CVE-2026-41329

creationtimestamp| type| source ---|---|--- 2026-04-21 00:54:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjxrigmuad2c 2026-04-21 01:19:10+00:00| published-proof-of-concept| Telegram/LrBuhuc7HcH3kswc1a1az3fvuC6rURNPubqOsu4a3yYkj38 2026-04-21 02:44:39+00:00| seen|...

CVE-2026-41303

creationtimestamp| type| source ---|---|--- 2026-04-21 00:54:44+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjxri74yim2w 2026-04-21 01:18:48+00:00| seen| Telegram/wz0kiY1tb5u805P38ZVeawoTKuvhTd24bOWQm-Bt9SZek-4 2026-04-21 01:19:10+00:00| published-proof-of-concept|...

EUVD-2026-23981

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.5.0.4. This is due to insufficient input sanitization and output escaping in the prepareCellOutput method of the...

Semantic MediaWiki 跨站脚本漏洞

Semantic MediaWiki is an open-source extension of Semantic MediaWiki that stores and queries data within wiki pages. Semantic MediaWiki has a cross-site scripting vulnerability. This vulnerability stems from the endpoint parameters in /index.php/Speciaal:GefacetteerdZoeken, which allow for...

PT-2026-34046

Name of the Vulnerable Software and Affected Versions Bagisto versions prior to 2.3.16 Description An issue exists in the Downloadable Link Handler component within the copy function. Remote manipulation of this function can lead to server-side request forgery, a flaw where an attacker can induce...

PT-2026-34217

Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.24 Description An open redirect exists in the 'bigbluebutton/api/join' endpoint through the logoutURL parameter. This occurs when requests with incorrect checksums are handled improperly, allowing a redirect...

VulnCheck KEV: CVE-2025-29635

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/setprohibiting via the corresponding function, triggering remote command execution...

PT-2026-34179

Docmost is open-source collaborative wiki and documentation software. Prior to 0.80.0, when leaving a comment on a page, it is possible to include a JavaScript URI as the link. When a user clicks on the link the JavaScript executes. This vulnerability is fixed in 0.80.0...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011098)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011098 advisory. In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlguestinitafu|adapter If deviceregister fails in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011239)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011239 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix potential panic dues to unprotected smcllcsrvaddlink There is a certain chance to...

Bagisto 代码问题漏洞

Bagisto is an open-source e-commerce framework developed by Webkul Software in India. Versions of Bagisto 2.3.15 and earlier contained code vulnerabilities. These vulnerabilities stemmed from improper handling of the copy function in the Downloadable Link Handler component, which could lead to...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007044)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007044 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013197)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013197 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report 1 with no reproducer hints at a bug...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013047)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013047 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path Bluetooth 6lowpan.c netdev has...

CVE-2026-5721

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.5.0.4. This is due to insufficient input sanitization and output escaping in the prepareCellOutput method of the...

CVE-2026-22051

creationtimestamp| type| source ---|---|--- 2026-04-20 23:03:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjxlbto5sc2c 2026-04-22 12:45:31+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mk3jo4n4m62w...

CVE-2026-5721

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.5.0.4. This is due to insufficient input sanitization and output escaping in the prepareCellOutput method of the...

CVE-2026-5721 wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin <= 6.5.0.4 - Unauthenticated Stored Cross-Site Scripting via CSV/Excel Data Import

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.5.0.4. This is due to insufficient input sanitization and output escaping in the prepareCellOutput method of the...

CVE-2026-29647

creationtimestamp| type| source ---|---|--- 2026-04-20 22:09:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjxiacjxcy2e...

CVE-2026-32604

creationtimestamp| type| source ---|---|--- 2026-04-20 21:37:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjxghw2lna2z 2026-04-20 22:21:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjxiwrumt22i 2026-04-20 22:48:46+00:00| seen|...