CVE ID :CVE-2026-6992 Published : April 25, 2026, 6:16 p.m. | 5 hours, 57 minutes ago Description :A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh…
CVE-2026-6988 – Tenda HG10 Boa Service formRouting formRoute buffer overflow
CVE ID :CVE-2026-6988 Published : April 25, 2026, 6:16 p.m. | 5 hours, 57 minutes ago Description :A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the…
CVE-2026-6951 – SimpleGit Remote Code Execution (RCE)
CVE ID :CVE-2026-6951 Published : April 25, 2026, 6:16 a.m. | 17 hours, 57 minutes ago Description :Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an…
CVE-2026-41478 – Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)
CVE ID :CVE-2026-41478 Published : April 24, 2026, 9:16 p.m. | 2 hours, 55 minutes ago Description :Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a…
CVE-2026-41473 – CyberPanel < 2.4.4 Unauthenticated API Access via AI Scanner Endpoints
CVE ID :CVE-2026-41473 Published : April 24, 2026, 9:16 p.m. | 2 hours, 55 minutes ago Description :CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that…
CVE-2026-41248 – Official Clerk JavaScript SDKs: Middleware-based route protection bypass
CVE ID :CVE-2026-41248 Published : April 24, 2026, 9:16 p.m. | 2 hours, 55 minutes ago Description :Clerk JavaScript is the official JavaScript repository for Clerk authentication. createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can…
CVE-2026-41503 – BACnet Stack: Out-of-Bounds Read in ReadPropertyMultiple Property Decoder via Deprecated Tag Parser
CVE ID :CVE-2026-41503 Published : April 24, 2026, 8:16 p.m. | 3 hours, 55 minutes ago Description :BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3,…
CVE-2026-41502 – BACnet Stack: Off-by-One Out-of-Bounds Read in ReadPropertyMultiple Object ID Decoder
CVE ID :CVE-2026-41502 Published : April 24, 2026, 8:16 p.m. | 3 hours, 55 minutes ago Description :BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3,…
CVE-2026-40630 – SenseLive X3050 Authentication bypass using an alternate path or channel
CVE ID :CVE-2026-40630 Published : April 23, 2026, 11:45 p.m. | 24 minutes ago Description :A vulnerability in SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper…
CVE-2026-41353 – OpenClaw < 2026.3.22 – allowProfiles Bypass via Profile Mutation and Runtime Selection
CVE ID :CVE-2026-41353 Published : April 23, 2026, 10:16 p.m. | 1 hour, 53 minutes ago Description :OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to…