CVE ID :CVE-2026-5815 Published : April 9, 2026, 12:16 a.m. | 22 minutes ago Description :A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function hedwigcgi_main of the file /cgi-bin/hedwig.cgi. The…
CVE-2026-5173 – Exposed Dangerous Method or Function in GitLab
CVE ID :CVE-2026-5173 Published : April 8, 2026, 11:17 p.m. | 1 hour, 21 minutes ago Description :GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.9 before…
CVE-2026-3199 – Nexus Repository 3 – Authenticated Remote Code Execution via Task Property Injection
CVE ID :CVE-2026-3199 Published : April 8, 2026, 11:16 p.m. | 1 hour, 21 minutes ago Description :A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 through 3.90.2 allows an…
CVE-2026-40035 – Unfurl – Werkzeug Debugger Exposure via String Config Parsing
CVE ID :CVE-2026-40035 Published : April 8, 2026, 10:16 p.m. | 2 hours, 22 minutes ago Description :Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode…
CVE-2026-5436 – MW WP Form <= 5.1.1 – Unauthenticated Arbitrary File Move via regenerate_upload_file_keys
CVE ID :CVE-2026-5436 Published : April 8, 2026, 9:17 p.m. | 3 hours, 21 minutes ago Description :The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up…
CVE-2026-5747 – Out-of-bounds Write in Firecracker virtio-pci Transport
CVE ID :CVE-2026-5747 Published : April 8, 2026, 12:16 a.m. | 22 minutes ago Description :An out-of-bounds write issue in the virtio PCI transport in Amazon Firecracker 1.13.0 through 1.14.3 and 1.15.0 on…
CVE-2026-1342 – Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access
CVE ID :CVE-2026-1342 Published : April 8, 2026, 12:16 a.m. | 22 minutes ago Description :IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and…
CVE-2026-39937 – Global vanishing does not completely remove user email
CVE ID :CVE-2026-39937 Published : April 7, 2026, 10:16 p.m. | 2 hours, 22 minutes ago Description :Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki – CentralAuth…
CVE-2026-39933 – Multiple XSS vulnerabilities in GlobalWatchlist
CVE ID :CVE-2026-39933 Published : April 7, 2026, 10:16 p.m. | 2 hours, 22 minutes ago Description :Improper neutralization of input during web page generation (‘cross-site scripting’) vulnerability in The Wikimedia Foundation Mediawiki –…
CVE-2026-39847 – Emmett has a path traversal in internal assets handler
CVE ID :CVE-2026-39847 Published : April 7, 2026, 10:16 p.m. | 2 hours, 22 minutes ago Description :Emmett is a full-stack Python web framework designed with simplicity. From 2.5.0 to before 2.8.1, the RSGI…