Trending CVE
- EPSS 0.18%
- Published 07.04.2026 12:51:22
- Last modified 05.05.2026 14:16:07
Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking ex...
- EPSS 0.06%
- Published 04.05.2026 14:44:28
- Last modified 04.05.2026 20:24:58
Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.
- EPSS 0.01%
- Published 04.05.2026 18:00:10
- Last modified 05.05.2026 19:54:49
In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as the shell user with no additional execution privil...
- EPSS 0.23%
- Published 30.04.2026 15:06:11
- Last modified 04.05.2026 18:20:39
Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass. This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0...
- EPSS 26.55%
- Published 29.04.2026 15:10:37
- Last modified 04.05.2026 18:09:42
cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.
- EPSS 1.23%
- Published 22.04.2026 08:15:10
- Last modified 06.05.2026 13:53:24
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-pl...