Latest Vulnerabilities

CVEs and Known Exploited Vulnerabilities tracked daily

Sort:

Showing 15 of 15 vulnerabilities

Severity	CVE ID	Title	CVSS	Date
CRITICAL	CVE-2026-5144	BuddyPress Groupblog plugin for WordPress Privilege Escalation	8.8	2026-04-12
CRITICAL	CVE-2026-35643	OpenClaw Unvalidated WebView JavascriptInterface Arbitrary Instruction Injection	8.8	2026-04-12
CRITICAL	CVE-2026-6120	Tenda F451 Router Remote Code Execution Vulnerability	8.8	2026-04-12
CRITICAL	CVE-2026-35663	OpenClaw Privilege Escalation for Non-Admin Operators	8.8	2026-04-12
CRITICAL	CVE-2026-34621	Adobe Acrobat Reader Improperly Controlled Modification of Object Prototype Attributes	8.6	2026-04-12
HIGH	CVE-2026-35638	OpenClaw Control UI Unauthenticated Privilege Escalation	8.8	2026-04-11
HIGH	CVE-2026-39911	Hashgraph Guardian Unsandboxed JavaScript Execution	8.8	2026-04-11
HIGH	CVE-2026-33785	Juniper Junos OS MX Series Missing Authorization Privilege Escalation	8.8	2026-04-11
HIGH	CVE-2025-13914	Juniper Apstra SSH Key Exchange Without Entity Authentication	8.7	2026-04-11
HIGH	CVE-2023-54359	WordPress adivaha Travel Plugin Time-Based Blind SQL Injection	8.2	2026-04-11
CRITICAL	CVE-2026-3243	WordPress Advanced Members for ACF Plugin Arbitrary File Deletion	8.8	2026-04-10
CRITICAL	CVE-2026-4326	WordPress Vertex Addons for Elementor Plugin Missing Authorization	8.8	2026-04-10
CRITICAL	CVE-2026-5815	D-Link DIR-645 Router Remote Code Execution Vulnerability	8.8	2026-04-10
CRITICAL	CVE-2026-5830	Tenda AC15 Router Remote Code Execution Vulnerability	8.8	2026-04-10
HIGH	CVE-2026-5436	WordPress MW WP Form Plugin Arbitrary File Move/Read	8.1	2026-04-10

CRITICAL8.8

CVE-2026-5144

BuddyPress Groupblog plugin for WordPress Privilege Escalation

2026-04-12

CRITICAL8.8

CVE-2026-35643

OpenClaw Unvalidated WebView JavascriptInterface Arbitrary Instruction Injection

2026-04-12

CRITICAL8.8

CVE-2026-6120

Tenda F451 Router Remote Code Execution Vulnerability

2026-04-12

CRITICAL8.8

CVE-2026-35663

OpenClaw Privilege Escalation for Non-Admin Operators

2026-04-12

CRITICAL8.6

CVE-2026-34621

Adobe Acrobat Reader Improperly Controlled Modification of Object Prototype Attributes

2026-04-12

HIGH8.8

CVE-2026-35638

OpenClaw Control UI Unauthenticated Privilege Escalation

2026-04-11

HIGH8.8

CVE-2026-39911

Hashgraph Guardian Unsandboxed JavaScript Execution

2026-04-11

HIGH8.8

CVE-2026-33785

Juniper Junos OS MX Series Missing Authorization Privilege Escalation

2026-04-11

HIGH8.7

CVE-2025-13914

Juniper Apstra SSH Key Exchange Without Entity Authentication

2026-04-11

HIGH8.2

CVE-2023-54359

WordPress adivaha Travel Plugin Time-Based Blind SQL Injection

2026-04-11

CRITICAL8.8

CVE-2026-3243

WordPress Advanced Members for ACF Plugin Arbitrary File Deletion

2026-04-10

CRITICAL8.8

CVE-2026-4326

WordPress Vertex Addons for Elementor Plugin Missing Authorization

2026-04-10

CRITICAL8.8

CVE-2026-5815

D-Link DIR-645 Router Remote Code Execution Vulnerability

2026-04-10

CRITICAL8.8

CVE-2026-5830

Tenda AC15 Router Remote Code Execution Vulnerability

2026-04-10

HIGH8.1

CVE-2026-5436

WordPress MW WP Form Plugin Arbitrary File Move/Read

2026-04-10