CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/04/14 3:38 p.m.•21 views

CVE-2025-53847

CVE-2025-53847 affects Fortinet FortiOS/FortiGate: missing authentication for a critical function allows an attacker to execute unauthorized code or commands via specially crafted packets. Impact spans FortiOS versions 6.2.x (6.2.9–6.2.17), 6.4.x (all versions), 7.0.x (7.0.0–7.0.17), 7.2.x (7.2.0...

8.8CVSS6AI score0.00283EPSS

Exploits0References2Affected Software1

Microsoft CVE•added 2026/04/14 2:0 p.m.•4 views

Remote Desktop Licensing Service Elevation of Privilege Vulnerability

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally...

7.8CVSS6.3AI score0.00256EPSS

Exploits0

Microsoft CVE•added 2026/04/14 2:0 p.m.•1 views

Remote Desktop Licensing Service Elevation of Privilege Vulnerability

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally...

7.8CVSS6.3AI score0.00266EPSS

Exploits0

Snyk•added 2026/04/14 12:4 a.m.•2 views

Missing Authentication for Critical Function

Overview github.com/minio/minio/cmd is an open source object storage server compatible with Amazon S3 APIs. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the PutObjectExtractHandler, PutObjectHandler, and PutObjectPartHandler function. An...

8.8CVSS5.8AI score0.00418EPSS

Positive Technologies•added 2026/04/14 12:0 a.m.•2 views

PT-2026-32650

6.5CVSS6AI score0.00283EPSS

Positive Technologies•added 2026/04/14 12:0 a.m.•1 views

PT-2026-32738

Name of the Vulnerable Software and Affected Versions Windows Remote Desktop Licensing Service affected versions not specified Description A missing authentication for a critical function in the Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally,...

7.8CVSS6.2AI score0.00266EPSS

Exploits0References6

Positive Technologies•added 2026/04/14 12:0 a.m.•3 views

PT-2026-32737

CVE-2026-26159 Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally. https://t.co/5uioiAiy6m...

7.8CVSS6.2AI score0.00256EPSS

Tenable Nessus•added 2026/04/14 12:0 a.m.•13 views

Fortinet Fortigate Missing Authentication for critical function in CAPWAP daemon (FG-IR-26-125)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-125 advisory. - A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through...

8.8CVSS6AI score0.00283EPSS

Exploits0References2

RedhatCVE•added 2026/04/13 7:23 p.m.•0 views

CVE-2026-33788

A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators FPCs of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local user with low privileges...

8.5CVSS5.9AI score0.00114EPSS

RedhatCVE•added 2026/04/13 1:22 p.m.•1 views

CVE-2026-6126

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...

7.5CVSS6.8AI score0.00397EPSS

Github Security Blog•added 2026/04/13 9:31 a.m.•8 views

Google Agent Development Kit (ADK) has a Code Injection and Missing Authentication vulnerability

A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...

Exploits0References3Affected Software1

OSV•added 2026/04/13 9:31 a.m.•5 views

GHSA-RG7C-G689-FR3X Google Agent Development Kit (ADK) has a Code Injection and Missing Authentication vulnerability

EUVD•added 2026/04/13 9:31 a.m.•2 views

EUVD-2026-21900

Cvelist•added 2026/04/13 8:35 a.m.•25 views

Exploits0References2

CVE-2026-4810 Remote Code Execution in Google Agent Development Kit (ADK)

10CVSS0.01816EPSS

ATTACKERKB•added 2026/04/13 8:35 a.m.•2 views

CVE-2026-4810

Exploits0References2Affected Software1

CVE•added 2026/04/13 8:35 a.m.•31 views

CVE-2026-4810

CVE-2026-4810 is a Code Injection and Missing Authentication vulnerability in Google Agent Development Kit (ADK) affecting Python OSS, Cloud Run, and GKE. Affected ADK versions range from 1.7.0 (and 2.0.0a1) through 1.28.1 (and 2.0.0a2), where an unauthenticated remote attacker can execute arbitr...

Positive Technologies•added 2026/04/13 12:0 a.m.•3 views

PT-2026-32287

I got an alert from GitHub Dependabot to update the google-adk python version to v1.28.1 because of a vulnerability in versions 1.7.0 to 1.28.0. https://github.com/advisories/GHSA-rg7c-g689-fr3x A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions...

CNNVD•added 2026/04/13 12:0 a.m.•2 views

Exploits0References11

Agent Development Kit 安全漏洞

Agent Development Kit is an open-source development framework provided by Google for building and deploying AI agents. Versions 1.7.0 to 1.28.1 and 2.0.0a1 to 2.0.0a2 of the Agent Development Kit contain security vulnerabilities. These vulnerabilities stem from code injection and lack of...

10CVSS6.2AI score0.01816EPSS