7.2

CVSS3.1

CVE-2026-33392 -

In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass

📅 Published: April 17, 2026, 7:46 a.m. 🔄 Last Modified: April 17, 2026, 7:46 a.m.

4.3

CVSS3.1

CVE-2026-6451 - CMS für Motorrad Werkstätten <= 1.0.0 - Cross-Site Request Forgery

The cms-fuer-motorrad-werkstaetten plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.0.0. This is due to missing nonce validation on all eight AJAX deletion handlers: vehicles_cfmw_d_vehicle, contacts_cfmw_d_contact, suppliers_cfmw_d_supplier, receip…

📅 Published: April 17, 2026, 7:45 a.m. 🔄 Last Modified: April 17, 2026, 7:45 a.m.

5

CVSS3.1

CVE-2026-40002 - ZTE Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to t…

Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific pa…

📅 Published: April 17, 2026, 7:40 a.m. 🔄 Last Modified: April 17, 2026, 7:40 a.m.

8.4

CVSS3.1

CVE-2026-23853 -

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacke…

📅 Published: April 17, 2026, 7:16 a.m. 🔄 Last Modified: April 17, 2026, 7:16 a.m.

4.3

CVSS3.1

CVE-2026-6441 - Canto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting Modification

The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check or nonce verification in the updateOptions() function, which is exposed via two AJAX hooks: wp_ajax_updateOptions (class-canto.php line 231…

📅 Published: April 17, 2026, 6:44 a.m. 🔄 Last Modified: April 17, 2026, 6:44 a.m.
Load More Vulnerability
avatar

Mehmet Ince

@mdisec

CVE stats coming here

avatar

Nuri Çilengir

@ncilengir

CVE stats coming here

avatar

@aydinnyunus

CVE stats coming here

avatar

Onurcan Genç

@onurcangnc

CVE stats coming here

avatar

Seyit Sigirci

@h3xecute

CVE stats coming here

avatar

Ali İltizar

@iltosec

CVE stats coming here

avatar

@b3rsec

CVE stats coming here

avatar

@furkank

CVE stats coming here

avatar

kutaysec

@kutaysec

CVE stats coming here