{"sector":{"id":"healthcare","name":"Healthcare & Life Sciences","sector":"healthcare","description":"Hospitals, clinics, electronic health record (EHR) vendors, medical devices,\nand pharmaceutical R&D. Skewed toward HIPAA-relevant data exposure and\ndevice-side vulnerabilities.","visibility":"public"},"top_24h":[{"id":"3816dadc-8ff0-410a-9844-686803b9db6c","threat_type":"cve","title":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Wicket.\n\nThis issue affects Apache Wicket: from 8.0.0 through 8.17.","summary":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Wicket.\n\nThis issue affects Apache Wicket: from 8.0.0 through 8.17.0, from 9.0.0 through 9.22.0, from 10.0.0 through 10.8.0.\n\nUsers are recommended to upgrade to version 10.9.0, which fixes the issue.","severity":"high","cvss_score":7.5,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-06T10:16:26.037000Z","last_modified_at":"2026-05-06T16:06:39.442348Z","external_id":"CVE-2026-43646","description":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Wicket.\n\nThis issue affects Apache Wicket: from 8.0.0 through 8.17.0, from 9.0.0 through 9.22.0, from 10.0.0 through 10.8.0.\n\nUsers are recommended to upgrade to version 10.9.0, which fixes the issue.","affected_products":[],"references":["https://lists.apache.org/thread/6zqcvjyz4lsqty1z2g5hg7pl5fqk88rs","http://www.openwall.com/lists/oss-security/2026/05/06/3"],"sources":["nvd"],"score":35.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":7.5,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":35,"final_score":35.0},"calculated_at":"2026-05-06T16:06:39.959092Z"},{"id":"baa220cf-8f89-4f83-be0a-a124fecb3295","threat_type":"cve","title":"OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a priv","summary":"OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to query the API as any existing user, including the default admin account. This issue has been fixed in version 6.9.13. As a workaround, the default admin can be disabled using the `APP__ADMIN__EXTERNALLY_MANAGED` configuration.","severity":"critical","cvss_score":9.8,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-05T19:16:21.380000Z","last_modified_at":"2026-05-05T19:46:45.181090Z","external_id":"CVE-2026-27960","description":"OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to query the API as any existing user, including the default admin account. This issue has been fixed in version 6.9.13. As a workaround, the default admin can be disabled using the `APP__ADMIN__EXTERNALLY_MANAGED` configuration.","affected_products":[],"references":["https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-6vvv-vmfr-xhrx"],"sources":["nvd"],"score":35.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-287"],"points":20},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":9.8,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":35,"final_score":35.0},"calculated_at":"2026-05-06T02:00:15.955429Z"},{"id":"34f4f260-58b8-4949-afad-c64a8786feb0","threat_type":"cve","title":"A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/a","summary":"A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of the component Endpoint. Performing a manipulation results in information disclosure. Remote exploitation of the attack is possible. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The exploit is now public and may be used. Upgrading the affected component is recommended.","severity":"low","cvss_score":3.7,"cvss_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-06T15:16:13.210000Z","last_modified_at":"2026-05-06T16:06:39.815738Z","external_id":"CVE-2026-8028","description":"A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of the component Endpoint. Performing a manipulation results in information disclosure. Remote exploitation of the attack is possible. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The exploit is now public and may be used. Upgrading the affected component is recommended.","affected_products":[],"references":["https://gist.github.com/YLChen-007/1d52497b0221835f99367be61612746b","https://vuldb.com/submit/777659","https://vuldb.com/vuln/361276","https://vuldb.com/vuln/361276/cti"],"sources":["nvd"],"score":20.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":false,"threshold":6.5,"cvss_score":3.7,"points":0},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":20,"final_score":20.0},"calculated_at":"2026-05-06T16:06:40.008333Z"},{"id":"82627ee3-8b5f-4c76-b221-26864f7cde7e","threat_type":"cve","title":"HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may ex","summary":"HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access.","severity":"medium","cvss_score":4.6,"cvss_vector":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-06T15:16:08.247000Z","last_modified_at":"2026-05-06T16:06:39.738596Z","external_id":"CVE-2025-52613","description":"HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access.","affected_products":[],"references":["https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144"],"sources":["nvd"],"score":20.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":false,"threshold":6.5,"cvss_score":4.6,"points":0},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":20,"final_score":20.0},"calculated_at":"2026-05-06T16:06:40.075854Z"},{"id":"e9a98985-f42a-4c5c-8779-da7cbb41740a","threat_type":"cve","title":"HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header.  This coul","summary":"HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header.  This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly.","severity":"low","cvss_score":3.7,"cvss_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-06T15:16:07.900000Z","last_modified_at":"2026-05-06T16:06:39.715579Z","external_id":"CVE-2025-31984","description":"HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header.  This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly.","affected_products":[],"references":["https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144"],"sources":["nvd"],"score":20.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":false,"threshold":6.5,"cvss_score":3.7,"points":0},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":20,"final_score":20.0},"calculated_at":"2026-05-06T16:06:40.035353Z"},{"id":"15d6103e-9883-4485-987f-7d384e4bb275","threat_type":"cve","title":"HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directly. This could allow an increa","summary":"HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality.","severity":"low","cvss_score":3.7,"cvss_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-06T15:16:06.320000Z","last_modified_at":"2026-05-06T16:06:39.658081Z","external_id":"CVE-2025-31982","description":"HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality.","affected_products":[],"references":["https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144"],"sources":["nvd"],"score":20.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":false,"threshold":6.5,"cvss_score":3.7,"points":0},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":20,"final_score":20.0},"calculated_at":"2026-05-06T16:06:40.103068Z"},{"id":"be24c211-5631-4a8d-8f3c-12a3bc7f9f9a","threat_type":"cve","title":"HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, inte","summary":"HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to potentially misuse them, if exfiltrated.  .","severity":"medium","cvss_score":4.8,"cvss_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-06T15:16:06.100000Z","last_modified_at":"2026-05-06T16:06:39.610223Z","external_id":"CVE-2025-31976","description":"HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to potentially misuse them, if exfiltrated.  .","affected_products":[],"references":["https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144"],"sources":["nvd"],"score":20.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":false,"threshold":6.5,"cvss_score":4.8,"points":0},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":20,"final_score":20.0},"calculated_at":"2026-05-06T16:06:40.071826Z"},{"id":"eeb198d9-5a7b-4d1f-9635-a53803ddd487","threat_type":"cve","title":"HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal so","summary":"HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities.","severity":"low","cvss_score":2.6,"cvss_vector":"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-06T15:16:05.980000Z","last_modified_at":"2026-05-06T16:06:39.587285Z","external_id":"CVE-2025-31975","description":"HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities.","affected_products":[],"references":["https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144"],"sources":["nvd"],"score":20.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":false,"threshold":6.5,"cvss_score":2.6,"points":0},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":20,"final_score":20.0},"calculated_at":"2026-05-06T16:06:40.031574Z"},{"id":"9d560b15-5073-44e6-b843-446be11e52a0","threat_type":"cve","title":"A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/servi","summary":"A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Response Handler. The manipulation results in information disclosure. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is told to be difficult. You should upgrade the affected component.","severity":"low","cvss_score":3.7,"cvss_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-06T13:16:10.577000Z","last_modified_at":"2026-05-06T15:05:39.177797Z","external_id":"CVE-2026-8026","description":"A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Response Handler. The manipulation results in information disclosure. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is told to be difficult. You should upgrade the affected component.","affected_products":[],"references":["https://gist.github.com/YLChen-007/50a553f09aa1c7c04ce18cec13986a91","https://vuldb.com/submit/777656","https://vuldb.com/vuln/361273","https://vuldb.com/vuln/361273/cti"],"sources":["nvd"],"score":20.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":false,"threshold":6.5,"cvss_score":3.7,"points":0},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":20,"final_score":20.0},"calculated_at":"2026-05-06T15:05:39.335793Z"},{"id":"83f1048d-29c7-4635-b012-e3bee2bfb6bf","threat_type":"cve","title":"OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmr","summary":"OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnerable to a path traversal attack. The ModuleResourcesServlet constructs a filesystem path from user-controlled input without performing path boundary validation — the getFile() method concatenates the user-supplied path into an absolute filesystem path without calling normalize() or checking that the result stays within the allowed module resources directory. Because this endpoint serves static resources required for rendering the login page, it is not protected by authentication filters, allowing unauthenticated exploitation.\n\nAn attacker can traverse directories and read arbitrary files from the server filesystem, including /etc/passwd and application configuration files containing database credentials. Successful exploitation requires the target deployment to run on Apache Tomcat versions prior to 8.5.31, where the ..; path parameter bypass is not mitigated by the container. Deployments on Tomcat 8.5.31 or later and Tomcat 9.0.10 or later are protected at the container level, though the underlying code defect remains. This issue has been fixed in versions after 2.7.8 (within the 2.7.x branch) and in version 2.8.6 and later.","severity":"unknown","cvss_score":null,"cvss_vector":null,"cvss_version":null,"tags":["nvd"],"published_at":"2026-05-05T22:16:00.520000Z","last_modified_at":"2026-05-05T22:49:38.059873Z","external_id":"CVE-2026-40075","description":"OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnerable to a path traversal attack. The ModuleResourcesServlet constructs a filesystem path from user-controlled input without performing path boundary validation — the getFile() method concatenates the user-supplied path into an absolute filesystem path without calling normalize() or checking that the result stays within the allowed module resources directory. Because this endpoint serves static resources required for rendering the login page, it is not protected by authentication filters, allowing unauthenticated exploitation.\n\nAn attacker can traverse directories and read arbitrary files from the server filesystem, including /etc/passwd and application configuration files containing database credentials. Successful exploitation requires the target deployment to run on Apache Tomcat versions prior to 8.5.31, where the ..; path parameter bypass is not mitigated by the container. Deployments on Tomcat 8.5.31 or later and Tomcat 9.0.10 or later are protected at the container level, though the underlying code defect remains. This issue has been fixed in versions after 2.7.8 (within the 2.7.x branch) and in version 2.8.6 and later.","affected_products":[],"references":["https://github.com/openmrs/openmrs-core/security/advisories/GHSA-jjgj-cx3q-pw4w"],"sources":["nvd"],"score":20.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":false,"matched":[],"points":0},"cvss_threshold":{"hit":false,"threshold":6.5,"cvss_score":null,"points":0},"priority_boost":{"hit":true,"matched":["medical record"],"points":20},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":20,"final_score":20.0},"calculated_at":"2026-05-06T02:00:16.356081Z"}],"top_7d":[{"id":"0da69b0c-abe3-484a-af6c-cc3bd2432dc7","threat_type":"cve","title":"cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to g","summary":"cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.","severity":"critical","cvss_score":9.8,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss_version":"3.1","tags":["nvd","kev","actively-exploited","ransomware"],"published_at":"2026-04-29T22:17:34.339369Z","last_modified_at":"2026-05-06T15:23:37.677810Z","external_id":"CVE-2026-41940","description":"cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.","affected_products":["cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*","cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*","cpe:2.3:a:cpanel:wp_squared:*:*:*:*:*:wordpress:*:*"],"references":["https://docs.cpanel.net/release-notes/release-notes","https://docs.wpsquared.com/changelogs/versions/changelog/#13617","https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026","https://www.namecheap.com/status-updates/ongoing-critical-security-vulnerability-in-cpanel-april-28-2026","https://www.vulncheck.com/advisories/cpanel-and-whm-authentication-bypass-via-login-flow","https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/","https://www.bleepingcomputer.com/news/security/critrical-cpanel-flaw-mass-exploited-in-sorry-ransomware-attacks/","https://github.com/watchtowrlabs/watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-41940"],"sources":["nvd","cisa_kev"],"score":75.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":false,"matched":[],"points":0},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":9.8,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":true,"points":25},"actively_exploited":{"hit":true,"points":15},"ransomware":{"hit":true,"points":15},"multi_source":{"hit":true,"source_count":2,"points":5},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":75,"final_score":75.0},"calculated_at":"2026-05-06T15:24:16.023863Z"},{"id":"dd79bf81-0d9f-4762-9c5c-249ad783be0a","threat_type":"cve","title":"OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login","summary":"OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers can submit POST requests with authUser and clearPass parameters to systematically test username and password combinations without account lockout restrictions.","severity":"high","cvss_score":7.5,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-05T12:16:17.160000Z","last_modified_at":"2026-05-05T20:47:39.817085Z","external_id":"CVE-2023-54347","description":"OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers can submit POST requests with authUser and clearPass parameters to systematically test username and password combinations without account lockout restrictions.","affected_products":["cpe:2.3:a:open-emr:openemr:7.0.1:*:*:*:*:*:*:*"],"references":["https://github.com/openemr/openemr/archive/refs/tags/v7_0_1.tar.gz","https://www.exploit-db.com/exploits/51413","https://www.open-emr.org/","https://www.vulncheck.com/advisories/openemr-authentication-brute-force-mitigation-bypass"],"sources":["nvd"],"score":60.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":true,"matched":["emr"],"points":25},"cwe_match":{"hit":true,"matched":["CWE-307"],"points":20},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":7.5,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":60,"final_score":60.0},"calculated_at":"2026-05-06T02:00:14.844795Z"},{"id":"4f1e1ccb-9a2d-4d4b-88d6-025408e35526","threat_type":"cve","title":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit","summary":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.","severity":"critical","cvss_score":7.8,"cvss_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss_version":"3.1","tags":["nvd","kev","actively-exploited"],"published_at":"2026-04-29T22:17:30.493476Z","last_modified_at":"2026-05-06T15:23:37.653656Z","external_id":"CVE-2026-31431","description":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.","affected_products":["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*","cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*","cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*","cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*","cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux:10.1:*:*:*:*:*:*:*","cpe:2.3:o:amazon:amazon_linux:-:*:*:*:*:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*","cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*"],"references":["https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c","https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc","https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667","https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82","https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b","https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5","https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237","https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8","http://www.openwall.com/lists/oss-security/2026/04/29/23","http://www.openwall.com/lists/oss-security/2026/04/29/25","http://www.openwall.com/lists/oss-security/2026/04/29/26","http://www.openwall.com/lists/oss-security/2026/04/30/10","http://www.openwall.com/lists/oss-security/2026/04/30/11","http://www.openwall.com/lists/oss-security/2026/04/30/12","http://www.openwall.com/lists/oss-security/2026/04/30/14","http://www.openwall.com/lists/oss-security/2026/04/30/15","http://www.openwall.com/lists/oss-security/2026/04/30/16","http://www.openwall.com/lists/oss-security/2026/04/30/17","http://www.openwall.com/lists/oss-security/2026/04/30/18","http://www.openwall.com/lists/oss-security/2026/04/30/2","http://www.openwall.com/lists/oss-security/2026/04/30/20","http://www.openwall.com/lists/oss-security/2026/04/30/5","http://www.openwall.com/lists/oss-security/2026/04/30/6","http://www.openwall.com/lists/oss-security/2026/05/01/10","http://www.openwall.com/lists/oss-security/2026/05/01/12","http://www.openwall.com/lists/oss-security/2026/05/01/15","http://www.openwall.com/lists/oss-security/2026/05/01/16","http://www.openwall.com/lists/oss-security/2026/05/01/17","http://www.openwall.com/lists/oss-security/2026/05/01/18","http://www.openwall.com/lists/oss-security/2026/05/01/2","http://www.openwall.com/lists/oss-security/2026/05/01/22","http://www.openwall.com/lists/oss-security/2026/05/01/23","http://www.openwall.com/lists/oss-security/2026/05/01/24","http://www.openwall.com/lists/oss-security/2026/05/01/3","http://www.openwall.com/lists/oss-security/2026/05/02/14","http://www.openwall.com/lists/oss-security/2026/05/02/15","http://www.openwall.com/lists/oss-security/2026/05/02/16","http://www.openwall.com/lists/oss-security/2026/05/02/17","http://www.openwall.com/lists/oss-security/2026/05/02/18","http://www.openwall.com/lists/oss-security/2026/05/02/19","http://www.openwall.com/lists/oss-security/2026/05/02/20","http://www.openwall.com/lists/oss-security/2026/05/02/21","http://www.openwall.com/lists/oss-security/2026/05/02/23","http://www.openwall.com/lists/oss-security/2026/05/02/24","http://www.openwall.com/lists/oss-security/2026/05/02/25","http://www.openwall.com/lists/oss-security/2026/05/02/4","http://www.openwall.com/lists/oss-security/2026/05/02/5","http://www.openwall.com/lists/oss-security/2026/05/02/6","http://www.openwall.com/lists/oss-security/2026/05/02/7","http://www.openwall.com/lists/oss-security/2026/05/02/8","http://www.openwall.com/lists/oss-security/2026/05/03/10","http://www.openwall.com/lists/oss-security/2026/05/03/12","http://www.openwall.com/lists/oss-security/2026/05/03/13","http://www.openwall.com/lists/oss-security/2026/05/03/3","http://www.openwall.com/lists/oss-security/2026/05/03/4","http://www.openwall.com/lists/oss-security/2026/05/03/5","http://www.openwall.com/lists/oss-security/2026/05/03/6","http://www.openwall.com/lists/oss-security/2026/05/04/1","http://www.openwall.com/lists/oss-security/2026/05/04/10","http://www.openwall.com/lists/oss-security/2026/05/04/11","http://www.openwall.com/lists/oss-security/2026/05/04/12","http://www.openwall.com/lists/oss-security/2026/05/04/13","http://www.openwall.com/lists/oss-security/2026/05/04/14","http://www.openwall.com/lists/oss-security/2026/05/04/2","http://www.openwall.com/lists/oss-security/2026/05/04/24","http://www.openwall.com/lists/oss-security/2026/05/04/27","http://www.openwall.com/lists/oss-security/2026/05/04/28","http://www.openwall.com/lists/oss-security/2026/05/04/29","http://www.openwall.com/lists/oss-security/2026/05/04/31","http://www.openwall.com/lists/oss-security/2026/05/04/8","http://www.openwall.com/lists/oss-security/2026/05/04/9","http://www.openwall.com/lists/oss-security/2026/05/06/5","https://copy.fail","https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170","https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation","https://github.com/theori-io/copy-fail-CVE-2026-31431","https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431","https://xint.io/blog/copy-fail-linux-distributions#the-fix-6"],"sources":["cisa_kev","nvd"],"score":60.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":false,"matched":[],"points":0},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":7.8,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":true,"points":25},"actively_exploited":{"hit":true,"points":15},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":true,"source_count":2,"points":5},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":60,"final_score":60.0},"calculated_at":"2026-05-06T15:24:16.017346Z"},{"id":"464581ce-518a-40f4-905e-9d0aed121929","threat_type":"cve","title":"A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.p","summary":"A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.php. This manipulation of the argument delid causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.","severity":"high","cvss_score":7.3,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-02T14:16:18.510000Z","last_modified_at":"2026-05-05T19:46:40.228166Z","external_id":"CVE-2026-7632","description":"A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.php. This manipulation of the argument delid causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.","affected_products":[],"references":["https://code-projects.org/","https://github.com/Sh1tKing/cve/blob/main/CVE-2026-7632.md","https://github.com/Sh1tKing/cve/blob/main/time-blind-sql.md","https://vuldb.com/submit/806633","https://vuldb.com/vuln/360578","https://vuldb.com/vuln/360578/cti"],"sources":["nvd"],"score":40.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":true,"matched":["hospital"],"points":25},"cwe_match":{"hit":false,"matched":[],"points":0},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":7.3,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":40,"final_score":40.0},"calculated_at":"2026-05-06T02:00:10.954203Z"},{"id":"3bcbff31-4b08-4b95-a996-f811bd972f89","threat_type":"cve","title":"A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action","summary":"A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=save_customer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.","severity":"high","cvss_score":7.3,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-01T05:16:03.847000Z","last_modified_at":"2026-05-01T16:10:32.461885Z","external_id":"CVE-2026-7550","description":"A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=save_customer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.","affected_products":[],"references":["https://github.com/khairulazly760530-cell/cves/issues/2","https://vuldb.com/submit/805539","https://vuldb.com/vuln/360360","https://vuldb.com/vuln/360360/cti","https://www.sourcecodester.com/"],"sources":["nvd"],"score":40.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":true,"matched":["pharmacy"],"points":25},"cwe_match":{"hit":false,"matched":[],"points":0},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":7.3,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":40,"final_score":40.0},"calculated_at":"2026-05-06T02:00:10.277321Z"},{"id":"e05a23cf-7cb8-4724-819d-83f9c8af65f3","threat_type":"cve","title":"A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_","summary":"A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_customer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used.","severity":"high","cvss_score":7.3,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-01T05:16:03.657000Z","last_modified_at":"2026-05-01T16:10:32.437798Z","external_id":"CVE-2026-7549","description":"A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_customer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used.","affected_products":[],"references":["https://github.com/khairulazly760530-cell/cves/issues/3","https://vuldb.com/submit/805538","https://vuldb.com/vuln/360359","https://vuldb.com/vuln/360359/cti","https://www.sourcecodester.com/"],"sources":["nvd"],"score":40.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":true,"matched":["pharmacy"],"points":25},"cwe_match":{"hit":false,"matched":[],"points":0},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":7.3,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":40,"final_score":40.0},"calculated_at":"2026-05-06T02:00:10.394616Z"},{"id":"3816dadc-8ff0-410a-9844-686803b9db6c","threat_type":"cve","title":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Wicket.\n\nThis issue affects Apache Wicket: from 8.0.0 through 8.17.","summary":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Wicket.\n\nThis issue affects Apache Wicket: from 8.0.0 through 8.17.0, from 9.0.0 through 9.22.0, from 10.0.0 through 10.8.0.\n\nUsers are recommended to upgrade to version 10.9.0, which fixes the issue.","severity":"high","cvss_score":7.5,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-06T10:16:26.037000Z","last_modified_at":"2026-05-06T16:06:39.442348Z","external_id":"CVE-2026-43646","description":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Wicket.\n\nThis issue affects Apache Wicket: from 8.0.0 through 8.17.0, from 9.0.0 through 9.22.0, from 10.0.0 through 10.8.0.\n\nUsers are recommended to upgrade to version 10.9.0, which fixes the issue.","affected_products":[],"references":["https://lists.apache.org/thread/6zqcvjyz4lsqty1z2g5hg7pl5fqk88rs","http://www.openwall.com/lists/oss-security/2026/05/06/3"],"sources":["nvd"],"score":35.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":7.5,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":35,"final_score":35.0},"calculated_at":"2026-05-06T16:06:39.959092Z"},{"id":"baa220cf-8f89-4f83-be0a-a124fecb3295","threat_type":"cve","title":"OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a priv","summary":"OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to query the API as any existing user, including the default admin account. This issue has been fixed in version 6.9.13. As a workaround, the default admin can be disabled using the `APP__ADMIN__EXTERNALLY_MANAGED` configuration.","severity":"critical","cvss_score":9.8,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-05T19:16:21.380000Z","last_modified_at":"2026-05-05T19:46:45.181090Z","external_id":"CVE-2026-27960","description":"OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to query the API as any existing user, including the default admin account. This issue has been fixed in version 6.9.13. As a workaround, the default admin can be disabled using the `APP__ADMIN__EXTERNALLY_MANAGED` configuration.","affected_products":[],"references":["https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-6vvv-vmfr-xhrx"],"sources":["nvd"],"score":35.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-287"],"points":20},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":9.8,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":35,"final_score":35.0},"calculated_at":"2026-05-06T02:00:15.955429Z"},{"id":"3e0e2c1a-97d0-47d3-8a1c-b99c0b524192","threat_type":"cve","title":"The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4.14B) does not perform any access control checks o","summary":"The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4.14B) does not perform any access control checks on the write_mem (ioctl 0x89F5) and read_mem (ioctl 0x89F6) debug handlers, which are compiled into production builds via the unconditionally defined _IOCTL_DEBUG_CMD_ macro in 8192cd_cfg.h","severity":"high","cvss_score":7.7,"cvss_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-05T14:16:08.737000Z","last_modified_at":"2026-05-05T18:45:39.366301Z","external_id":"CVE-2026-36355","description":"The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4.14B) does not perform any access control checks on the write_mem (ioctl 0x89F5) and read_mem (ioctl 0x89F6) debug handlers, which are compiled into production builds via the unconditionally defined _IOCTL_DEBUG_CMD_ macro in 8192cd_cfg.h","affected_products":[],"references":["http://realtek.com","https://github.com/totekuh/CVE-2026-36355"],"sources":["nvd"],"score":35.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":7.7,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":35,"final_score":35.0},"calculated_at":"2026-05-06T02:00:15.121747Z"},{"id":"fbd298fb-31c2-41c5-adfc-2c62720ebcce","threat_type":"cve","title":"The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage of a w","summary":"The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage of a weak hash generation algorithm in all versions up to, and including, 240119. This makes it possible for unauthenticated attackers to extract the global key from any public post page, forge authorization keys and manage comment subscription preferences for arbitrary users","severity":"medium","cvss_score":6.5,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss_version":"3.1","tags":["nvd"],"published_at":"2026-05-05T03:15:59.420000Z","last_modified_at":"2026-05-05T19:46:42.981452Z","external_id":"CVE-2026-4409","description":"The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage of a weak hash generation algorithm in all versions up to, and including, 240119. This makes it possible for unauthenticated attackers to extract the global key from any public post page, forge authorization keys and manage comment subscription preferences for arbitrary users","affected_products":[],"references":["https://plugins.trac.wordpress.org/browser/subscribe-to-comments-reloaded/tags/240119/templates/user.php#L37","https://plugins.trac.wordpress.org/browser/subscribe-to-comments-reloaded/tags/240119/utils/stcr_utils.php#L164","https://plugins.trac.wordpress.org/browser/subscribe-to-comments-reloaded/tags/240119/wp_subscribe_reloaded.php#L1613","https://www.wordfence.com/threat-intel/vulnerabilities/id/91f9235e-f578-475f-92c3-34062d6d1e3d?source=cve"],"sources":["nvd"],"score":35.0,"score_breakdown":{"technology_match":{"hit":false,"matched":[],"points":0},"keyword_match":{"hit":false,"matched":[],"points":0},"cwe_match":{"hit":true,"matched":["CWE-200"],"points":20},"cvss_threshold":{"hit":true,"threshold":6.5,"cvss_score":6.5,"points":15},"priority_boost":{"hit":false,"matched":[],"points":0},"excluded":{"hit":false,"matched":[],"points":0},"kev":{"hit":false,"points":0},"actively_exploited":{"hit":false,"points":0},"ransomware":{"hit":false,"points":0},"multi_source":{"hit":false,"source_count":1,"points":0},"package_match":{"hit":false,"matched":[],"points":0},"raw_total":35,"final_score":35.0},"calculated_at":"2026-05-06T02:00:14.676729Z"}],"stats":{"total_threats":28771,"critical_count":3,"high_count":1,"average_score":10.17,"sources_active":["nvd","cisa_kev"]}}