CVE ID :CVE-2026-41145 Published : April 22, 2026, 1:16 a.m. | 50 minutes ago Description :MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability…
CVE-2026-40344 – MinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer Uploads
CVE ID :CVE-2026-40344 Published : April 22, 2026, 1:16 a.m. | 50 minutes ago Description :MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability…
CVE-2026-41304 – WWBN AVideo vulnerable to RCE caused by clonesite plugin
CVE ID :CVE-2026-41304 Published : April 22, 2026, 12:16 a.m. | 1 hour, 49 minutes ago Description :WWBN AVideo is an open source video platform. In versions 29.0 and below, the `cloneServer.json.php` endpoint in…
CVE-2026-41133 – pyLoad has Stale Session Privilege After Role/Permission Change (Privilege Revocation Bypass)
CVE ID :CVE-2026-41133 Published : April 22, 2026, 12:16 a.m. | 1 hour, 49 minutes ago Description :pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97…
CVE-2026-41064 – AVideo has an incomplete fix for CVE-2026-33502 (Command Injection)
CVE ID :CVE-2026-41064 Published : April 22, 2026, 12:16 a.m. | 1 hour, 49 minutes ago Description :WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete…
CVE-2026-5921 – Server-Side Request Forgery in GitHub Enterprise Server allowed extraction of sensitive environment variables via timing side-channel attack
CVE ID :CVE-2026-5921 Published : April 21, 2026, 11:16 p.m. | 49 minutes ago Description :A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract…
CVE-2026-4821 – Proxy configuration command injection vulnerability found in GitHub Enterprise Server Management Console configuration API
CVE ID :CVE-2026-4821 Published : April 21, 2026, 11:16 p.m. | 49 minutes ago Description :An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Management…
CVE-2026-41058 – AVideo has an incomplete fix for CVE-2026-33293 (Path Traversal) in AVideo
CVE ID :CVE-2026-41058 Published : April 21, 2026, 11:16 p.m. | 49 minutes ago Description :WWBN AVideo is an open source video platform. In versions 29.0 and below, the incomplete fix for AVideo’s…
CVE-2026-41056 – AVideos has CORS Origin Reflection with Credentials on Sensitive API Endpoints that Enables Cross-Origin Account Takeover
CVE ID :CVE-2026-41056 Published : April 21, 2026, 11:16 p.m. | 49 minutes ago Description :WWBN AVideo is an open source video platform. In versions 29.0 and below, the `allowOrigin($allowAll=true)` function in `objects/functions.php`…
CVE-2026-41055 – AVideo has an incomplete fix for CVE-2026-33039 (SSRF)
CVE ID :CVE-2026-41055 Published : April 21, 2026, 11:16 p.m. | 49 minutes ago Description :WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete SSRF fix in…