| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-45088 | Dalfox: Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file` in Dalfox Server Mode | hahwul | dalfox | High | 7.5 | 2026-05-27 17:35:02 | Deep Dive |
| CVE-2026-45087 | Dalfox: Unauthenticated Remote Code Execution via `found-action` in Dalfox Server Mode | hahwul | dalfox | Critical | 10.0 | 2026-05-27 17:34:29 | Deep Dive |
| CVE-2026-45089 | Dalfox: Unauthenticated Arbitrary File Create/Append via `output` Option in Dalfox Server Mode | hahwul | dalfox | High | 8.2 | 2026-05-27 17:33:44 | Deep Dive |
| CVE-2026-45090 | Dalfox: Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode) | hahwul | dalfox | High | 7.5 | 2026-05-27 17:33:07 | Deep Dive |
| CVE-2026-42553 | Cinny: Access token disclosure via invalidated emoji pack avatar URL in service worker | cinnyapp | cinny | - | - | 2026-05-27 17:27:27 | Deep Dive |
| CVE-2026-5509 | Arbitrary Command Injection via Browser Developer Console in TP-Link Archer BE450 and BE7200 | TP-Link Systems Inc. | Archer BE7200 V1 | - | - | 2026-05-27 17:26:48 | Deep Dive |
| CVE-2026-44345 | BentoML: Dockerfile command injection via docker.base_image | bentoml | BentoML | High | 8.8 | 2026-05-27 17:24:19 | Deep Dive |
| CVE-2026-44346 | BentoML: Dockerfile command injection via envs[*].name in bentofile.yaml | bentoml | BentoML | High | 8.8 | 2026-05-27 17:22:47 | Deep Dive |
| CVE-2026-45081 | Frappe HR: Permission Bypass in HRMS Leave Details API | frappe | hrms | Medium | 6.5 | 2026-05-27 17:18:54 | Deep Dive |
| CVE-2026-44521 | elFinder: SQL Injection MySQL Volume Driver (elFinderVolumeMySQL) | Studio-42 | elFinder | High | 8.8 | 2026-05-27 17:16:51 | Deep Dive |
| CVE-2026-48147 | Budibase: Unanchored Regex in `matchers.ts` Allows CSRF Bypass via Query String Injection in Budibase Worker | Budibase | budibase | Medium | 6.5 | 2026-05-27 17:14:17 | Deep Dive |
| CVE-2026-48148 | Budibase: Unvalidated VectorDB Host Parameter Enables SSRF | Budibase | budibase | - | - | 2026-05-27 17:12:31 | Deep Dive |
| CVE-2026-45548 | Budibase: SSRF in AI Extract File Automation Step via Missing IP Blacklist Validation | Budibase | budibase | High | 7.7 | 2026-05-27 17:11:43 | Deep Dive |
| CVE-2026-45715 | Budibase: SSRF Bypass via HTTP Redirect in REST Datasource Integration | Budibase | budibase | High | 7.7 | 2026-05-27 17:10:54 | Deep Dive |
| CVE-2026-45716 | Budibase: Builder-to-Admin Privilege Escalation via onboardUsers Endpoint Without SMTP Configuration | Budibase | budibase | High | 8.8 | 2026-05-27 17:09:43 | Deep Dive |
| CVE-2026-45717 | Budibase: `PUT /api/datasources/:datasourceId` is protected only by `TABLE/READ` permission instead of builder access, allowing any authenticated app user to overwrite datasource connection parameters including host, port, and URL. | Budibase | budibase | High | 8.8 | 2026-05-27 17:09:07 | Deep Dive |
| CVE-2026-45718 | Budibase: Row Action Trigger Bypasses View Row Filter Security Boundary Allowing Action on Out-of-Scope Rows | Budibase | budibase | Medium | 5.4 | 2026-05-27 17:08:00 | Deep Dive |
| CVE-2026-45719 | Budibase: CouchDB Reduce Injection via Unsanitized Calculation Parameter in V1 Views API | Budibase | budibase | Medium | 6.5 | 2026-05-27 17:07:21 | Deep Dive |
| CVE-2026-46425 | Budibase: SCIM endpoints lack role-based authorization, BASIC users CRUD tenant users | Budibase | budibase | Critical | 9.9 | 2026-05-27 17:06:36 | Deep Dive |
| CVE-2026-46424 | Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour | Budibase | budibase | Medium | 4.2 | 2026-05-27 17:05:22 | Deep Dive |