// CVE Tracker

A critical improper certificate validation vulnerability in wolfSSL allows attackers to present forged X.509 certificates with truncated digests that pass ECDSA, DSA, ML-DSA, Ed25519, and Ed448 signature verification without a legitimate private key. An attacker positioned between a vulnerable device and its server can exploit this to conduct TLS man-in-the-middle attacks, intercepting and modifying supposedly encrypted traffic. wolfSSL is an embedded TLS library present in an estimated 5 billion IoT, industrial, automotive, and network devices. Patched in wolfSSL 5.9.1 released 8 April 2026.

A critical vulnerability in Cohere Terrarium's JavaScript bridge layer allows an attacker to escape the Pyodide WebAssembly sandbox through JavaScript prototype chain traversal. By constructing a Python object that traverses the prototype chain across the Pyodide serialisation boundary into the host JavaScript context, an attacker can reach the Function constructor and execute arbitrary code as root on the host Node.js process. The vulnerability affects all Terrarium deployments processing externally-controlled or LLM-generated Python code. No public proof-of-concept has been released; Cohere has issued a patched version. The attack requires the ability to influence Python code submitted to Terrarium — achievable through direct API access, indirect prompt injection, or LLM output manipulation.

A memory corruption vulnerability in SketchUp's handling of maliciously crafted .SKP (SketchUp Model) files allows remote code execution when a user opens a weaponised file. The vulnerability exists in how SketchUp's legacy Internet Explorer 11 WebView component renders embedded HTML content within SKP files. The IE11 WebView is a legacy rendering component that SketchUp has used for UI elements across multiple product generations. Because IE11 reached end-of-life in June 2022 and no longer receives security patches, vulnerabilities in the IE11 rendering engine are no longer addressed by Microsoft — making any application that embeds the IE11 WebView a vector for unpatched memory corruption. CVSS 9.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H). Affected: SketchUp Pro and SketchUp Go versions prior to the patched release.

A heap buffer overflow in NGINX's HTTP/1.1 chunked transfer encoding parser has been present since version 0.6.27 (released 2008), affecting every NGINX version in production use. A malformed HTTP request with a crafted chunk size value triggers the overflow in the parsing code, reliably causing denial-of-service via worker process crash and potentially enabling code execution under specific heap layout conditions. CVSS 9.2. Affects NGINX mainline, stable, and commercial NGINX Plus, as well as any product embedding NGINX as a component including Kubernetes nginx-ingress-controller.

A command injection vulnerability in the management interface of Cisco Firepower Threat Defence (FTD) software allows an unauthenticated remote attacker to execute arbitrary OS commands with root privileges on the underlying device. The flaw exists in the input handling of the FTD management plane and requires no authentication to exploit. Successful exploitation provides full device compromise, enabling the FIRESTARTER implant campaign documented in the joint CISA/NCSC advisory published April 2026.

A critical authentication bypass vulnerability in Progress ShareFile Storage Zones Controller (SZC) arises from improper handling of execution-after-redirect behaviour in the /ConfigService/Admin.aspx administrative endpoint. An unauthenticated remote attacker can exploit the redirect logic to gain access to restricted administrative functions without supplying valid credentials. When chained with CVE-2026-2701 (arbitrary file upload), this vulnerability enables fully unauthenticated remote code execution. Progress released a fix in SZC version 5.12.4 on 10 March 2026; watchTowr Labs published full technical details on 2 April, significantly lowering the exploitation barrier. Approximately 30,000 SZC instances are internet-exposed.

A critical improper access control vulnerability (CWE-284) in Fortinet FortiClient Endpoint Management Server allows an unauthenticated remote attacker to bypass API authentication and execute arbitrary code or commands on the server via crafted HTTP requests. Carrying a CVSS score of 9.1, this flaw affects the management plane responsible for deploying and enforcing endpoint security policy, ZTNA, and VPN access controls across managed fleets. Active exploitation was confirmed by multiple researchers beginning 31 March 2026, and CISA added CVE-2026-35616 to its KEV catalogue on 6 April with a federal remediation deadline of 9 April — one of the shortest timelines CISA issues.

An OS command injection vulnerability in Fortinet FortiSandbox's job detail endpoint allows unauthenticated remote attackers to execute arbitrary commands as root via crafted HTTP requests. The endpoint at /fortisandbox/job-detail/tracer-behavior passes user-supplied input to an OS command context without sanitisation. Fortinet silently patched the vulnerability in November 2025 but did not disclose the CVE publicly until April 2026. A public proof-of-concept demonstrating one-command unauthenticated root RCE was released by security researcher Samuel de Lucas in April 2026.

A security regression in Microsoft.AspNetCore.DataProtection introduced in .NET 10.0.0 causes the DataProtection key storage provider to write encryption key material to world-readable file system paths or log it to standard output on Linux deployments when no explicit key repository is configured. Applications using cookie authentication, anti-forgery tokens, or TempData — all of which rely on DataProtection — are at risk of session key theft, enabling authentication cookie forgery, CSRF bypass, and decryption of protected payloads. The regression does not affect Windows deployments using DPAPI-backed storage. Microsoft released an out-of-band patch (.NET 10.0.7) on 21–22 April 2026.

Spring Boot 4.0.0 through 4.0.5 exposes all Actuator management endpoints without authentication when applications include spring-boot-actuator-autoconfigure but omit the spring-boot-health dependency — a common configuration in applications migrating from Spring Boot 3.x. The security filter chain mapping silently fails to apply, leaving /actuator/heapdump, /actuator/env, /actuator/loggers, and other endpoints accessible to unauthenticated network peers. No error or warning is logged. Patched in Spring Boot 4.0.6.

CVE-2026-6074 is an unauthenticated path traversal vulnerability in the Intrado 911 Emergency Gateway (EGW) management interface affecting versions 5.x through 7.x. An attacker with network access to the management interface can traverse outside the web root to read, write, or delete arbitrary files on the underlying system — no credentials or prior authentication required. Successful exploitation could allow modification of 911 call routing configuration, deployment of persistent web shells, or disabling of emergency call processing. Intrado patched the vulnerability on March 2 2026 and is directly contacting affected PSAP customers.

Deserialization vulnerability in the Wazuh manager's agent registration API endpoint (TCP 55000). An attacker who can reach the API port can send a crafted registration request containing a malicious serialised payload that executes arbitrary code in the context of the Wazuh manager process, which typically runs with root or high-privilege service account credentials. No authentication is required. Affects Wazuh 4.0.0 through 4.11.1. Fixed in Wazuh 4.11.2.

A server-side request forgery (SSRF) vulnerability in CrowdStrike Falcon LogScale (formerly Humio) allows an authenticated user with any role to cause the LogScale server to issue arbitrary HTTP requests to internal network resources. The vulnerability exists in a data processing component that handles user-supplied URLs without adequate validation. Because LogScale has broad network connectivity to collect log data, this SSRF can be used to reach internal APIs, cloud metadata services, and protected network segments inaccessible from an external position.

Stored cross-site scripting (XSS) in Jenkins GitHub Plugin 1.46.0 and earlier via insufficient escaping of GitHub repository URL values in JavaScript rendered on job configuration and build result pages. An attacker with Item/Configure permission can inject a malicious JavaScript payload via the GitHub URL field; the payload executes in the browser of any Jenkins administrator who views the affected job, providing access to administrator session cookies, CSRF tokens, and the ability to extract pipeline credentials or modify pipeline definitions. Fixed in GitHub Plugin 1.46.1.

A buffer overflow vulnerability in Apple's WebKit browser engine serves as the initial entry point of the DarkSword multi-stage iOS and macOS exploit chain. An attacker can trigger the overflow by delivering a malicious webpage via Safari or any WebKit-based application, achieving initial code execution within the browser process without requiring user interaction beyond page load. This CVE affects iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. CISA added CVE-2025-31277 to the Known Exploited Vulnerabilities catalogue on 20 March 2026, confirming active exploitation as part of the DarkSword framework.

An elevation-of-privilege vulnerability in Windows Active Directory Domain Services caused by improper restriction and validation of Service Principal Names (SPNs) and User Principal Names (UPNs). A low-privileged authenticated domain user can exploit Unicode normalisation edge cases in name handling to escalate to domain administrator privileges over the network with no user interaction required. Patched in the March 2026 Patch Tuesday (10 March). Added to CISA Known Exploited Vulnerabilities catalogue following confirmed active exploitation approximately three weeks after the patch was released.

An arbitrary file upload vulnerability in Progress ShareFile Storage Zones Controller allows an attacker with administrative session access to upload and extract archive content into the IIS web root, enabling placement of malicious ASPX webshells that execute with the web server's privileges. When chained with the authentication bypass in CVE-2026-2699, this vulnerability can be exploited without any authentication, yielding full remote code execution on the server. The full attack chain was publicly documented by watchTowr Labs on 2 April 2026 following coordinated disclosure, and Progress has issued a fix in version 5.12.4.

A remote code execution vulnerability in the Windows Graphics Device Interface (GDI) is triggered when a specially crafted Enhanced Metafile (EMF) is processed by the system. The vulnerability can be exploited via malicious documents, images, or files that a user previews in Windows Explorer or opens in an application that renders EMF content. The attack does not require elevated privileges. A successful exploit executes code in the context of the current user.

An out-of-bounds write vulnerability in Chrome's Skia graphics library allows a remote attacker to achieve arbitrary code execution within the sandboxed renderer process via a crafted web page. The flaw provides a reliable memory corruption primitive that, when chained with a sandbox escape, enables full OS-level code execution. Confirmed exploited in the wild before Google's emergency patch on 13 March 2026.

An inappropriate implementation vulnerability in Chrome's V8 JavaScript engine allows an attacker to escape the renderer sandbox. When chained with CVE-2026-3909 (Skia out-of-bounds write), this forms a complete renderer-to-OS exploitation chain delivering arbitrary code execution on the underlying operating system without additional user interaction. Both vulnerabilities were exploited together in targeted attacks prior to the 13 March 2026 emergency patch.

An authenticated remote code execution vulnerability in Microsoft SharePoint Server allows a user with standard account credentials to send a crafted HTTP request that triggers server-side code execution in the context of the SharePoint application pool service account. No elevated SharePoint permissions are required — any domain user with access to the SharePoint site is a potential attacker. The vulnerability affects all on-premises SharePoint Server versions in the supported lifecycle. SharePoint Online (Microsoft 365) is not affected.

SQL injection in Spring AI's CosmosDBVectorStore component via the SiteList parameter used in vector similarity search queries. The component constructs Azure Cosmos DB SQL queries using string concatenation without parameterisation or sanitisation of metadata filter values from SearchRequest objects. Attackers who control filter parameters — common when filter values derive from user input in RAG pipelines — can read out-of-scope documents or exfiltrate stored embeddings. Patched in Spring AI 1.1.5.

A SQL injection vulnerability in LiteLLM — an open-source AI gateway proxy used by enterprises to route requests to OpenAI, Anthropic, Azure OpenAI, and other AI providers — allows an attacker to read and modify LiteLLM's backend database. The database contains the API keys LiteLLM holds for connected AI providers, enabling theft of credentials equivalent to prepaid AI compute budgets. LiteLLM request logs may also contain sensitive business context submitted to LLMs by the organisation. CISA added CVE-2026-42208 to the Known Exploited Vulnerabilities catalogue on 7 May 2026 — the first AI infrastructure component to be confirmed exploited and listed in KEV.

A microarchitectural vulnerability in the operation cache (op-cache) of AMD Zen 2 processors allows a local attacker with the ability to execute unprivileged code to escalate privileges to the kernel (ring 0). The op-cache is a micro-op cache that stores decoded x86 instructions for performance optimisation. The vulnerability exploits a flaw in how the Zen 2 op-cache handles privilege ring transitions: cached micro-operations can be retrieved in a different privilege context than the one in which they were cached, allowing userspace code to trigger execution of a cached kernel-mode micro-operation sequence. This attack class is distinct from Spectre/Meltdown (which exploit speculative execution paths) — CVE-2026-46174 exploits a completed execution path in the op-cache that produces incorrect privilege assignment. AMD Security Bulletin AMD-SB-7052 published 28 May 2026. The Xen Project issued XSA-490 for hypervisor impacts on Xen running on Zen 2 hardware. Remediation requires PI firmware (BIOS/UEFI microcode) update from the system OEM — OS-level patches alone are insufficient. CVSS 8.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

An unauthenticated remote code execution vulnerability in FreeBSD's NFS server daemon (nfsd) allows a network-accessible attacker to execute arbitrary code without credentials. The vulnerability originates in the NFSv4 implementation introduced in FreeBSD 8.x and has been present for approximately 17 years. It was discovered by Anthropic's Claude Mythos AI vulnerability research model and disclosed through Project Glasswing in April 2026. FreeBSD NFS is widely deployed in NetApp storage appliances, BSD-based NAS devices, enterprise file servers, and network equipment. A patch is available in FreeBSD security advisories issued following Project Glasswing coordinated disclosure.