| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-5958 | Race Condition in GNU Sed | GNU | Sed | - | - | 2026-04-20 11:59:32 | Deep Dive |
| CVE-2026-6635 | rowboatlabs rowboat tools_webhook app.py tool_call improper authentication | rowboatlabs | rowboat | High | 7.3 | 2026-04-20 11:45:13 | Deep Dive |
| CVE-2026-6634 | usememos UpdateInstanceSetting App.tsx memos_access_token improper authorization | usememos | memos | Medium | 6.3 | 2026-04-20 11:30:14 | Deep Dive |
| CVE-2026-6633 | Yifang CMS Extended Management L_rbac_admin.php store cross site scripting | Yifang | CMS | Low | 3.5 | 2026-04-20 11:15:11 | Deep Dive |
| CVE-2026-6632 | Tenda F451 httpd SafeClientFilter fromSafeClientFilter buffer overflow | Tenda | F451 | High | 8.8 | 2026-04-20 11:00:20 | Deep Dive |
| CVE-2026-6631 | Tenda F451 httpd webExcptypemanFilter fromwebExcptypemanFilter buffer overflow | Tenda | F451 | High | 8.8 | 2026-04-20 10:45:13 | Deep Dive |
| CVE-2026-6630 | Tenda F451 httpd GstDhcpSetSer fromGstDhcpSetSer buffer overflow | Tenda | F451 | High | 8.8 | 2026-04-20 10:30:15 | Deep Dive |
| CVE-2026-6629 | Metasoft 美特软件 MetaCRM Interface sql.jsp Statement.executeUpdate sql injection | Metasoft 美特软件 | MetaCRM | High | 7.3 | 2026-04-20 10:15:20 | Deep Dive |
| CVE-2026-6654 | Use-After-Free and Double-Free in IntoIter::drop when element drop panics | Mozilla | thin-vec | - | - | 2026-04-20 10:05:52 | Deep Dive |
| CVE-2026-6628 | phili67 Ecclesia CRM Query Viewer view ValidateInput sql injection | phili67 | Ecclesia CRM | Medium | 6.3 | 2026-04-20 10:00:17 | Deep Dive |
| CVE-2026-6626 | Cockpit-HQ Cockpit Asset Handler/Aggregate data query logic injection | Cockpit-HQ | Cockpit | Medium | 6.3 | 2026-04-20 09:45:12 | Deep Dive |
| CVE-2026-31430 | X.509: Fix out-of-bounds access when parsing extensions | Linux | Linux | - | - | 2026-04-20 09:43:04 | Deep Dive |
| CVE-2026-31429 | net: skb: fix cross-cache free of KFENCE-allocated skb head | Linux | Linux | - | - | 2026-04-20 09:43:03 | Deep Dive |
| CVE-2026-6625 | moxi624 Mogu Blog v2 Picture Storage Service LocalFileServiceImpl.java LocalFileServiceImpl.uploadPictureByUrl server-side request forgery | moxi624 | Mogu Blog v2 | High | 7.3 | 2026-04-20 09:30:17 | Deep Dive |
| CVE-2026-6624 | BichitroGan ISP Billing Software Pool List add cross site scripting | BichitroGan | ISP Billing Software | Low | 2.4 | 2026-04-20 09:15:18 | Deep Dive |
| CVE-2026-6623 | BichitroGan ISP Billing Software Profile users-view cross site scripting | BichitroGan | ISP Billing Software | Low | 2.4 | 2026-04-20 09:00:20 | Deep Dive |
| CVE-2025-13480 | Incorrect authorization in Fudo Enterprise | Fudo Security | Fudo Enterprise | - | - | 2026-04-20 09:00:16 | Deep Dive |
| CVE-2026-6622 | BichitroGan ISP Billing Software Customer edit cross site scripting | BichitroGan | ISP Billing Software | Low | 2.4 | 2026-04-20 08:45:21 | Deep Dive |
| CVE-2026-6621 | 1024bit extend-deep index.js prototype pollution | 1024bit | extend-deep | High | 7.3 | 2026-04-20 08:30:14 | Deep Dive |
| CVE-2026-6620 | SonicCloudOrg sonic-server File Upload Endpoint FileTool.java upload path traversal | SonicCloudOrg | sonic-server | Medium | 6.3 | 2026-04-20 08:15:18 | Deep Dive |