CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/04/10 6:14 p.m.•15 views

CVE-2026-33698 Chamilo LMS affected by unauthenticated RCE in main/install folder

Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code from the main/install/ directory and allow an unauthenticated attacker to modify existing files or create new files where allowed by system permissions. This only affects portals...

9.3CVSS0.00321EPSS

Vulnrichment•added 2026/04/10 6:14 p.m.•2 views

CVE-2026-33698 Chamilo LMS affected by unauthenticated RCE in main/install folder

9.3CVSS5.8AI score0.00321EPSS

EUVD•added 2026/04/10 6:31 a.m.•2 views

EUVD-2026-21303

The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems users have read and execute access. For the client.key file in particular, this could potentially lead to exploits, as this exposes agent identity material to any...

6.8CVSS6AI score0.00075EPSS

NVD•added 2026/04/10 5:16 a.m.•2 views

CVE-2026-4482

6.8CVSS0.00075EPSS

Exploits0References1

CNNVD•added 2026/04/09 12:0 a.m.•3 views

Apache OpenMeetings 安全漏洞

Apache OpenMeetings is a multilingual, customizable video conferencing and collaboration system developed by the Apache Foundation in the United States. This product supports audio and video capabilities, and allows users to view the desktops of each participant. Prior to Apache OpenMeetings 9.0....

4.3CVSS5.8AI score0.00418EPSS

Exploits0References4

Tenable Nessus•added 2026/04/09 12:0 a.m.•2 views

ManageEngine Exchange Reporter Plus < Build 5802 Multiple Stored XSS

The version of ManageEngine Exchange Reporter Plus on the remote host has a build number prior to 5802. It is, therefore, affected by multiple vulnerabilities, including: - Stored XSS in the Folder Message Count and Size report. CVE-2026-4107 - Stored XSS in the Permissions Based on Mailboxes...

7.3CVSS5.9AI score0.00538EPSS

Exploits0References16

EUVD•added 2026/04/07 6:31 p.m.•0 views

EUVD-2026-19748

Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the folder ownership management functionality that allows authenticated attackers to inject SQL through the owner parameter. An attacker can use the injection to read sensitive data such as the JWT signi...

NVD•added 2026/04/07 5:16 p.m.•5 views

Exploits0References8

CVE-2026-23696

9.9CVSS0.05064EPSS

Cvelist•added 2026/04/07 4:50 p.m.•17 views

CVE-2026-23696 Windmill < 1.603.3 File Ownership Handling SQLi RCE

9.9CVSS0.05064EPSS

Vulnrichment•added 2026/04/07 4:50 p.m.•0 views

CVE-2026-23696 Windmill < 1.603.3 File Ownership Handling SQLi RCE

ATTACKERKB•added 2026/04/07 4:50 p.m.•2 views

CVE-2026-23696

Exploits0References7Affected Software2

CVE•added 2026/04/07 4:50 p.m.•20 views

CVE-2026-23696

Windmill CVE-2026-23696 affects Windmill CE/EE versions 1.276.0–1.603.2. The vulnerability is an SQL injection in the folder ownership management functionality that can be triggered by an authenticated user via the owner parameter, enabling reading of sensitive data (e.g., JWT signing secret and ...

CVE•added 2026/04/07 2:38 p.m.•9 views

CVE-2026-35464

Summary: CVE-2026-35464 affects pyLoad and describes an incomplete fix for CVE-2026-33509, where a non-admin user with SETTINGS and ADD permissions can redirect downloads to the Flask filesystem session store and trigger arbitrary code execution via a crafted pickle payload deserialized during re...

7.5CVSS6.5AI score0.00529EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/04/07 2:38 p.m.•2 views

CVE-2026-35464 pyLoad has an incomplete fix for CVE-2026-33509: unprotected storage_folder enables arbitrary file write to Flask session store and code execution

pyLoad is a free and open-source download manager written in Python. The fix for CVE-2026-33509 added an ADMINONLYOPTIONS set to block non-admin users from modifying security-critical config options. The storagefolder option is not in this set and passes the existing path restriction because the...

7.5CVSS6.5AI score0.00529EPSS

Exploits2References4

Cvelist•added 2026/04/07 2:38 p.m.•18 views

CVE-2026-35464 pyLoad has an incomplete fix for CVE-2026-33509: unprotected storage_folder enables arbitrary file write to Flask session store and code execution

7.5CVSS0.00529EPSS

Exploits1References4

CNNVD•added 2026/04/07 12:0 a.m.•6 views

pyLoad 安全漏洞

pyLoad is an open-source download manager written in Python. There is a security vulnerability in pyLoad. This vulnerability arises from the fact that the “storagefolder” option is not included in the ADMINONLYOPTIONS set, and it bypasses existing path restrictions. This could allow users with...

8.8CVSS6.3AI score0.00529EPSS

Exploits2References4

CNNVD•added 2026/04/07 12:0 a.m.•5 views

Windmill SQL注入漏洞

Windmill is a low-code development platform open-source by Windmill Labs, Inc. Versions of Windmill from 1.276.0 to 1.603.2 have a SQL injection vulnerability. This vulnerability stems from the owner parameter in the folder ownership management function, which allows for SQL injection attacks. It...

9.9CVSS7.6AI score0.05064EPSS

Positive Technologies•added 2026/04/07 12:0 a.m.•4 views

PT-2026-30914

Name of the Vulnerable Software and Affected Versions Windmill CE and EE versions 1.276.0 through 1.603.2 Description Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the folder ownership management functionality. Authenticated attackers can inject SQL...