| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-43939 | YAF.NET: Stored XSS in Forum Thread Posts/Replies Allowing Arbitrary JavaScript Execution for All Thread Viewers | YAFNET | YAFNET | High | 7.3 | 2026-05-12 13:56:40 | Deep Dive |
| CVE-2026-43930 | Parse Server: MFA SMS one-time password accepted twice under concurrent login | parse-community | parse-server | - | - | 2026-05-12 13:34:51 | Deep Dive |
| CVE-2026-43916 | pam_authnft: Heap buffer overflow in NETLINK_SOCK_DIAG reply walker | identd-ng | pam_authnft | - | - | 2026-05-12 13:31:44 | Deep Dive |
| CVE-2026-40638 | Dell PowerScale InsightIQ 安全漏洞 | Dell | PowerScale InsightIQ | Medium | 6.7 | 2026-05-12 13:31:12 | Deep Dive |
| CVE-2026-42006 | Open-Xchange OX Dovecot Pro 资源管理错误漏洞 | Open-Xchange GmbH | OX Dovecot Pro | Medium | 4.3 | 2026-05-12 13:28:47 | Deep Dive |
| CVE-2026-40020 | Open-Xchange OX Dovecot Pro 访问控制错误漏洞 | Open-Xchange GmbH | OX Dovecot Pro | Low | 3.1 | 2026-05-12 13:28:46 | Deep Dive |
| CVE-2026-40016 | Open-Xchange OX Dovecot Pro 资源管理错误漏洞 | Open-Xchange GmbH | OX Dovecot Pro | Medium | 5.3 | 2026-05-12 13:28:46 | Deep Dive |
| CVE-2026-33603 | Open-Xchange OX Dovecot Pro 安全漏洞 | Open-Xchange GmbH | OX Dovecot Pro | Medium | 6.8 | 2026-05-12 13:28:45 | Deep Dive |
| CVE-2026-27851 | Open-Xchange OX Dovecot Pro 安全漏洞 | Open-Xchange GmbH | OX Dovecot Pro | High | 7.4 | 2026-05-12 13:28:44 | Deep Dive |
| CVE-2026-35071 | Dell PowerScale InsightIQ 操作系统命令注入漏洞 | Dell | PowerScale InsightIQ | High | 8.2 | 2026-05-12 13:25:47 | Deep Dive |
| CVE-2026-45091 | sealed-env: TOTP secret embedded in unseal token payload (enterprise mode) | davidalmeidac | sealed-env | Critical | 9.1 | 2026-05-12 13:20:22 | Deep Dive |
| CVE-2026-8391 | Other issue in the JavaScript Engine component | Mozilla | Firefox | - | - | 2026-05-12 12:36:16 | Deep Dive |
| CVE-2026-8390 | Use-after-free in the JavaScript: WebAssembly component | Mozilla | Firefox | - | - | 2026-05-12 12:36:14 | Deep Dive |
| CVE-2026-8389 | JIT miscompilation in the JavaScript Engine: JIT component | Mozilla | Firefox | - | - | 2026-05-12 12:36:13 | Deep Dive |
| CVE-2026-8388 | Incorrect boundary conditions in the JavaScript Engine: JIT component | Mozilla | Firefox | - | - | 2026-05-12 12:36:11 | Deep Dive |
| CVE-2025-12659 | Heap-based buffer overflow in Siemens Simcenter Femap | Siemens | Simcenter Femap | - | - | 2026-05-12 12:30:05 | Deep Dive |
| CVE-2026-6865 | Improper Limitation of a Pathname to a Restricted Directory Vulnerability on Multiple Products | Schneider Electric | EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller | - | - | 2026-05-12 12:29:52 | Deep Dive |
| CVE-2026-4827 | Insufficient Entropy vulnerability on Multiple Products | Schneider Electric | Easergy MiCOM C264 | - | - | 2026-05-12 12:24:23 | Deep Dive |
| CVE-2026-42742 | WordPress Views for WPForms plugin <= 3.4.6 - SQL Injection vulnerability | Aman | Views for WPForms | High | 8.5 | 2026-05-12 11:02:10 | Deep Dive |
| CVE-2026-42741 | WordPress Ninja Forms Views – Display & Edit Ninja Forms Submissions on your site frontend plugin <= 3.3.2 - SQL Injection vulnerability | Aman | Ninja Forms Views – Display & Edit Ninja Forms Submissions on your site frontend | High | 8.5 | 2026-05-12 11:02:10 | Deep Dive |