| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-40527 | radare2 Command Injection via DWARF Parameter Names | radareorg | radare2 | High | 7.8 | 2026-04-17 20:25:20 | Deep Dive |
| CVE-2026-40284 | WeGIA has stored XSS in listar_despachos.php | LabRedesCefetRJ | WeGIA | Medium | 6.8 | 2026-04-17 20:24:10 | Deep Dive |
| CVE-2026-35512 | xrdp: Heap buffer overflow in EGFX channel | neutrinolabs | xrdp | - | - | 2026-04-17 20:22:00 | Deep Dive |
| CVE-2026-40282 | WeGIA has stored XSS in intercorrencia_visualizar.php | LabRedesCefetRJ | WeGIA | - | - | 2026-04-17 20:16:47 | Deep Dive |
| CVE-2026-33689 | xrdp: Pre-authentication out-of-bounds reads in channel parsers | neutrinolabs | xrdp | - | - | 2026-04-17 20:16:31 | Deep Dive |
| CVE-2026-33145 | xrdp: Authenticated RCE via unsanitized AlternateShell execution in xrdp-sesman | neutrinolabs | xrdp | Medium | 6.3 | 2026-04-17 20:14:14 | Deep Dive |
| CVE-2026-40283 | WeGIA has stored XSS in profile_paciente.php | LabRedesCefetRJ | WeGIA | Medium | 6.8 | 2026-04-17 20:03:14 | Deep Dive |
| CVE-2026-32624 | xrdp: Heap buffer overflow in xrdp_sec_process_logon_info() via incorrect g_strncat length calculation | neutrinolabs | xrdp | - | - | 2026-04-17 19:58:09 | Deep Dive |
| CVE-2026-33516 | xrdp: Pre-authentication out-of-bounds reads in RDP capability and channel parsers | neutrinolabs | xrdp | - | - | 2026-04-17 19:56:12 | Deep Dive |
| CVE-2026-32650 | Anviz CrossChex Standard Algorithm Downgrade | Anviz | Anviz CrossChex Standard | High | 7.5 | 2026-04-17 19:52:45 | Deep Dive |
| CVE-2026-40434 | Anviz CrossChex Standard Improper Verification of Source of a Communication Channel | Anviz | Anviz CrossChex Standard | High | 8.1 | 2026-04-17 19:49:28 | Deep Dive |
| CVE-2026-35682 | Anviz CX2 Lite Command Injection | Anviz | Anviz CX2 Lite Firmware | High | 8.8 | 2026-04-17 19:46:27 | Deep Dive |
| CVE-2026-32623 | xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly | neutrinolabs | xrdp | - | - | 2026-04-17 19:43:59 | Deep Dive |
| CVE-2026-40066 | Anviz Products Download of Code Without Integrity Check | Anviz | Anviz CX7 Firmware | High | 8.8 | 2026-04-17 19:43:21 | Deep Dive |
| CVE-2026-35546 | Anviz Products Missing Authentication for Critical Function | Anviz | Anviz CX7 Firmware | Critical | 9.8 | 2026-04-17 19:39:25 | Deep Dive |
| CVE-2026-40461 | Anviz Products Missing Authentication for Critical Function | Anviz | Anviz CX7 Firmware | High | 7.5 | 2026-04-17 19:36:30 | Deep Dive |
| CVE-2026-32648 | Anviz Products Missing Authorization | Anviz | Anviz CX7 Firmware | Medium | 5.3 | 2026-04-17 19:34:22 | Deep Dive |
| CVE-2026-33569 | Anviz Products Cleartext Transmission of Sensitive Information | Anviz | Anviz CX7 Firmware | Medium | 6.5 | 2026-04-17 19:30:46 | Deep Dive |
| CVE-2026-32105 | xrdp: RDP MAC signature (dataSignature) never verified on receive — integrity bypass in non-TLS mode | neutrinolabs | xrdp | - | - | 2026-04-17 19:27:40 | Deep Dive |
| CVE-2026-32107 | xrdp: Fail-open privilege drop in sesexec — child processes may execute as root if setuid fails | neutrinolabs | xrdp | High | 8.8 | 2026-04-17 19:25:20 | Deep Dive |