| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-35340 | uutils coreutils chown and chgrp False Success Exit Code in Recursive Mode | Uutils | coreutils | Medium | 5.5 | 2026-04-22 16:07:37 | Deep Dive |
| CVE-2026-35339 | uutils coreutils chmod False Success Exit Code in Recursive Mode | Uutils | coreutils | Medium | 5.5 | 2026-04-22 16:07:34 | Deep Dive |
| CVE-2026-35338 | uutils coreutils chmod Path Traversal Bypass of --preserve-root | Uutils | coreutils | High | 7.3 | 2026-04-22 16:07:31 | Deep Dive |
| CVE-2025-0186 | Allocation of Resources Without Limits or Throttling in GitLab | GitLab | GitLab | Medium | 6.5 | 2026-04-22 16:05:41 | Deep Dive |
| CVE-2025-3922 | Allocation of Resources Without Limits or Throttling in GitLab | GitLab | GitLab | Medium | 6.5 | 2026-04-22 16:05:31 | Deep Dive |
| CVE-2025-6016 | Allocation of Resources Without Limits or Throttling in GitLab | GitLab | GitLab | Medium | 6.5 | 2026-04-22 16:05:26 | Deep Dive |
| CVE-2025-9957 | Incorrect Authorization in GitLab | GitLab | GitLab | Low | 2.7 | 2026-04-22 16:05:16 | Deep Dive |
| CVE-2026-1660 | Allocation of Resources Without Limits or Throttling in GitLab | GitLab | GitLab | Medium | 6.5 | 2026-04-22 16:04:51 | Deep Dive |
| CVE-2026-5262 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | GitLab | GitLab | High | 8.0 | 2026-04-22 16:04:37 | Deep Dive |
| CVE-2026-5377 | Incorrect Authorization in GitLab | GitLab | GitLab | Medium | 4.3 | 2026-04-22 16:04:31 | Deep Dive |
| CVE-2026-5816 | Improper Resolution of Path Equivalence in GitLab | GitLab | GitLab | High | 8.0 | 2026-04-22 16:04:26 | Deep Dive |
| CVE-2026-6515 | Insufficient Session Expiration in GitLab | GitLab | GitLab | Medium | 5.4 | 2026-04-22 16:04:12 | Deep Dive |
| CVE-2025-58922 | WordPress Avada theme < 7.13.2 - Cross Site Request Forgery (CSRF) vulnerability | ThemeFusion | Avada | Medium | 4.3 | 2026-04-22 15:44:48 | Deep Dive |
| CVE-2024-58344 | Carbon Forum 5.9.0 Persistent XSS via Forum Name Field | 94Cb | Carbon Forum | Medium | 6.4 | 2026-04-22 14:57:06 | Deep Dive |
| CVE-2018-25271 | Textpad 8.1.2 Denial of Service via Run Command | Textpad | Textpad | Medium | 6.2 | 2026-04-22 14:57:05 | Deep Dive |
| CVE-2018-25272 | ELBA5 5.8.0 Remote Code Execution via Database Access | Elba | ELBA5 | Critical | 9.8 | 2026-04-22 14:57:05 | Deep Dive |
| CVE-2018-25270 | ThinkPHP 5.0.23 Remote Code Execution via invokefunction | Thinkphp | ThinkPHP | Critical | 9.8 | 2026-04-22 14:57:04 | Deep Dive |
| CVE-2018-25269 | ICEWARP 11.0.0.0 Cross-Site Scripting via Email HTML Injection | icewarp | ICEWARP Client | Medium | 6.1 | 2026-04-22 14:57:03 | Deep Dive |
| CVE-2018-25268 | LanSpy 2.0.1.159 Local Buffer Overflow via Scan Field | Lizardsystems | LanSpy | High | 8.4 | 2026-04-22 14:57:03 | Deep Dive |
| CVE-2018-25267 | UltraISO 9.7.1.3519 Buffer Overflow via Output FileName | Ultraiso | UltraISO | Medium | 6.2 | 2026-04-22 14:57:02 | Deep Dive |