CVE ID :CVE-2026-32679 Published : April 23, 2026, 12:16 a.m. | 1 hour, 51 minutes ago Description :The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network…
CVE-2026-41455 – WeKan < 8.35 SSRF via Webhook URL
CVE ID :CVE-2026-41455 Published : April 22, 2026, 10:16 p.m. | 1 hour, 51 minutes ago Description :WeKan before 8.35 contains a server-side request forgery vulnerability in webhook integration URL handling where the url schema…
CVE-2026-41454 – WeKan < 8.35 Missing Authorization via Integration REST API
CVE ID :CVE-2026-41454 Published : April 22, 2026, 10:16 p.m. | 1 hour, 51 minutes ago Description :WeKan before 8.35 contains a missing authorization vulnerability in the Integration REST API endpoints that allows authenticated board…
CVE-2026-41175 – Statamic: Unsafe method invocation via query value resolution allows data destruction
CVE ID :CVE-2026-41175 Published : April 22, 2026, 10:16 p.m. | 1 hour, 51 minutes ago Description :Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.20 and 6.13.0,…
CVE-2026-41167 – Jellystat has SQL Injection that leads to to Remote Code Execution
CVE ID :CVE-2026-41167 Published : April 22, 2026, 9:17 p.m. | 2 hours, 51 minutes ago Description :Jellystat is a free and open source Statistics App for Jellyfin. Prior to version 1.1.10, multiple API…
CVE-2026-40937 – RustFS missing admin authorization on notification target endpoints, which allows unauthenticated configuration of event webhooks
CVE ID :CVE-2026-40937 Published : April 22, 2026, 9:17 p.m. | 2 hours, 51 minutes ago Description :RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-alpha.94, all four notification target…
CVE-2026-41145 – MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads
CVE ID :CVE-2026-41145 Published : April 22, 2026, 1:16 a.m. | 50 minutes ago Description :MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability…
CVE-2026-40344 – MinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer Uploads
CVE ID :CVE-2026-40344 Published : April 22, 2026, 1:16 a.m. | 50 minutes ago Description :MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability…
CVE-2026-41304 – WWBN AVideo vulnerable to RCE caused by clonesite plugin
CVE ID :CVE-2026-41304 Published : April 22, 2026, 12:16 a.m. | 1 hour, 49 minutes ago Description :WWBN AVideo is an open source video platform. In versions 29.0 and below, the `cloneServer.json.php` endpoint in…
CVE-2026-41133 – pyLoad has Stale Session Privilege After Role/Permission Change (Privilege Revocation Bypass)
CVE ID :CVE-2026-41133 Published : April 22, 2026, 12:16 a.m. | 1 hour, 49 minutes ago Description :pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97…