CVE ID :CVE-2026-43913 Published : May 11, 2026, 11:20 p.m. | 1 hour, 5 minutes ago Description :Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner…
CVE-2026-43912 – Vaultwarden: Cross-Org Group Binding Enables Unauthorized Read And Write Access Into Another Organization
CVE ID :CVE-2026-43912 Published : May 11, 2026, 11:20 p.m. | 1 hour, 5 minutes ago Description :Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden does not enforce that a…
CVE-2026-43900 – DeepChat: Persistent DOM XSS via HTML Entity Encoding in “ SVG Rendering (Bypass of `svgSanitizer.ts`)
CVE ID :CVE-2026-43900 Published : May 11, 2026, 11:20 p.m. | 1 hour, 5 minutes ago Description :DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1,…
CVE-2026-43899 – DeepChat: Incomplete Fix for CVE-2025-55733 leads to Remote Code Execution via Markdown Links bypassing `isValidExternalUrl`
CVE ID :CVE-2026-43899 Published : May 11, 2026, 11:20 p.m. | 1 hour, 5 minutes ago Description :DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1,…
CVE-2026-34963 – barebox EFI PE Loader Memory Safety Vulnerabilities
CVE ID :CVE-2026-34963 Published : May 11, 2026, 11:19 p.m. | 1 hour, 5 minutes ago Description :barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where…
CVE-2022-50944 – Aero CMS 0.0.1 PHP Code Injection via posts.php
CVE ID :CVE-2022-50944 Published : May 10, 2026, 1:16 p.m. | 11 hours, 9 minutes ago Description :Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP…
CVE-2021-47949 – CyberPanel 2.1 Authenticated Remote Code Execution via Symlink Attack
CVE ID :CVE-2021-47949 Published : May 10, 2026, 1:16 p.m. | 11 hours, 9 minutes ago Description :CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute…
CVE-2021-47945 – Argus Surveillance DVR 4.0 Unquoted Service Path Privilege Escalation
CVE ID :CVE-2021-47945 Published : May 10, 2026, 1:16 p.m. | 11 hours, 9 minutes ago Description :Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local…
CVE-2021-47944 – memono Notepad 4.2 Denial of Service via Buffer Overflow
CVE ID :CVE-2021-47944 Published : May 10, 2026, 1:16 p.m. | 11 hours, 9 minutes ago Description :memono Notepad 4.2 contains a denial of service vulnerability that allows attackers to crash the application by…
CVE-2021-47943 – TextPattern CMS 4.8.7 Remote Code Execution via File Upload
CVE ID :CVE-2021-47943 Published : May 10, 2026, 1:16 p.m. | 11 hours, 9 minutes ago Description :TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands…