Hig | 0.57 | 8.8 | 0.00 | May 12, 2026 | Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network. | ||
| CVE-2026-40420 | Hig | 0.57 | 8.8 | 0.00 | May 12, 2026 | Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40419 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40418 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40417 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40415 | — | Hig | 0.53 | 8.1 | 0.01 | May 12, 2026 | Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network. | |
| CVE-2026-40414 | Hig | 0.48 | 7.4 | 0.01 | May 12, 2026 | Windows TCP/IP Denial of Service Vulnerability | ||
| CVE-2026-40413 | Hig | 0.48 | 7.4 | 0.00 | May 12, 2026 | Windows TCP/IP Denial of Service Vulnerability | ||
| CVE-2026-40410 | Hig | 0.46 | 7.0 | 0.00 | May 12, 2026 | Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40408 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40407 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40406 | Hig | 0.49 | 7.5 | 0.01 | May 12, 2026 | Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2026-40405 | Hig | 0.49 | 7.5 | 0.01 | May 12, 2026 | Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network. | ||
| CVE-2026-40403 | Hig | 0.57 | 8.8 | 0.00 | May 12, 2026 | Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally. | ||
| CVE-2026-40401 | Hig | 0.46 | 7.1 | 0.00 | May 12, 2026 | Windows TCP/IP Denial of Service Vulnerability | ||
| CVE-2026-40399 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40398 | — | Hig | 0.51 | 7.8 | 0.02 | May 12, 2026 | Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. | |
| CVE-2026-40397 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40382 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40381 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40377 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40370 | — | Hig | 0.57 | 8.8 | 0.01 | May 12, 2026 | External control of file name or path in SQL Server allows an authorized attacker to execute code over a network. | |
| CVE-2026-40369 | Hig | 0.51 | 7.8 | 0.05 | May 12, 2026 | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-40368 | Hig | 0.52 | 8.0 | 0.02 | May 12, 2026 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. |
- risk 0.47cvss 7.2epss 0.01
A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on…
- risk 0.47cvss 7.2epss 0.01
A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary…
- risk 0.57cvss 8.8epss 0.00
A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an…
- risk 0.52cvss 8.0epss 0.00
Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, Cleanuparr's global CORS policy reflects every request Origin and combines it with AllowCredentials(). When…
- risk 0.42cvss 7.5epss 0.00
phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and…
- risk 0.42cvss 7.6epss 0.00
Pocketbase is an open source web backend written in go. Prior to 0.22.42 and 0.37.4, in some situations, if an attacker knows the email address of the victim they can create and link an unverified PocketBase user in advance by authenticating with one of the OAuth2 app providers,…
- risk 0.53cvss 8.2epss 0.00
ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address (e.g. http://[::ffff:127.0.0.1]/). The…
- risk 0.50cvss 8.8epss 0.00
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16.
- risk 0.49cvss 7.5epss 0.00
changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored,…
- risk 0.42cvss 7.5epss 0.02
Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.
- risk 0.51cvss 7.8epss 0.00
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- risk 0.48cvss 7.4epss 0.00
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to perform tampering over a network.
- risk 0.50cvss 7.7epss 0.00
Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
- risk 0.50cvss 7.7epss 0.00
Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Server-Side Request Forgery (SSRF) vulnerability in the Xibo CMS allows users with Library upload permissions to make…
- risk 0.42cvss 7.5epss 0.00
changedetection.io is a free open source web page change detection tool. In 0.54.9 and earlier, xpath_filter() switches to XML mode for XML/RSS content and creates etree.XMLParser(strip_cdata=False) without explicitly disabling external entity resolution, external DTD loading,…
- risk 0.57cvss 8.8epss 0.01
Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
- risk 0.51cvss 7.8epss 0.00
Improper neutralization of script-related html tags in a web page (basic xss) in Visual Studio Code allows an unauthorized attacker to execute code locally.
- risk 0.57cvss 8.8epss 0.01
Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network.
- risk 0.48cvss 7.4epss 0.01
External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
- risk 0.46cvss 7.1epss 0.00
Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally.
- risk 0.46cvss 7.1epss 0.00
Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally.
- risk 0.57cvss 8.8epss 0.01
Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network.
- risk 0.51cvss 7.8epss 0.00
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.57cvss 8.8epss 0.00
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
- risk 0.57cvss 8.8epss 0.00
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally.
- risk 0.53cvss 8.1epss 0.01
Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
- risk 0.48cvss 7.4epss 0.01
Windows TCP/IP Denial of Service Vulnerability
- risk 0.48cvss 7.4epss 0.00
Windows TCP/IP Denial of Service Vulnerability
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- risk 0.49cvss 7.5epss 0.01
Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.
- risk 0.49cvss 7.5epss 0.01
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network.
- risk 0.57cvss 8.8epss 0.00
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
- risk 0.46cvss 7.1epss 0.00
Windows TCP/IP Denial of Service Vulnerability
- risk 0.51cvss 7.8epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.02
Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
- risk 0.57cvss 8.8epss 0.01
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.
- risk 0.51cvss 7.8epss 0.05
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
- risk 0.52cvss 8.0epss 0.02
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.