CVE ID :CVE-2026-41179 Published : April 23, 2026, 12:16 a.m. | 1 hour, 51 minutes ago Description :Rclone is a command-line program to sync files and directories to and from different cloud storage providers….
CVE-2026-41176 – Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution
CVE ID :CVE-2026-41176 Published : April 23, 2026, 12:16 a.m. | 1 hour, 51 minutes ago Description :Rclone is a command-line program to sync files and directories to and from different cloud storage providers….
CVE-2026-40062 – Ziostation2 Path Traversal Vulnerability
CVE ID :CVE-2026-40062 Published : April 23, 2026, 12:16 a.m. | 1 hour, 51 minutes ago Description :A path Traversal vulnerability exists in Ziostation2 v2.9.8.7 and earlier. A remote unauthenticated attacker may get sensitive…
CVE-2026-32679 – Canon Network Camera Plugin DLL Loading Vulnerability
CVE ID :CVE-2026-32679 Published : April 23, 2026, 12:16 a.m. | 1 hour, 51 minutes ago Description :The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network…
CVE-2026-41455 – WeKan < 8.35 SSRF via Webhook URL
CVE ID :CVE-2026-41455 Published : April 22, 2026, 10:16 p.m. | 1 hour, 51 minutes ago Description :WeKan before 8.35 contains a server-side request forgery vulnerability in webhook integration URL handling where the url schema…
CVE-2026-41454 – WeKan < 8.35 Missing Authorization via Integration REST API
CVE ID :CVE-2026-41454 Published : April 22, 2026, 10:16 p.m. | 1 hour, 51 minutes ago Description :WeKan before 8.35 contains a missing authorization vulnerability in the Integration REST API endpoints that allows authenticated board…
CVE-2026-41175 – Statamic: Unsafe method invocation via query value resolution allows data destruction
CVE ID :CVE-2026-41175 Published : April 22, 2026, 10:16 p.m. | 1 hour, 51 minutes ago Description :Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.20 and 6.13.0,…
CVE-2026-41167 – Jellystat has SQL Injection that leads to to Remote Code Execution
CVE ID :CVE-2026-41167 Published : April 22, 2026, 9:17 p.m. | 2 hours, 51 minutes ago Description :Jellystat is a free and open source Statistics App for Jellyfin. Prior to version 1.1.10, multiple API…
CVE-2026-40937 – RustFS missing admin authorization on notification target endpoints, which allows unauthenticated configuration of event webhooks
CVE ID :CVE-2026-40937 Published : April 22, 2026, 9:17 p.m. | 2 hours, 51 minutes ago Description :RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-alpha.94, all four notification target…
CVE-2026-41145 – MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads
CVE ID :CVE-2026-41145 Published : April 22, 2026, 1:16 a.m. | 50 minutes ago Description :MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability…