Cybersecurity Unified Dashboard

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 17:18
Ultimo aggiornamento: 15/05/26 17:18
Impatto:

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 13:56
Ultimo aggiornamento: 15/05/26 13:56
Impatto: Critico (77.05)

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 11:33
Ultimo aggiornamento: 15/05/26 11:33
Impatto: Alto (65.12)

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 11:04
Ultimo aggiornamento: 15/05/26 11:04
Impatto: Alto (65.12)

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 10:35
Ultimo aggiornamento: 15/05/26 10:35
Impatto: Alto (74.48)

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 10:30
Ultimo aggiornamento: 15/05/26 10:30
Impatto: Critico (78.2)

Agenzia per la cybersicurezza nazionale
Pubblicato: 14/05/26 18:37
Ultimo aggiornamento: 14/05/26 18:37
Impatto: Medio (64.23)

Agenzia per la cybersicurezza nazionale
Pubblicato: 14/05/26 18:04
Ultimo aggiornamento: 14/05/26 18:04
Impatto: Critico (76.66)

Agenzia per la cybersicurezza nazionale
Pubblicato: 14/05/26 16:52
Ultimo aggiornamento: 14/05/26 16:52
Impatto: Alto (65.0)

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 17:18
Ultimo aggiornamento: 15/05/26 17:18
Impatto:

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 13:56
Ultimo aggiornamento: 15/05/26 13:56
Impatto: Critico (77.05)

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 11:33
Ultimo aggiornamento: 15/05/26 11:33
Impatto: Alto (65.12)

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 11:04
Ultimo aggiornamento: 15/05/26 11:04
Impatto: Alto (65.12)

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 10:35
Ultimo aggiornamento: 15/05/26 10:35
Impatto: Alto (74.48)

Agenzia per la cybersicurezza nazionale
Pubblicato: 15/05/26 10:30
Ultimo aggiornamento: 15/05/26 10:30
Impatto: Critico (78.2)

Agenzia per la cybersicurezza nazionale
Pubblicato: 14/05/26 18:37
Ultimo aggiornamento: 14/05/26 18:37
Impatto: Medio (64.23)

Agenzia per la cybersicurezza nazionale
Pubblicato: 14/05/26 18:04
Ultimo aggiornamento: 14/05/26 18:04
Impatto: Critico (76.66)

Agenzia per la cybersicurezza nazionale
Pubblicato: 14/05/26 16:52
Ultimo aggiornamento: 14/05/26 16:52
Impatto: Alto (65.0)

Vendor/Product: MICROSOFT | MICROSOFT
Description: Microsoft Exchange Server Cross-Site Scripting Vulnerability: Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context.
CWE: CWE-79
CWE URL: https://cwe.mitre.org/data/definitions/79
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-05-15
Due Date: 2026-05-29
Additional Notes Links:
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-42897
- https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/security-best-practices/exchange-emergency-mitigation-service
- https://nvd.nist.gov/vuln/detail/CVE-2026-42897

Vendor/Product: CISCO | CATALYST SD-WAN
Description: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability: Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
CWE: CWE-287
CWE URL: https://cwe.mitre.org/data/definitions/287
Action: Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlined in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
Date Added: 2026-05-14
Due Date: 2026-05-17
Additional Notes Links:
- https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems
- https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW
- https://nvd.nist.gov/vuln/detail/CVE-2026-20182

Vendor/Product: BERRIAI | LITELLM
Description: BerriAI LiteLLM SQL Injection Vulnerability: BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and the credentials it manages.
CWE: CWE-89
CWE URL: https://cwe.mitre.org/data/definitions/89
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-05-08
Due Date: 2026-05-11
Additional Notes Links:
- https://github.com/BerriAI/litellm/security/advisories/GHSA-r75f-5x8p-qvmc
- https://nvd.nist.gov/vuln/detail/CVE-2026-42208

Vendor/Product: IVANTI | ENDPOINT MANAGER MOBILE (EPMM)
Description: Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability: Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.
CWE: CWE-20
CWE URL: https://cwe.mitre.org/data/definitions/20
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-05-07
Due Date: 2026-05-10
Additional Notes Links:
- https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-Multiple-CVEs?language=en_US
- https://nvd.nist.gov/vuln/detail/CVE-2026-6973

Vendor/Product: PALO ALTO NETWORKS | PAN-OS
Description: Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability: Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
CWE: CWE-787
CWE URL: https://cwe.mitre.org/data/definitions/787
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Until the vendor releases an official fix, the following workaround should be implemented: - Restrict User-ID Authentication Portal access to only trusted zones. - Disable User-ID Authentication Portal if not required. 5/13/2026: Palo Alto has released a variety of patches. If these are relevant to your environment, please apply the designated patch.
Date Added: 2026-05-06
Due Date: 2026-05-09
Additional Notes Links:
- https://security.paloaltonetworks.com/CVE-2026-0300
- https://nvd.nist.gov/vuln/detail/CVE-2026-0300

Vendor/Product: LINUX | KERNEL
Description: Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability: Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.
CWE: CWE-669
CWE URL: https://cwe.mitre.org/data/definitions/669
Action: Action: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-05-01
Due Date: 2026-05-15
Additional Notes Links:
- https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/
- https://xint.io/blog/copy-fail-linux-distributions#the-fix-6
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/
- https://nvd.nist.gov/vuln/detail/CVE-2026-31431

Vendor/Product: WEBPROS | CPANEL & WHM AND WP2 (WORDPRESS SQUARED)
Description: WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability: WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.
CWE: CWE-306
CWE URL: https://cwe.mitre.org/data/definitions/306
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-30
Due Date: 2026-05-03
Additional Notes Links:
- https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026
- https://docs.cpanel.net/release-notes/release-notes/
- https://docs.wpsquared.com/changelogs/versions/changelog/#13617
- https://nvd.nist.gov/vuln/detail/CVE-2026-41940

Vendor/Product: MICROSOFT | WINDOWS
Description: Microsoft Windows Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
CWE: CWE-693
CWE URL: https://cwe.mitre.org/data/definitions/693
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-28
Due Date: 2026-05-12
Additional Notes Links:
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202
- https://nvd.nist.gov/vuln/detail/CVE-2026-32202

Vendor/Product: CONNECTWISE | SCREENCONNECT
Description: ConnectWise ScreenConnect Path Traversal Vulnerability: ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
CWE: CWE-22
CWE URL: https://cwe.mitre.org/data/definitions/22
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-28
Due Date: 2026-05-12
Additional Notes Links:
- https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
- https://nvd.nist.gov/vuln/detail/CVE-2024-1708

Vendor/Product: SIMPLEHELP | SIMPLEHELP
Description: SimpleHelp Missing Authorization Vulnerability: SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.
CWE: CWE-862
CWE URL: https://cwe.mitre.org/data/definitions/862
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-24
Due Date: 2026-05-08
Additional Notes Links:
- https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier
- https://nvd.nist.gov/vuln/detail/CVE-2024-57726

Vendor/Product: SIMPLEHELP | SIMPLEHELP
Description: SimpleHelp Path Traversal Vulnerability: SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user.
CWE: CWE-22
CWE URL: https://cwe.mitre.org/data/definitions/22
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-24
Due Date: 2026-05-08
Additional Notes Links:
- https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier
- https://nvd.nist.gov/vuln/detail/CVE-2024-57728

Vendor/Product: SAMSUNG | MAGICINFO 9 SERVER
Description: Samsung MagicINFO 9 Server Path Traversal Vulnerability: Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-24
Due Date: 2026-05-08
Additional Notes Links:
- https://security.samsungtv.com/securityUpdates
- https://nvd.nist.gov/vuln/detail/CVE-2024-7399

Vendor/Product: D-LINK | DIR-823X
Description: D-Link DIR-823X Command Injection Vulnerability: D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
CWE: CWE-77
CWE URL: https://cwe.mitre.org/data/definitions/77
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-24
Due Date: 2026-05-08
Additional Notes Links:
- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10469
- https://nvd.nist.gov/vuln/detail/CVE-2025-29635

Vendor/Product: MARIMO | MARIMO
Description: Marimo Remote Code Execution Vulnerability: Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell access and execute arbitrary system commands.
CWE: CWE-306
CWE URL: https://cwe.mitre.org/data/definitions/306
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-23
Due Date: 2026-05-07
Additional Notes Links:
- https://github.com/marimo-team/marimo/security/advisories/GHSA-2679-6mx9-h9xc
- https://nvd.nist.gov/vuln/detail/CVE-2026-39987

Vendor/Product: MICROSOFT | DEFENDER
Description: Microsoft Defender Insufficient Granularity of Access Control Vulnerability: Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.
CWE: CWE-1220
CWE URL: https://cwe.mitre.org/data/definitions/1220
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-22
Due Date: 2026-05-06
Additional Notes Links:
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825
- https://nvd.nist.gov/vuln/detail/CVE-2026-33825

Vendor/Product: JETBRAINS | TEAMCITY
Description: JetBrains TeamCity Relative Path Traversal Vulnerability: JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed.
CWE: CWE-23
CWE URL: https://cwe.mitre.org/data/definitions/23
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-20
Due Date: 2026-05-04
Additional Notes Links:
- https://www.jetbrains.com/privacy-security/issues-fixed/
- https://blog.jetbrains.com/teamcity/2024/03/additional-critical-security-issues-affecting-teamcity-on-premises-cve-2024-27198-and-cve-2024-27199-update-to-2023-11-4-now/
- https://nvd.nist.gov/vuln/detail/CVE-2024-27199

Vendor/Product: QUEST | KACE SYSTEMS MANAGEMENT APPLIANCE (SMA)
Description: Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability: Quest KACE Systems Management Appliance (SMA) contains an improper authentication vulnerability that could allow attackers to impersonate legitimate users without valid credentials.
CWE: CWE-287
CWE URL: https://cwe.mitre.org/data/definitions/287
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-20
Due Date: 2026-05-04
Additional Notes Links:
- https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978
- https://nvd.nist.gov/vuln/detail/CVE-2025-32975

Vendor/Product: CISCO | CATALYST SD-WAN MANAGER
Description: Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability: Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user.
CWE: CWE-257
CWE URL: https://cwe.mitre.org/data/definitions/257
Action: Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
Date Added: 2026-04-20
Due Date: 2026-04-23
Additional Notes Links:
- https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems
- https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v
- https://nvd.nist.gov/vuln/detail/CVE-2026-20128

Vendor/Product: SYNACOR | ZIMBRA COLLABORATION SUITE (ZCS)
Description: Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability: Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that could allow attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information.
CWE: CWE-79
CWE URL: https://cwe.mitre.org/data/definitions/79
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-20
Due Date: 2026-04-23
Additional Notes Links:
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
- https://nvd.nist.gov/vuln/detail/CVE-2025-48700

Vendor/Product: PAPERCUT | NG/MF
Description: PaperCut NG/MF Improper Authentication Vulnerability: PaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentication on affected installations via the SecurityRequestFilter class.
CWE: CWE-287
CWE URL: https://cwe.mitre.org/data/definitions/287
Action: Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2026-04-20
Due Date: 2026-05-04
Additional Notes Links:
- https://www.papercut.com/kb/Main/PO-1216-and-PO-1219
- https://nvd.nist.gov/vuln/detail/CVE-2023-27351

CVE: GHSA-gvq2-4mf3-84fh
Vendor: -
CVSS: 9.3
Exploitation: Not available
Changed: 17 hours ago
Description: WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the upload.php endpoint. Attackers can upload files with arbitrary extensions by manipulating the 'name' parameter to execute code from the uploads directory.

CVE: GHSA-5r94-357g-jqj4
Vendor: -
CVSS: 9.3
Exploitation: Not available
Changed: 17 hours ago
Description: GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR plugin via the git-lfs endpoint, and execute system commands through an exposed exploit endpoint.

CVE: GHSA-r572-97xj-7hcj
Vendor: -
CVSS: 9.3
Exploitation: Not available
Changed: 17 hours ago
Description: ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to establish reverse shells and gain complete system control.

CVE: CVE-2021-47952
Vendor: -
CVSS: 9.3
Exploitation: Not available
Changed: 1 day ago
Description: python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing py/repr objects. Attackers can craft JSON strings with py/repr directives that invoke the eval function during deserialization to execute system commands and arbitrary code.

CVE: GHSA-3c39-338m-m4vp
Vendor: -
CVSS: 8.1
Exploitation: N/A
Changed: 2 days ago
Description: Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

CVE: CVE-2026-20182
Vendor: -
CVSS: 10
Exploitation: N/A
Changed: 3 days ago
Description: May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show Control Connections guidance to help with system checks.  A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.

CVE: CVE-2026-42208
Vendor: -
CVSS: 9.3
Exploitation: N/A
Changed: 9 days ago
Description: LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.81.16 to before version 1.83.7, a database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An unauthenticated attacker could send a specially crafted Authorization header to any LLM API route (for example POST /chat/completions) and reach this query through the proxy's error-handling path. An attacker could read data from the proxy's database and may be able to modify it, leading to unauthorised access to the proxy and the credentials it manages. This issue has been patched in version 1.83.7.

CVE: GHSA-85qr-8rxc-62gv
Vendor: -
CVSS: 9.3
Exploitation: N/A
Changed: 11 days ago
Description: cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

CVE: CVE-2026-7182
Vendor: -
CVSS: 0.12
Exploitation: 0.12%
Changed: 2 days ago
Description: Diagram's export module is vulnerable to Path Traversal in src attribute due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated pdf. This issue was fixed in version 1.1.1.

CVE: GHSA-cj88-m5vv-89m3
Vendor: -
CVSS: 0.04
Exploitation: 0.04%
Changed: 2 days ago
Description: PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated PDF. This issue was fixed in PDF Export Module version 0.7.6.

CVE: CVE-2026-41553
Vendor: -
CVSS: 0.39
Exploitation: 0.39%
Changed: 2 days ago
Description: PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Remote Code Execution due to lack of "data" parameter sanitization. An unauthenticated attacker can inject the malicious JavaScript code to the parameter whose value is processed by Node.js and subsequently executed. This can lead to server compromise. This issue was fixed in PDF Export Module version 0.7.6.

CVE: CVE-2026-44088
Vendor: -
CVSS: 0.34
Exploitation: 0.34%
Changed: 2 days ago
Description: SzafirHost verifies the signature of the downloaded JAR file using class JarInputStream (reading from the beginning of the file), but loads classes using class JarFile/URLClassLoader (reading the Central Directory from the end). It can lead to remote code execution by allowing an attacker to combine a genuine, signed JAR file with a malicious ZIP file, causing the verification to pass but the malicious class to be loaded. This issue was fixed in version 1.2.1.