| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33259 | Concurrent modification of RPZ data can lead to denial of servce | PowerDNS | Recursor | Medium | 5.0 | 2026-04-22 09:38:52 | Deep Dive |
| CVE-2026-33258 | Crafted zones can cause increased resource usage | PowerDNS | Recursor | Medium | 5.3 | 2026-04-22 09:38:19 | Deep Dive |
| CVE-2026-33257 | Insufficient input validation of internal webserver | PowerDNS | Authoritative | Medium | 5.3 | 2026-04-22 09:38:00 | Deep Dive |
| CVE-2026-33256 | Unbounded memory allocation by internal web server | PowerDNS | Recursor | Medium | 5.3 | 2026-04-22 09:37:33 | Deep Dive |
| CVE-2026-33601 | Insufficient validation of zonemd record | PowerDNS | Recursor | Medium | 4.4 | 2026-04-22 09:37:03 | Deep Dive |
| CVE-2026-33600 | Null pointer dereference in RPZ transfer | PowerDNS | Recursor | Medium | 4.4 | 2026-04-22 09:33:12 | Deep Dive |
| CVE-2026-1913 | Gallagher Website Design <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'prefix' Shortcode Attribute | gallagherwebsitedesign | Gallagher Website Design | Medium | 6.4 | 2026-04-22 09:27:21 | Deep Dive |
| CVE-2026-1930 | Emailchef <= 3.5.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Deletion | hanicker | Emailchef | Medium | 4.3 | 2026-04-22 09:27:20 | Deep Dive |
| CVE-2026-1395 | Gutentools <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Slider Block Attributes | gutentools | Gutentools | Medium | 6.4 | 2026-04-22 09:27:20 | Deep Dive |
| CVE-2026-6848 | Quay: red hat quay: authentication bypass allows privileged actions without valid credentials | Red Hat | Red Hat Quay 3 | Medium | 5.4 | 2026-04-22 09:06:20 | Deep Dive |
| CVE-2026-6846 | Binutils: binutils: arbitrary code execution via malformed xcoff object file processing | Red Hat | Red Hat Enterprise Linux 10 | High | 7.8 | 2026-04-22 08:37:14 | Deep Dive |
| CVE-2026-6844 | Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-04-22 08:37:10 | Deep Dive |
| CVE-2026-6843 | Nano: nano: format string vulnerability leads to denial of service | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.5 | 2026-04-22 08:30:05 | Deep Dive |
| CVE-2026-31433 | ksmbd: fix potencial OOB in get_file_all_info() for compound requests | Linux | Linux | High | 8.8 | 2026-04-22 08:15:12 | Deep Dive |
| CVE-2026-31432 | ksmbd: fix OOB write in QUERY_INFO for compound requests | Linux | Linux | High | 8.8 | 2026-04-22 08:15:11 | Deep Dive |
| CVE-2026-31431 | crypto: algif_aead - Revert to operating out-of-place | Linux | Linux | High | 7.8 | 2026-04-22 08:15:10 | Deep Dive |
| CVE-2026-6845 | Binutils: binutils: denial of service via crafted elf file | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.0 | 2026-04-22 07:54:19 | Deep Dive |
| CVE-2026-4353 | CI HUB Connector <= 1.2.106 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute | cihubconnector | CI HUB Connector | Medium | 6.4 | 2026-04-22 07:45:43 | Deep Dive |
| CVE-2026-4138 | DX Unanswered Comments <= 1.7 - Cross-Site Request Forgery via Settings Update | nofearinc | DX Unanswered Comments | Medium | 4.3 | 2026-04-22 07:45:43 | Deep Dive |
| CVE-2026-6294 | Google PageRank Display <= 1.4 - Cross-Site Request Forgery to Settings Update via Settings Page | byybora | Google PageRank Display | Medium | 4.3 | 2026-04-22 07:45:42 | Deep Dive |