| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-41468 | Beghelli Sicuro24 SicuroWeb AngularJS Sandbox Escape via Template Injection | Beghelli | SicuroWeb (Sicuro24) | High | 8.7 | 2026-04-22 18:04:39 | Deep Dive |
| CVE-2026-41469 | Beghelli Sicuro24 SicuroWeb Missing Content Security Policy | Beghelli | SicuroWeb (Sicuro24) | Medium | 5.2 | 2026-04-22 18:04:19 | Deep Dive |
| CVE-2026-32885 | DDEV has ZipSlip path traversal in tar and zip archive extraction | ddev | ddev | Medium | 6.5 | 2026-04-22 16:54:48 | Deep Dive |
| CVE-2026-3254 | Improper Restriction of Rendered UI Layers or Frames in GitLab | GitLab | GitLab | Low | 3.5 | 2026-04-22 16:29:49 | Deep Dive |
| CVE-2026-4922 | Cross-Site Request Forgery (CSRF) in GitLab | GitLab | GitLab | High | 8.1 | 2026-04-22 16:29:39 | Deep Dive |
| CVE-2026-35381 | uutils coreutils cut Local Logic Error and Data Integrity Issue in Output Filtering | Uutils | coreutils | Low | 3.3 | 2026-04-22 16:09:22 | Deep Dive |
| CVE-2026-35380 | uutils coreutils cut Local Logic Error and Data Integrity Issue in Delimiter Parsing | Uutils | coreutils | Medium | 5.5 | 2026-04-22 16:09:20 | Deep Dive |
| CVE-2026-35379 | uutils coreutils tr Local Logic Error and Data Integrity Issue in Character Class Handling | Uutils | coreutils | Low | 3.3 | 2026-04-22 16:09:17 | Deep Dive |
| CVE-2026-35378 | uutils coreutils expr Local Denial of Service via Eager Evaluation of Parenthesized Subexpressions | Uutils | coreutils | Low | 3.3 | 2026-04-22 16:09:15 | Deep Dive |
| CVE-2026-35377 | uutils coreutils env Local Denial of Service via Improper Handling of Backslashes in Split-String Mode | Uutils | coreutils | Low | 3.3 | 2026-04-22 16:09:12 | Deep Dive |
| CVE-2026-35376 | uutils coreutils chcon Security Bypass and Mandatory Access Control (MAC) Inconsistency via TOCTOU Race Condition | Uutils | coreutils | Medium | 4.5 | 2026-04-22 16:09:10 | Deep Dive |
| CVE-2026-35375 | uutils coreutils split Local Data Integrity Issue via Lossy Filename Encoding | Uutils | coreutils | Low | 3.3 | 2026-04-22 16:09:07 | Deep Dive |
| CVE-2026-35374 | uutils coreutils split Arbitrary File Truncation via Time-of-Check to Time-of-Use (TOCTOU) Race Condition | Uutils | coreutils | Medium | 6.3 | 2026-04-22 16:09:04 | Deep Dive |
| CVE-2026-35373 | uutils coreutils ln Local Denial of Service via Improper Handling of Non-UTF-8 Filenames | Uutils | coreutils | Low | 3.3 | 2026-04-22 16:09:02 | Deep Dive |
| CVE-2026-35372 | uutils coreutils ln Security Bypass via Improper Handling of the --no-dereference Flag | Uutils | coreutils | Medium | 5.0 | 2026-04-22 16:08:59 | Deep Dive |
| CVE-2026-35371 | uutils coreutils id Misleading Identity Reporting in Pretty Print Mode | Uutils | coreutils | Low | 3.3 | 2026-04-22 16:08:56 | Deep Dive |
| CVE-2026-35370 | uutils coreutils id Incorrect Access-Control Decisions via Misrepresented Group Membership | Uutils | coreutils | Medium | 4.4 | 2026-04-22 16:08:54 | Deep Dive |
| CVE-2026-35369 | uutils coreutils kill System-wide Process Termination and Denial of Service via Argument Misinterpretation | Uutils | coreutils | Medium | 5.5 | 2026-04-22 16:08:51 | Deep Dive |
| CVE-2026-35368 | uutils coreutils chroot Local Privilege Escalation and chroot Escape in via Name Service Switch (NSS) Injection | Uutils | coreutils | High | 7.8 | 2026-04-22 16:08:49 | Deep Dive |
| CVE-2026-35367 | uutils coreutils nohup Information Disclosure via Insecure Default Output Permissions | Uutils | coreutils | Low | 3.3 | 2026-04-22 16:08:47 | Deep Dive |