Tag: 2026-04-14

7 Attack Reports | 397 Vulnerabilities

Attack reports

108 Chrome Extensions Linked to Data Exfiltration and Session Theft via Shared C2 Infrastructure

A coordinated campaign of 108 malicious Chrome extensions operated through shared command-and-control infrastructure at cloudapi[.]stream has been identified, collectively accounting for approximately 20,000 installations. The campaign spans multiple threat categories: 54 extensions steal Google ac…
chrome extensions
session hijacking
2026-04-14
browser backdoor
google identity theft
Published: April 14, 2026
Downloadable IOCs: 18

59 Victims, Zero Authentication: A ClickFix Campaign Force-Installs a Chrome Extension Banking Stealer and Leaves the Entire C2 Wide Open

A Brazilian banking fraud operation leveraging ClickFix social engineering was discovered through a community tip, exposing a completely unauthenticated command-and-control infrastructure. The campaign deploys a malicious Chrome extension masquerading as a Banco Central do Brasil tool, force-instal…
credential-theft
clickfix
2026-04-14
banking-stealer
session-hijacking
Published: April 14, 2026
Downloadable IOCs: 12

Pretexting-Based Targeted Intrusion: Analysis of Facebook Reconnaissance and Software Tampering Attacks

APT37 conducted a sophisticated social engineering campaign utilizing Facebook accounts claiming locations in Pyongyang and Pyongsong, North Korea, to conduct reconnaissance and build trust with targets. After establishing relationships through Facebook Messenger, the threat actor migrated conversa…
social engineering
north korea
rokrat
process hollowing
shellcode injection
apt37
2026-04-14
facebook reconnaissance
installer tampering
pretexting
zoho workdrive c2
Published: April 14, 2026
Downloadable IOCs: 10

Q1 2026 Malware Statistics Report for Linux SSH Servers

Analysis of attacks against Linux SSH servers during Q1 2026 reveals P2PInfect worm as the dominant threat, representing 70.3% of all attack sources. DDoS botnets including Mirai, XMRig, Prometei, and CoinMiner were identified as primary threats. A notable campaign involved installing V2Ray proxy t…
xmrig
coinminer
xorddos
mirai
gafgyt
p2pinfect
tsunami
prometei
ssh brute-force
2026-04-14
chinese attribution
credential attacks
ddos botnet
honeypot analysis
linux servers
shellbot
v2ray
v2ray proxy
Published: April 14, 2026
Downloadable IOCs: 1

Q1 2026 Malware Statistics Report for Windows Database Servers

During the first quarter of 2026, Windows-based MS-SQL and MySQL database servers experienced consistent malicious attacks with a temporary decrease in February before rising again in March. The primary threat actor, Larva-26002, leveraged various utilities including BCP, curl, bitsadmin, and Power…
coinminer
credential stuffing
gh0strat
netcat
mysql
database servers
brute force
ms-sql
dictionary attack
juicypotato
shadowforce
clrshell
mykings
loveminer
2026-04-14
ice cloud
scanner
Published: April 14, 2026
Downloadable IOCs: 4

Q1 2026 malware statistics report for Windows web servers

Analysis of Windows web server attacks during Q1 2026 reveals that Internet Information Services (IIS) and Apache Tomcat servers face persistent threats through web shell exploitation. The Larva-26001 threat actor has been targeting domestic IIS servers for several years, deploying privilege escala…
coinminer
privilege escalation
badpotato
web shell
iis
apache tomcat
juicypotato
2026-04-14
CVE-2019-1458
htran
jsprat
port forwarding
porttranc
printspoofer
rdp compromise
windows web servers
Published: April 14, 2026
Linked vulnerabilities : CVE-2019-1458
Downloadable IOCs: 1

March 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, Interlock Ransomware Group Exploits Cisco FMC Zero-Day

In March 2026, 31 high-impact vulnerabilities were identified requiring prioritization for remediation, with 29 receiving Very Critical Risk Scores. Affected vendors included Cisco, Microsoft, Google, ConnectWise, and others, with Microsoft and Apple accounting for approximately 32% of vulnerabilit…
ransomware
remote code execution
deserialization vulnerability
CVE-2025-32432
CVE-2025-54068
CVE-2025-26399
CVE-2025-53521
CVE-2025-68613
CVE-2026-20963
CVE-2026-27483
CVE-2026-21385
CVE-2021-30952
CVE-2023-41974
plasmagrid
CVE-2026-20131
CVE-2026-27944
CVE-2017-7921
CVE-2026-21262
CVE-2026-25187
CVE-2026-26127
CVE-2026-3909
CVE-2026-3910
CVE-2026-3564
ghostblade
ghostknife
ghostsaber
CVE-2026-33017
CVE-2026-3055
CVE-2026-33634
CVE-2026-33032
2026-04-14
cisco fmc
ios exploit kit
plasmaloader
zero-day exploitation
Published: April 14, 2026
Linked vulnerabilities : CVE-2025-32432 (CVSS 10.0), CVE-2025-54068 (CVSS 9.2), CVE-2025-26399 (CVSS 9.8), CVE-2025-53521 (CVSS 8.7), CVE-2025-68613 (CVSS 9.9), CVE-2026-20963 (CVSS 8.8), CVE-2026-27483 (CVSS 8.8), CVE-2026-21385 (CVSS 7.8), CVE-2023-41974, CVE-2021-30952, CVE-2026-20131 (CVSS 10.0), CVE-2026-27944 (CVSS 9.8), CVE-2017-7921, CVE-2026-21262 (CVSS 8.8), CVE-2026-25187 (CVSS 7.8), CVE-2026-26127 (CVSS 7.5), CVE-2026-3909 (CVSS 8.8), CVE-2026-3910 (CVSS 8.8), CVE-2026-3564 (CVSS 9.0), CVE-2026-33017 (CVSS 9.3), CVE-2026-3055 (CVSS 9.3), CVE-2026-33634 (CVSS 9.4), CVE-2026-33032 (CVSS 9.8)
Downloadable IOCs: 2
Click here to see more Attack Reports

Vulnerabilities

CVE-2026-27681

9.9
    Sap
  • Sap Business Planning And Consolidation
  • Sap Business Warehouse
Published: April 14, 2026

CVE-2026-38526

9.9
    Webkul
  • Webkul Krayin Crm
Published: April 14, 2026

CVE-2026-35031

9.9
    Jellyfin
  • Jellyfin
Published: April 14, 2026

CVE-2026-6264

9.8
    Talend
  • Jobserver
  • Runtime
  • Esb Runtime
Published: April 14, 2026

CVE-2026-40288

9.8
    Praisonai
  • Praisonai
  • Praisonaiagents
Published: April 14, 2026

CVE-2025-63939

9.8
    Anirudhkannan
  • Grocery Store Management System
Published: April 14, 2026

CVE-2025-65135

9.8
    Manikandan580
  • School-Management-System
Published: April 14, 2026

CVE-2026-39808

9.8
    Fortinet
  • Fortisandbox
Published: April 14, 2026

CVE-2026-39813

9.8
    Fortinet
  • Fortisandbox
Published: April 14, 2026

CVE-2026-33824

9.8
    Microsoft
  • Windows Ike Extension
Published: April 14, 2026

CVE-2026-27303

9.6
    Adobe
  • Connect
Published: April 14, 2026

CVE-2026-39399

9.6
    Nuget
  • Nuget Gallery
Published: April 14, 2026

CVE-2026-27243

9.3
    Adobe
  • Adobe Connect
Published: April 14, 2026

CVE-2026-27245

9.3
    Adobe
  • Connect
Published: April 14, 2026

CVE-2026-27246

9.3
    Adobe
  • Connect
Published: April 14, 2026

CVE-2026-34615

9.3
    Adobe
  • Connect
Published: April 14, 2026

CVE-2026-5752

9.3
    Terrarium
  • Terrarium
Published: April 14, 2026

CVE-2026-27304

9.3
    Adobe
  • Coldfusion
Published: April 14, 2026

CVE-2026-35033

9.3
    Jellyfin
  • Jellyfin
Published: April 14, 2026

CVE-2026-4365

9.1
    Learnpress
  • Learnpress
Published: April 14, 2026

CVE-2026-40289

9.1
    Praisonai
  • Praisonai
  • Praisonaiagents
Published: April 14, 2026

CVE-2026-40313

9.1
    Praisonai
  • Praisonai
    Github
Published: April 14, 2026

CVE-2025-8095

9.1
    Progress
  • Openedge
Published: April 14, 2026

CVE-2026-34457

9.1
    Oauth2 Proxy
  • Oauth2 Proxy
Published: April 14, 2026

CVE-2026-2449

9.0
    Upkeeper Solutions
  • Upkeeper Instant Privilege Access
Published: April 14, 2026

CVE-2026-26149

9.0
    Microsoft
  • Power Apps
Published: April 14, 2026

CVE-2026-38529

8.8
    Webkul
  • Krayin Crm
Published: April 14, 2026

CVE-2026-39815

8.8
    Fortinet
  • Fortiddos-F
Published: April 14, 2026

CVE-2026-26167

8.8
    Microsoft
  • Windows Push Notifications
Published: April 14, 2026

CVE-2026-26178

8.8
    Microsoft
  • Windows Advanced Rasterization Platform
Published: April 14, 2026

CVE-2026-32157

8.8
    Microsoft
  • Remote Desktop Client
Published: April 14, 2026

CVE-2026-32171

8.8
    Microsoft
  • Azure Logic Apps
Published: April 14, 2026

CVE-2026-32225

8.8
    Microsoft
  • Windows Shell
Published: April 14, 2026

CVE-2026-33120

8.8
    Microsoft
  • Sql Server
Published: April 14, 2026

CVE-2026-24893

8.8
    Openitcockpit
  • Openitcockpit Community Edition
    Nagios
    Icinga
Published: April 14, 2026

CVE-2026-35196

8.8
    Chamilo
  • Chamilo Lms
Published: April 14, 2026

CVE-2026-40291

8.8
    Chamilo
  • Chamilo Lms
Published: April 14, 2026

CVE-2026-25654

8.7
    Siemens
  • Sinec Nms
Published: April 14, 2026

CVE-2026-27668

8.7
    Siemens
  • Ruggedcom Crossbow Secure Access Manager Primary
Published: April 14, 2026

CVE-2026-27928

8.7
    Microsoft
  • Windows Hello
Published: April 14, 2026

CVE-2026-34617

8.7
    Adobe
  • Connect
Published: April 14, 2026

CVE-2026-34622

8.6
    Adobe
  • Acrobat Reader
Published: April 14, 2026

CVE-2026-34160

8.6
    Chamilo
  • Chamilo
Published: April 14, 2026

CVE-2026-27305

8.6
    Adobe
  • Coldfusion
Published: April 14, 2026

CVE-2026-27290

8.6
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-35032

8.6
    Jellyfin
  • Jellyfin
Published: April 14, 2026

CVE-2026-38527

8.5
    Webkul
  • Krayin Crm
Published: April 14, 2026

CVE-2026-0207

8.5
    Pure Storage
  • Flashblade
Published: April 14, 2026

CVE-2026-40287

8.4
    Praisonai
  • Praisonai
Published: April 14, 2026

CVE-2026-32091

8.4
    Microsoft
  • Brokering File System
Published: April 14, 2026

CVE-2026-32162

8.4
    Microsoft
  • Windows
  • Windows Com
Published: April 14, 2026

CVE-2026-32190

8.4
    Microsoft
  • Office
Published: April 14, 2026

CVE-2026-32221

8.4
    Microsoft
  • Graphics Component
Published: April 14, 2026

CVE-2026-33114

8.4
    Microsoft
  • Office Word
Published: April 14, 2026

CVE-2026-33115

8.4
    Microsoft
  • Office Word
Published: April 14, 2026

CVE-2026-27306

8.4
    Adobe
  • Coldfusion
Published: April 14, 2026

CVE-2025-7389

8.2
    Progress
  • Openedge
Published: April 14, 2026

CVE-2026-22828

8.1
    Fortinet
  • Fortianalyzer Cloud
  • Fortimanager Cloud
Published: April 14, 2026

CVE-2026-38530

8.1
    Webkul
  • Krayin Crm
Published: April 14, 2026

CVE-2026-38532

8.1
    Webkul
  • Krayin Crm
Published: April 14, 2026

CVE-2026-33827

8.1
    Microsoft
  • Windows Tcp Ip
Published: April 14, 2026

CVE-2026-27912

8.0
    Microsoft
  • Windows Kerberos
Published: April 14, 2026

CVE-2026-33826

8.0
    Microsoft
  • Windows Active Directory
Published: April 14, 2026

CVE-2026-35589

8.0
    Nanobot
  • Nanobot
Published: April 14, 2026

CVE-2026-27238

7.8
    Adobe
  • Indesign
Published: April 14, 2026

CVE-2026-27283

7.8
    Adobe
  • Indesign Desktop
Published: April 14, 2026

CVE-2026-27284

7.8
    Adobe
  • Indesign
Published: April 14, 2026

CVE-2026-27291

7.8
    Adobe
  • Indesign
Published: April 14, 2026

CVE-2026-20930

7.8
    Microsoft
  • Windows Management Services
Published: April 14, 2026

CVE-2026-23657

7.8
    Microsoft
  • Office Word
Published: April 14, 2026

CVE-2026-26143

7.8
    Microsoft
  • Powershell
Published: April 14, 2026

CVE-2026-26153

7.8
    Microsoft
  • Windows Encrypting File System
Published: April 14, 2026

CVE-2026-26156

7.8
    Microsoft
  • Hyper-V
Published: April 14, 2026

CVE-2026-26159

7.8
    Microsoft
  • Windows Remote Desktop Licensing Service
Published: April 14, 2026

CVE-2026-26160

7.8
    Microsoft
  • Windows Remote Desktop Licensing Service
Published: April 14, 2026

CVE-2026-26161

7.8
    Microsoft
  • Windows Sensor Data Service
Published: April 14, 2026

CVE-2026-26162

7.8
    Microsoft
  • Windows Ole
Published: April 14, 2026

CVE-2026-26163

7.8
    Microsoft
  • Windows Kernel
Published: April 14, 2026

CVE-2026-26168

7.8
    Microsoft
  • Windows Ancillary Function Driver For Winsock
Published: April 14, 2026

CVE-2026-26170

7.8
    Microsoft
  • Powershell
Published: April 14, 2026

CVE-2026-26172

7.8
    Microsoft
  • Windows Push Notifications
Published: April 14, 2026

CVE-2026-26176

7.8
    Microsoft
  • Windows
Published: April 14, 2026

CVE-2026-26179

7.8
    Microsoft
  • Windows Kernel
Published: April 14, 2026

CVE-2026-26180

7.8
    Microsoft
  • Windows Kernel
Published: April 14, 2026

CVE-2026-26181

7.8
    Microsoft
  • Brokering File System
Published: April 14, 2026

CVE-2026-26183

7.8
    Microsoft
  • Windows Rpc Api
Published: April 14, 2026

CVE-2026-26184

7.8
    Microsoft
  • Windows Projected File System
Published: April 14, 2026

CVE-2026-27907

7.8
    Microsoft
  • Windows Storage Spaces Controller
Published: April 14, 2026

CVE-2026-27909

7.8
    Microsoft
  • Windows Search Component
Published: April 14, 2026

CVE-2026-27910

7.8
    Microsoft
  • Windows Installer
Published: April 14, 2026

CVE-2026-27911

7.8
    Microsoft
  • Windows User Interface Core
Published: April 14, 2026

CVE-2026-27914

7.8
    Microsoft
  • Management Console
Published: April 14, 2026

CVE-2026-27915

7.8
    Microsoft
  • Windows Universal Plug And Play
Published: April 14, 2026

CVE-2026-27916

7.8
    Microsoft
  • Windows Universal Plug And Play Device Host
Published: April 14, 2026

CVE-2026-27918

7.8
    Microsoft
  • Windows Shell
Published: April 14, 2026

CVE-2026-27919

7.8
    Microsoft
  • Windows Universal Plug And Play Device Host
Published: April 14, 2026

CVE-2026-27920

7.8
    Microsoft
  • Windows Upnp Device Host
Published: April 14, 2026

CVE-2026-27923

7.8
    Microsoft
  • Windows
Published: April 14, 2026

CVE-2026-27924

7.8
    Microsoft
  • Desktop Window Manager
  • Windows
Published: April 14, 2026

CVE-2026-27927

7.8
    Microsoft
  • Windows Projected File System
Published: April 14, 2026

CVE-2026-32069

7.8
    Microsoft
  • Windows Projected File System
Published: April 14, 2026

CVE-2026-32074

7.8
    Microsoft
  • Windows Projected File System
Published: April 14, 2026

CVE-2026-32076

7.8
    Microsoft
  • Windows Storage Spaces Controller
Published: April 14, 2026

CVE-2026-32077

7.8
    Microsoft
  • Upnp Device Host
Published: April 14, 2026

CVE-2026-32078

7.8
    Microsoft
  • Windows Projected File System
Published: April 14, 2026

CVE-2026-32089

7.8
    Microsoft
  • Windows Speech Brokered Api
Published: April 14, 2026

CVE-2026-32090

7.8
    Microsoft
  • Windows Speech Brokered Api
Published: April 14, 2026

CVE-2026-32152

7.8
    Microsoft
  • Desktop Window Manager
Published: April 14, 2026

CVE-2026-32153

7.8
    Microsoft
  • Windows Speech
Published: April 14, 2026

CVE-2026-32154

7.8
    Microsoft
  • Desktop Window Manager
Published: April 14, 2026

CVE-2026-32155

7.8
    Microsoft
  • Desktop Window Manager
Published: April 14, 2026

CVE-2026-32158

7.8
    Microsoft
  • Windows Push Notifications
Published: April 14, 2026

CVE-2026-32159

7.8
    Microsoft
  • Windows Push Notifications
Published: April 14, 2026

CVE-2026-32160

7.8
    Microsoft
  • Windows Push Notifications
Published: April 14, 2026

CVE-2026-32163

7.8
    Microsoft
  • Windows User Interface Core
Published: April 14, 2026

CVE-2026-32164

7.8
    Microsoft
  • Windows User Interface Core
Published: April 14, 2026

CVE-2026-32165

7.8
    Microsoft
  • Windows User Interface Core
Published: April 14, 2026

CVE-2026-32168

7.8
    Microsoft
  • Azure Monitor Agent
Published: April 14, 2026

CVE-2026-32183

7.8
    Microsoft
  • Windows Snipping Tool
Published: April 14, 2026

CVE-2026-32184

7.8
    Microsoft
  • High Performance Compute Pack
Published: April 14, 2026

CVE-2026-32189

7.8
    Microsoft
  • Office Excel
Published: April 14, 2026

CVE-2026-32192

7.8
    Microsoft
  • Azure Monitor Agent
Published: April 14, 2026

CVE-2026-32197

7.8
    Microsoft
  • Office Excel
Published: April 14, 2026

CVE-2026-32198

7.8
    Microsoft
  • Office Excel
Published: April 14, 2026

CVE-2026-32199

7.8
    Microsoft
  • Office Excel
Published: April 14, 2026

CVE-2026-32200

7.8
    Microsoft
  • Office Powerpoint
Published: April 14, 2026

CVE-2026-32222

7.8
    Microsoft
  • Win32k
Published: April 14, 2026

CVE-2026-33095

7.8
    Microsoft
  • Office Word
Published: April 14, 2026

CVE-2026-33098

7.8
    Microsoft
  • Windows Container Isolation Fs Filter Driver
Published: April 14, 2026

CVE-2026-33101

7.8
    Microsoft
  • Windows Print Spooler
Published: April 14, 2026

CVE-2026-33825

7.8
    Microsoft
  • Defender
Published: April 14, 2026

CVE-2026-34627

7.8
    Adobe
  • Indesign
Published: April 14, 2026

CVE-2026-34628

7.8
    Adobe
  • Indesign
Published: April 14, 2026

CVE-2026-34629

7.8
    Adobe
  • Indesign
Published: April 14, 2026

CVE-2026-27289

7.8
    Adobe
  • Photoshop
    Apple
    Microsoft
Published: April 14, 2026

CVE-2026-27310

7.8
    Adobe
  • Bridge
    Apple
    Microsoft
Published: April 14, 2026

CVE-2026-27311

7.8
    Adobe
  • Bridge
    Apple
    Microsoft
Published: April 14, 2026

CVE-2026-27312

7.8
    Adobe
  • Bridge
    Apple
    Microsoft
Published: April 14, 2026

CVE-2026-27313

7.8
    Adobe
  • Bridge
    Apple
    Microsoft
Published: April 14, 2026

CVE-2026-34618

7.8
    Adobe
  • Illustrator
    Apple
    Microsoft
Published: April 14, 2026

CVE-2026-34630

7.8
    Adobe
  • Bridge
    Apple
    Microsoft
Published: April 14, 2026

CVE-2026-27287

7.8
    Adobe
  • Incopy
    Apple
    Microsoft
Published: April 14, 2026

CVE-2026-34631

7.8
    Adobe
  • Incopy
    Apple
    Microsoft
Published: April 14, 2026

CVE-2026-27292

7.8
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-27293

7.8
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-27294

7.8
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-27295

7.8
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-27296

7.8
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-27297

7.8
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-27298

7.8
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-33023

7.8
    Libsixel
  • Libsixel
Published: April 14, 2026

CVE-2026-27913

7.7
    Microsoft
  • Windows Bitlocker
Published: April 14, 2026

CVE-2026-40683

7.7
    Openstack
  • Keystone
Published: April 14, 2026

CVE-2026-34619

7.7
    Adobe
  • Coldfusion
Published: April 14, 2026

CVE-2026-40164

7.5
    Jq
  • Jq
Published: April 14, 2026

CVE-2026-4352

7.5
    Wordpress
  • Jetengine
Published: April 14, 2026

CVE-2026-31923

7.5
    Apache
  • Apisix
Published: April 14, 2026

CVE-2026-23708

7.5
    Fortinet
  • Fortisoar Paas
  • Fortisoar On-Premise
Published: April 14, 2026

CVE-2026-23666

7.5
    Microsoft
  • .Net Framework
Published: April 14, 2026

CVE-2026-26154

7.5
    Microsoft
  • Windows Server Update Service
Published: April 14, 2026

CVE-2026-26171

7.5
    Microsoft
  • .Net
Published: April 14, 2026

CVE-2026-32071

7.5
    Microsoft
  • Windows Local Security Authority Subsystem Service
Published: April 14, 2026

CVE-2026-32178

7.5
    Microsoft
  • Dotnet
Published: April 14, 2026

CVE-2026-32203

7.5
    Microsoft
  • Dotnet
  • Visual Studio
Published: April 14, 2026

CVE-2026-33096

7.5
    Microsoft
  • Windows Http.Sys
Published: April 14, 2026

CVE-2026-33116

7.5
    Microsoft
  • .Net
  • .Net Framework
  • Visual Studio
Published: April 14, 2026

CVE-2026-27282

7.5
    Adobe
  • Coldfusion
Published: April 14, 2026

CVE-2026-2332

7.4
    Eclipse
  • Jetty
Published: April 14, 2026

CVE-2026-2450

7.4
    Upkeeper Solutions
  • Upkeeper Instant Privilege Access
Published: April 14, 2026

CVE-2026-32156

7.4
    Microsoft
  • Windows Universal Plug And Play
Published: April 14, 2026

CVE-2026-32149

7.3
    Microsoft
  • Windows Hyper-V
Published: April 14, 2026

CVE-2026-33021

7.3
    Libsixel
  • Libsixel
Published: April 14, 2026

CVE-2026-4388

7.2
    10web
  • Form Maker
Published: April 14, 2026

CVE-2026-6227

7.2
    Wordpress
  • Backwpup
Published: April 14, 2026

CVE-2026-40315

7.2
    Praisonai
  • Praisonai
Published: April 14, 2026

CVE-2026-3017

7.2
    Wordpress
  • Smart Post Show
Published: April 14, 2026

CVE-2025-61848

7.2
    Fortinet
  • Fortianalyzer
  • Fortianalyzer Cloud
  • Fortimanager
  • Fortimanager Cloud
Published: April 14, 2026

CVE-2026-33715

7.2
    Chamilo
  • Chamilo
Published: April 14, 2026

CVE-2026-39387

7.2
    Boidcms
  • Boidcms
Published: April 14, 2026

CVE-2026-40688

7.2
    Fortinet
  • Fortiweb
Published: April 14, 2026

CVE-2026-34256

7.1
    Sap
  • Sap Erp
  • Sap S/4hana
Published: April 14, 2026

CVE-2026-34984

7.1
    External Secrets Operator
  • External Secrets Operator
Published: April 14, 2026

CVE-2026-4344

7.1
    Autodesk
  • Fusion
Published: April 14, 2026

CVE-2026-4345

7.1
    Autodesk
  • Fusion
Published: April 14, 2026

CVE-2026-4369

7.1
    Autodesk
  • Fusion
Published: April 14, 2026

CVE-2026-38528

7.1
    Krayin
  • Crm
Published: April 14, 2026

CVE-2026-26151

7.1
    Microsoft
  • Windows Remote Desktop
Published: April 14, 2026

CVE-2026-32188

7.1
    Microsoft
  • Office Excel
Published: April 14, 2026

CVE-2026-33714

7.1
    Chamilo
  • Chamilo
Published: April 14, 2026

CVE-2026-33019

7.1
    Libsixel
  • Libsixel
Published: April 14, 2026

CVE-2026-33020

7.1
    Libsixel
  • Libsixel
Published: April 14, 2026

CVE-2026-34602

7.1
    Chamilo
  • Chamilo Lms
Published: April 14, 2026

CVE-2026-25184

7.0
    Microsoft
  • Applocker
  • Windows
Published: April 14, 2026

CVE-2026-26152

7.0
    Microsoft
  • Windows Cryptographic Services
Published: April 14, 2026

CVE-2026-26165

7.0
    Microsoft
  • Windows Shell
Published: April 14, 2026

CVE-2026-26166

7.0
    Microsoft
  • Windows Shell
Published: April 14, 2026

CVE-2026-26173

7.0
    Microsoft
  • Windows Ancillary Function Driver For Winsock
Published: April 14, 2026

CVE-2026-26174

7.0
    Microsoft
  • Windows Server Update Service
Published: April 14, 2026

CVE-2026-26177

7.0
    Microsoft
  • Windows Ancillary Function Driver
Published: April 14, 2026

CVE-2026-26182

7.0
    Microsoft
  • Windows Ancillary Function Driver For Winsock
Published: April 14, 2026

CVE-2026-27908

7.0
    Microsoft
  • Windows Tdi Translation Driver
Published: April 14, 2026

CVE-2026-27917

7.0
    Microsoft
  • Windows Wfp Ndis Lightweight Filter Driver
Published: April 14, 2026

CVE-2026-27921

7.0
    Microsoft
  • Windows Tcp Ip
Published: April 14, 2026

CVE-2026-27922

7.0
    Microsoft
  • Windows Ancillary Function Driver For Winsock
Published: April 14, 2026

CVE-2026-27926

7.0
    Microsoft
  • Windows Cloud Files Mini Filter Driver
Published: April 14, 2026

CVE-2026-27929

7.0
    Microsoft
  • Windows Luafv
Published: April 14, 2026

CVE-2026-32068

7.0
    Microsoft
  • Windows Ssdp Service
Published: April 14, 2026

CVE-2026-32070

7.0
    Microsoft
  • Windows Common Log File System Driver
Published: April 14, 2026

CVE-2026-32073

7.0
    Microsoft
  • Windows Ancillary Function Driver For Winsock
Published: April 14, 2026

CVE-2026-32075

7.0
    Microsoft
  • Windows Universal Plug And Play Device Host
Published: April 14, 2026

CVE-2026-32080

7.0
    Microsoft
  • Windows Walletservice
Published: April 14, 2026

CVE-2026-32082

7.0
    Microsoft
  • Windows Ssdp Service
Published: April 14, 2026

CVE-2026-32083

7.0
    Microsoft
  • Windows Ssdp Service
Published: April 14, 2026

CVE-2026-32086

7.0
    Microsoft
  • Function Discovery Service
Published: April 14, 2026

CVE-2026-32087

7.0
    Microsoft
  • Function Discovery Service
Published: April 14, 2026

CVE-2026-32093

7.0
    Microsoft
  • Function Discovery Service
Published: April 14, 2026

CVE-2026-32150

7.0
    Microsoft
  • Function Discovery Service
Published: April 14, 2026

CVE-2026-32195

7.0
    Microsoft
  • Windows Kernel
Published: April 14, 2026

CVE-2026-32219

7.0
    Microsoft
  • Brokering File System
Published: April 14, 2026

CVE-2026-32224

7.0
    Microsoft
  • Windows Server Update Service
Published: April 14, 2026

CVE-2026-33099

7.0
    Microsoft
  • Windows Ancillary Function Driver
Published: April 14, 2026

CVE-2026-33100

7.0
    Microsoft
  • Windows Ancillary Function Driver For Winsock
Published: April 14, 2026

CVE-2026-33104

7.0
    Microsoft
  • Windows Win32k
Published: April 14, 2026

CVE-2026-33018

7.0
    Libsixel
  • Libsixel
Published: April 14, 2026

CVE-2026-39906

7.0
    Unisys
  • Webperfect Image Suite
Published: April 14, 2026

CVE-2026-39907

7.0
    Unisys
  • Webperfect Imagesuite
Published: April 14, 2026

CVE-2026-39422

6.9
    Maxkb
  • Maxkb
Published: April 14, 2026

CVE-2026-39423

6.9
    Maxkb
  • Maxkb
Published: April 14, 2026

CVE-2026-24032

6.9
    Siemens
  • Sinec Nms
Published: April 14, 2026

CVE-2026-37980

6.9
    Keycloak
  • Keycloak
Published: April 14, 2026

CVE-2026-2399

6.9
    Se
  • Product
Published: April 14, 2026

CVE-2026-2402

6.9
    Se
  • *
Published: April 14, 2026

CVE-2026-2404

6.9
    *
  • *
Published: April 14, 2026

CVE-2026-4832

6.9
    Se
  • Device
Published: April 14, 2026

CVE-2026-0209

6.9
    Purestorage
  • Flasharray Purity
Published: April 14, 2026

CVE-2026-32223

6.8
    Microsoft
  • Windows Usb Print Driver
Published: April 14, 2026

CVE-2026-25691

6.7
    Fortinet
  • Fortisandbox
  • Fortisandbox Cloud
  • Fortisandbox Paas
Published: April 14, 2026

CVE-2026-39809

6.7
    Fortinet
  • Forticlientems
Published: April 14, 2026

CVE-2026-39814

6.7
    Fortinet
  • Fortiweb
Published: April 14, 2026

CVE-2026-0390

6.7
    Microsoft
  • Windows Boot Loader
Published: April 14, 2026

CVE-2026-32167

6.7
    Microsoft
  • Sql Server
Published: April 14, 2026

CVE-2026-32176

6.7
    Microsoft
  • Sql Server
Published: April 14, 2026

CVE-2026-27677

6.5
    Sap
  • Sap S/4hana
Published: April 14, 2026

CVE-2026-27678

6.5
    Sap
  • Sap S/4hana
Published: April 14, 2026

CVE-2026-27679

6.5
    Sap
  • Sap S4hana
Published: April 14, 2026

CVE-2026-34261

6.5
    Sap
  • Sap Business Analytics
  • Sap Content Management
Published: April 14, 2026

CVE-2026-34264

6.5
    Sap
  • Sap S/4hana
  • Sap Human Capital Management
Published: April 14, 2026

CVE-2026-2582

6.5
    Wordpress
  • Germanized For Woocommerce
  • Wordpress
Published: April 14, 2026

CVE-2025-53847

6.5
    Fortinet
  • Fortios
Published: April 14, 2026

CVE-2026-22155

6.5
    Fortinet
  • Fortisoar Paas
  • Fortisoar On-Premise
Published: April 14, 2026

CVE-2026-22573

6.5
    Fortinet
  • Fortisoar Paas
  • Fortisoar On-Premise
Published: April 14, 2026

CVE-2026-26155

6.5
    Microsoft
  • Local Security Authority Subsystem Service
Published: April 14, 2026

CVE-2026-27925

6.5
    Microsoft
  • Windows Universal Plug And Play
Published: April 14, 2026

CVE-2026-32151

6.5
    Microsoft
  • Windows Shell
Published: April 14, 2026

CVE-2026-32201

6.5
    Microsoft
  • Sharepoint Server
Published: April 14, 2026

CVE-2026-34370

6.5
    Chamilo
  • Chamilo Lms
Published: April 14, 2026

CVE-2026-35034

6.5
    Jellyfin
  • Jellyfin
Published: April 14, 2026

CVE-2026-1607

6.4
    Surbma
  • Booking Com Shortcode
Published: April 14, 2026

CVE-2026-4059

6.4
    Wordpress
  • Shoplentor
Published: April 14, 2026

CVE-2026-39420

6.3
    Github
  • Maxkb
Published: April 14, 2026

CVE-2026-39421

6.3
    Maxkb
  • Maxkb
Published: April 14, 2026

CVE-2025-40745

6.3
    Siemens
  • Siemens Software Center
  • Simcenter 3d
  • Simcenter Femap
  • Simcenter Star-Ccm+
  • Solid Edge Se2025
  • Solid Edge Se2026
  • Tecnomatix Plant Simulation
Published: April 14, 2026

CVE-2026-34626

6.3
    Adobe
  • Acrobat Reader
Published: April 14, 2026

CVE-2026-27299

6.3
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-32072

6.2
    Microsoft
  • Windows Active Directory
Published: April 14, 2026

CVE-2026-0512

6.1
    Sap
  • Supplier Relationship Management
Published: April 14, 2026

CVE-2026-27674

6.1
    Sap
  • Sap Netweaver Application Server Java
  • Web Dynpro Java
Published: April 14, 2026

CVE-2026-34257

6.1
    Sap
  • Netweaver Application Server Abap
Published: April 14, 2026

CVE-2025-69993

6.1
    Leaflet
  • Leaflet
Published: April 14, 2026

CVE-2025-65132

6.1
    Alandsilva26
  • Hotel-Management-Php
Published: April 14, 2026

CVE-2025-65136

6.1
    Manikandan580
  • School-Management-System
Published: April 14, 2026

CVE-2026-21331

6.1
    Adobe
  • Connect
Published: April 14, 2026

CVE-2026-26169

6.1
    Microsoft
  • Windows Kernel
Published: April 14, 2026

CVE-2026-32088

6.1
    Microsoft
  • Windows Biometric Service
Published: April 14, 2026

CVE-2026-32196

6.1
    Microsoft
  • Windows Admin Center
Published: April 14, 2026

CVE-2026-33822

6.1
    Microsoft
  • Office Word
Published: April 14, 2026

CVE-2026-34614

6.1
    Adobe
  • Connect
Published: April 14, 2026

CVE-2025-61624

6.0
    Fortinet
  • Fortios
  • Fortipam
  • Fortiproxy
  • Fortiswitchmanager
Published: April 14, 2026

CVE-2025-68649

6.0
    Fortinet
  • Fortianalyzer
  • Fortianalyzer Cloud
  • Fortimanager
  • Fortimanager Cloud
Published: April 14, 2026

CVE-2026-39810

6.0
    Fortinet
  • Forticlientems
Published: April 14, 2026

CVE-2026-32226

5.9
    Microsoft
  • .Net Framework
Published: April 14, 2026

CVE-2026-4913

5.7
    Ivanti
  • N-Itsm
Published: April 14, 2026

CVE-2026-21742

5.7
    Fortinet
  • Fortisoar Paas
  • Fortisoar On-Premise
Published: April 14, 2026

CVE-2026-23653

5.7
    Microsoft
  • Github Copilot
  • Visual Studio Code
Published: April 14, 2026

CVE-2026-23670

5.7
    Microsoft
  • Windows Virtualization Based Security
Published: April 14, 2026

CVE-2026-27285

5.5
    Adobe
  • Indesign
Published: April 14, 2026

CVE-2026-27286

5.5
    Adobe
  • Indesign
Published: April 14, 2026

CVE-2026-20806

5.5
    Microsoft
  • Windows
Published: April 14, 2026

CVE-2026-27258

5.5
    Adobe
  • Dng Software Development Kit
Published: April 14, 2026

CVE-2026-27930

5.5
    Microsoft
  • Windows Gdi
Published: April 14, 2026

CVE-2026-27931

5.5
    Microsoft
  • Windows Gdi
Published: April 14, 2026

CVE-2026-32079

5.5
    Microsoft
  • Windows
Published: April 14, 2026

CVE-2026-32081

5.5
    Microsoft
  • Windows File Explorer
Published: April 14, 2026

CVE-2026-32084

5.5
    Microsoft
  • Windows File Explorer
Published: April 14, 2026

CVE-2026-32085

5.5
    Microsoft
  • Windows Remote Procedure Call
Published: April 14, 2026

CVE-2026-32181

5.5
    Microsoft
  • Windows
Published: April 14, 2026

CVE-2026-32212

5.5
    Microsoft
  • Universal Plug And Play
Published: April 14, 2026

CVE-2026-32214

5.5
    Microsoft
  • Upnp
Published: April 14, 2026

CVE-2026-32215

5.5
    Microsoft
  • Windows Kernel
Published: April 14, 2026

CVE-2026-32216

5.5
    Microsoft
  • Windows
Published: April 14, 2026

CVE-2026-32217

5.5
    Microsoft
  • Windows Kernel
Published: April 14, 2026

CVE-2026-32218

5.5
    Microsoft
  • Windows Kernel
Published: April 14, 2026

CVE-2026-33103

5.5
    Microsoft
  • Dynamics 365
Published: April 14, 2026

CVE-2026-27222

5.5
    Adobe
  • Bridge
    Apple
    Microsoft
Published: April 14, 2026

CVE-2026-27300

5.5
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-27301

5.5
    Adobe
  • Framemaker
    Microsoft
Published: April 14, 2026

CVE-2026-24069

5.4
    Kiuwan
  • Kiuwan Cloud
  • Kiuwan Sast
Published: April 14, 2026

CVE-2026-4914

5.4
    Ivanti
  • N-Itsm
Published: April 14, 2026

CVE-2024-23104

5.4
    Fortinet
  • Fortindr
  • Fortivoice
Published: April 14, 2026

CVE-2025-61886

5.4
    Fortinet
  • Fortisandbox
  • Fortisandbox Paas
Published: April 14, 2026

CVE-2026-27288

5.4
    Adobe
  • Experience Manager
  • Experience Manager Screens
Published: April 14, 2026

CVE-2026-34623

5.4
    Adobe
  • Experience Manager
  • Experience Manager Screens
Published: April 14, 2026

CVE-2026-34624

5.4
    Adobe
  • Experience Manager
  • Experience Manager Screens
Published: April 14, 2026

CVE-2026-34625

5.4
    Adobe
  • Experience Manager
  • Experience Manager Screens
Published: April 14, 2026

CVE-2026-34212

5.4
    Docmost
  • Docmost
Published: April 14, 2026

CVE-2026-34213

5.4
    Docmost
  • Docmost
Published: April 14, 2026

CVE-2026-34069

5.3
    Nimiq
  • Core-Rs-Albatross
Published: April 14, 2026

CVE-2026-39424

5.3
    Maxkb
  • Maxkb
Published: April 14, 2026

CVE-2026-31924

5.3
    Apache
  • Apisix
Published: April 14, 2026

CVE-2025-13822

5.3
    Mcp
  • Mcphub
Published: April 14, 2026

CVE-2026-2400

5.3
    *
  • *
Published: April 14, 2026

CVE-2026-2403

5.3
    Generic
  • Logging System
Published: April 14, 2026

CVE-2026-2405

5.3
    *
  • *
Published: April 14, 2026

CVE-2026-5713

5.3
    Python
  • Python
Published: April 14, 2026

CVE-2025-15565

5.3
    Nexi
  • Xpay
Published: April 14, 2026

CVE-2026-39425

5.1
    Maxkb
  • Maxkb
Published: April 14, 2026

CVE-2026-39426

5.1
    Maxkb
  • Maxkb
Published: April 14, 2026

CVE-2026-33892

5.1
    Siemens
  • Industrial Edge Management Pro
  • Industrial Edge Management Virtual
Published: April 14, 2026

CVE-2026-24906

5.1
    October
  • October Cms
Published: April 14, 2026

CVE-2026-24907

5.1
    October
  • October Cms
Published: April 14, 2026

CVE-2026-34161

5.1
    Chamilo
  • Chamilo Lms
Published: April 14, 2026

CVE-2026-34262

5.0
    Sap
  • Hana Cockpit
  • Hana Database Explorer
Published: April 14, 2026

CVE-2026-39418

5.0
    Maxkb
  • Maxkb
Published: April 14, 2026

CVE-2026-27673

4.9
    Sap
  • Sap S/4hana
Published: April 14, 2026

CVE-2026-39811

4.9
    Fortinet
  • Fortiweb
Published: April 14, 2026

CVE-2026-22692

4.9
    October
  • October
Published: April 14, 2026

CVE-2026-25125

4.9
    October
  • October
Published: April 14, 2026

CVE-2026-39812

4.8
    Fortinet
  • Fortisanbox
  • Fortisanbox Paas
Published: April 14, 2026

CVE-2026-25133

4.8
    October
  • October
Published: April 14, 2026

CVE-2026-39417

4.6
    Maxkb
  • Maxkb
Published: April 14, 2026

CVE-2026-22154

4.6
    Fortinet
  • Fortisoar Paas
  • Fortisoar On Premise
Published: April 14, 2026

CVE-2026-20928

4.6
    Microsoft
  • Windows Recovery Environment Agent
Published: April 14, 2026

CVE-2026-20945

4.6
    Microsoft
  • Sharepoint
Published: April 14, 2026

CVE-2026-26175

4.6
    Microsoft
  • Windows Boot Manager
Published: April 14, 2026

CVE-2026-33193

4.6
    Docmost
  • Docmost
Published: April 14, 2026

CVE-2026-4479

4.4
    Woocommerce
  • Whole Sale Products Dynamic Pricing Management
Published: April 14, 2026

CVE-2026-27906

4.4
    Microsoft
  • Windows Hello
Published: April 14, 2026

CVE-2026-32220

4.4
    Microsoft
  • Windows Virtualization Based Security
  • Vbs Enclave
Published: April 14, 2026

CVE-2026-27672

4.3
    Sap
  • Material Master
Published: April 14, 2026

CVE-2026-27676

4.3
    Sap
  • Sap S/4hana
Published: April 14, 2026

CVE-2026-34225

4.3
    Open Webui
  • Open Webui
Published: April 14, 2026

CVE-2026-33929

4.3
    Apache
  • Pdfbox
Published: April 14, 2026

CVE-2026-4109

4.3
    Eventin
  • Event Calendar
Published: April 14, 2026

CVE-2025-59809

4.3
    Fortinet
  • Fortisoar Paas
  • Fortisoar On-Premise
Published: April 14, 2026

CVE-2026-22576

4.3
    Fortinet
  • Fortisoar Paas
  • Fortisoar On-Premise
Published: April 14, 2026

CVE-2026-32202

4.3
    Microsoft
  • Windows Shell
Published: April 14, 2026

CVE-2026-33829

4.3
    Microsoft
  • Windows Snipping Tool
Published: April 14, 2026

CVE-2026-33146

4.3
    Docmost
  • Docmost
Published: April 14, 2026

CVE-2026-24318

4.2
    Sap
  • Business Objects Business Intelligence Platform
Published: April 14, 2026

CVE-2026-27683

4.1
    Sap
  • Businessobjects Business Intelligence
Published: April 14, 2026

CVE-2026-22574

4.1
    Fortinet
  • Fortisoar Paas
  • Fortisoar On-Premise
Published: April 14, 2026

CVE-2026-33414

4.0
    Podman
  • Podman
Published: April 14, 2026

CVE-2026-34454

3.5
    Oauth2-Proxy
  • Oauth2-Proxy
Published: April 14, 2026

CVE-2026-39419

3.1
    Maxkb
  • Maxkb
Published: April 14, 2026

CVE-2026-33948

2.9
    Jq
  • Jq
Published: April 14, 2026

CVE-2026-37589

2.7
    Sourcecodester
  • Storage Unit Rental Management System
Published: April 14, 2026

CVE-2026-37590

2.7
    Sourcecodester
  • Storage Unit Rental Management System
Published: April 14, 2026

CVE-2026-37591

2.7
    Sourcecodester
  • Storage Unit Rental Management System
Published: April 14, 2026

CVE-2026-37592

2.7
    Sourcecodester
  • Storage Unit Rental Management System
Published: April 14, 2026

CVE-2026-37593

2.7
    Sourcecodester
  • Online Employees Work From Home Attendance System
Published: April 14, 2026

CVE-2026-37594

2.7
    Sourcecodester
  • Online Employees Work From Home Attendance System
Published: April 14, 2026

CVE-2026-37595

2.7
    Sourcecodester
  • Online Employees Work From Home Attendance System
Published: April 14, 2026

CVE-2026-37596

2.7
    Sourcecodester
  • Online Employees Work From Home Attendance System
Published: April 14, 2026

CVE-2026-37597

2.7
    Sourcecodester
  • Online Employees Work From Home Attendance System
Published: April 14, 2026

CVE-2026-37598

2.7
    Sourcecodester
  • Patient Appointment Scheduler
Published: April 14, 2026

CVE-2026-37600

2.7
    Sourcecodester
  • Patient Appointment Scheduler
Published: April 14, 2026

CVE-2026-37601

2.7
    Sourcecodester
  • Patient Appointment Scheduler
Published: April 14, 2026

CVE-2026-37602

2.7
    Sourcecodester
  • Patient Appointment Scheduler System
Published: April 14, 2026

CVE-2026-27316

2.7
    Fortinet
  • Fortisandbox
  • Fortisandbox Paas
Published: April 14, 2026

CVE-2026-21741

2.4
    Fortinet
  • Fortinac-F
Published: April 14, 2026

CVE-2026-2401

2.4
    *
  • *
Published: April 14, 2026

CVE-2026-27307

2.4
    Adobe
  • Coldfusion
Published: April 14, 2026

CVE-2026-27308

2.4
    Adobe
  • Coldfusion
Published: April 14, 2026

CVE-2026-27675

2.0
    Sap
  • Sap Landscape Transformation
Published: April 14, 2026

CVE-2026-31908

None
    Apache
  • Apache Apisix
Published: April 14, 2026

CVE-2024-9168

None
    Wordpress
  • *
Published: April 14, 2026

CVE-2026-5307

None
    Wordpress
  • *
Published: April 14, 2026

CVE-2026-31049

None
    Hostbill
  • Hostbill
Published: April 14, 2026

CVE-2025-61260

None
    Openai
  • Codex Cli
Published: April 14, 2026

CVE-2025-69893

None
    Trezor
  • Trezor One
  • Trezor T
  • Trezor Safe
Published: April 14, 2026

CVE-2026-30480

None
    Librenms
  • Librenms
Published: April 14, 2026

CVE-2025-65133

None
    Manikandan580
  • School Management System
Published: April 14, 2026

CVE-2025-65134

None
    Manikandan580
  • School-Management-System
Published: April 14, 2026

CVE-2026-38533

None
    Snipe-It
  • Snipe-It
Published: April 14, 2026

CVE-2025-70023

None
    Transloadit
  • Uppy
Published: April 14, 2026

CVE-2026-5754

None
    Radware
  • Alteon
Published: April 14, 2026

CVE-2026-5756

None
    Drc
  • Central Office Services
Published: April 14, 2026
Click here to see more Vulnerabilities