Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)

Last week, there were 87 vulnerabilities disclosed in 198 WordPress Plugins and 5 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 61 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities ...

CVE-2026-42338 vulnerabilities

Vulnerabilities for packages: renovate, pulumi, librechat, tileserver-gl-fips, opensearch-dashboards, wazuh-dashboard-fips, kibana, lerna, langfuse, saf, langfuse-fips, actions-runner, wazuh-dashboard, code-server, opensearch-dashboards-fips, prism, gemini-cli, sqlpad, npm, tileserver-gl,...

NPM: Vercel: Non-interactive mode includes CLI arguments in suggested command output

NPM: Vercel: Non-interactive mode includes CLI arguments in suggested command output vulnerability discovered by ? in WordPress Npm vercel versions = 50.16.0, = 52.0.0...

GHSA-PGF8-2HGJ-GRQG Vercel: Non-interactive mode includes CLI arguments in suggested command output

Summary When the Vercel CLI runs in non-interactive mode --non-interactive or auto-detected AI agent, commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the user authenticated via --token or -t on the command line, the token value is included...

CLI Proxy API 代码问题漏洞

CLI Proxy API is an open-source CLI proxy server developed by Router-For.ME, which supports multi-model APIs. Version 6.9.29 of the CLI Proxy API has a code vulnerability that stems from the handling of the url parameter in the file internal/api/handlers/management/apitools.go. This vulnerability...

PT-2026-38406

Name of the Vulnerable Software and Affected Versions Vercel CLI versions 50.16.0 through 52.0.0 Description When running in non-interactive mode via the --non-interactive flag or auto-detected AI agent, commands that cannot complete autonomously emit JSON payloads containing suggested follow-up...

PT-2026-38545

A vulnerability has been found in router-for-me CLIProxyAPI 6.9.29. Affected by this issue is some unknown functionality of the file internal/api/handlers/management/api tools.go of the component API Interface. The manipulation of the argument url leads to server-side request forgery. Remote...

cf-cli-8.18.3+git.0.83ce51d9c-1.1 on GA media (moderate)

cf-cli-8.18.3+git.0.83ce51d9c-1.1 on GA media Announcement ID: openSUSE-SU-2026:10688-1 Rating: moderate Cross-References: CVE-2025-61729 CVSS scores: CVE-2025-61729 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-61729 SUSE : 8.7...

Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

Google patches a CVSS 10 Gemini CLI vulnerability that allowed hackers to use prompt injection and privilege escalation for a full supply chain compromise...

@c0va23/react-router-dev (=7.8.3-alpha.2), @holocron.so/cli (>=0.6.0 <=0.14.1) +15 more potentially affected by CVE-2026-23870 via @vitejs/plugin-rsc (>=0.4.11 <=0.5.24)

@vitejs/plugin-rsc NPM version =0.4.11, =0.6.0, =0.5.0, =0.0.1, =0.0.0-1ae0b37, =0.0.0-experimental-2a6c7bc, =0.0.0-pr-32412-sha-4e0feb24, =1.0.2, =0.1.0, =0.0.1, =1.18.0-rsc.19, =0.1.0, =0.0.1-alpha.0, =1.0.0, =1.0.1 and more Source cves: CVE-2026-23870 Source advisory:...

@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +20 more potentially affected by CVE-2026-23870 via react-server-dom-webpack (>=19.0.0 <=19.0.1)

react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...

CVE-2026-41898 vulnerabilities

Vulnerabilities for packages: sqlx, deno, sdp-k8s-injector, sentry-cli, typst, ztunnel-fips, rpm-sequoia, rustls-openssl-client, bootc, guestproxyagent, sccache, rustup, komodo, valkey-ldap, vector...

CVE-2026-41907 vulnerabilities

Vulnerabilities for packages: renovate, redisinsight, kubeflow-centraldashboard, librechat, argo-workflows, jitsucom-jitsu, opensearch-dashboards, wazuh-dashboard-fips, kibana, langfuse, saf, langfuse-fips, actions-runner, dbgate, wazuh-dashboard, dbgate-fips, code-server,...

CVE-2026-41506 vulnerabilities

Vulnerabilities for packages: jfrog-cli, apko, argo-events-fips, guac, gitlab-rails-ce, flux-image-automation-controller-fips, kubescape, argo-cd, argocd-image-updater, gitlab-rails-ce-fips, grype-db, cloudbeat-fips, nemo, cg, gitlab-runner-fips, nuclei, zot, gitsign, trivy-fips, gitaly, syft,...

CVE-2026-35254

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...

EUVD-2026-27534

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...

CVE-2026-35254

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...

CVE-2026-35254

CVE-2026-35254 affects Oracle OCI CLI (Oracle Open Source Projects) with affected version 3.77. The vulnerability enables an unauthenticated, network-accessible attacker to cause Oracle OCI CLI to place imported files outside the intended directory, indicating a path traversal-like impact. CVSS3....

GHSA-WPQR-6V78-JR5G vulnerabilities

Vulnerabilities for packages: gemini-cli...

Oracle OCI CLI 路径遍历漏洞

Oracle OCI CLI is a cloud infrastructure management command-line tool developed by Oracle Corporation in the United States. Version 3.77 of Oracle OCI CLI contains a path traversal vulnerability. This vulnerability allows unauthorized attackers to access the system through the network, enabling...