Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)

Last week, there were 87 vulnerabilities disclosed in 198 WordPress Plugins and 5 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 61 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities ...

Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

CVE-2026-0073 — Android ADB TLS Authentication Bypass A proof...

Linux Distros Unpatched Vulnerability : CVE-2026-7963

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to...

CVE-2026-41506 vulnerabilities

Vulnerabilities for packages: bom, trufflehog-fips, zarf-fips, kubevela-fips, dagger, osv-scanner, gitlab-rails-ce-fips, rancher-fleet-fips, grafana-alloy, crossplane, mapotf-fips, chainloop-cli, skaffold-fips, flux-source-controller, gitaly-fips, chainloop-cli-fips, xeol-fips, argo-workflows-fip...

CVE-1999-0497

creationtimestamp| type| source ---|---|--- 2026-05-06 13:28:27+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ftp/ftpanonymous.rb...

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 Checker & Mitigator A simple, safe vulnerabili...

Linux Distros Unpatched Vulnerability : CVE-2026-43095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs ca...

Linux Distros Unpatched Vulnerability : CVE-2026-43191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn...

Linux Distros Unpatched Vulnerability : CVE-2026-43226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state rdsconnpath::cpstate and transitions from one state to another and are conditional upon a...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-41066)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-41066 advisory. - lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CopyFail-Scanner-CVE-2026-31431 CopyFail-Scanner es una herram...

sshprank 1.7.0

sshprank is a fast SSH mass-scanner, login cracker, and banner grabber tool using the python-masscan and shodan modules...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: Avoid scanning potential huge holes. When using devmrequestfreememregion and devmmemremappages to add ZONEDEVICE memory, if the end PFN of the requested free memory region is huge e.g., 0x400000000, the nodeendpfn wi...

Synctecxhub_SQL_Scanner

No d...

l4ki-TooL

TCP Port Scanner A simple Python tool that scans TCP ports on...

clan-nxt-toolkit

🔴 CLAN NXT Toolkit ██████╗██╗ █████╗ ███╗ ██╗...

Linux Distros Unpatched Vulnerability : CVE-2026-43036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1...

Linux Distros Unpatched Vulnerability : CVE-2026-43001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied projectid for an EC2-type credential...

Linux Distros Unpatched Vulnerability : CVE-2026-43006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the...