Home / 2026 Advisories Archive

2026 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	27 May 2026	27 May 2026	CPAI-2026-5521	CVE-2026-26980	Ghost SQL Injection (CVE-2026-26980)
Critical	25 May 2026	27 May 2026	CPAI-2026-5517	CVE-2026-48172	LiteSpeed cPanel Plugin Command Injection (CVE-2026-48172)
High	27 May 2026	27 May 2026	CPAI-2026-5519	CVE-2026-42271	LiteLLM Command Injection (CVE-2026-42271)
High	24 May 2026	27 May 2026	CPAI-2026-5516	CVE-2026-48132	IKE Improper Length Validation (CVE-2026-48132)
High	27 May 2026	27 May 2026	CPAI-2026-5507	CVE-2026-27826	Sooperset MCP Atlassian Server-Side Request Forgery (CVE-2026-27826)
High	24 May 2026	26 May 2026	CPAI-2026-5502	CVE-2026-48132	IKE Improper Length Validation (CVE-2026-48132)
High	11 May 2026	26 May 2026	CPAI-2026-5501	CVE-2026-48131	IKE Unsigned Underflow (CVE-2026-48131)
Critical	26 May 2026	26 May 2026	CPAI-2026-5425		Windows System Files Information Disclosure Over HTTP
High	26 May 2026	26 May 2026	CPAI-2026-5435	CVE-2026-45434	Apache OFBiz Remote Code Execution (CVE-2026-45434)
High	25 May 2026	25 May 2026	CPAI-2026-5355	CVE-2026-48172	LiteSpeed cPanel Plugin Command Injection (CVE-2026-48172)
High	25 May 2026	25 May 2026	CPAI-2025-16239	CVE-2025-29962	Microsoft Windows Media Heap Overflow (CVE-2025-29962)
High	30 Mar 2026	25 May 2026	CPAI-2026-5373	CVE-2026-25769	Wazuh Remote Code Execution (CVE-2026-25769)
High	25 May 2026	25 May 2026	CPAI-2026-5322	CVE-2026-4537	Cudy TR1200 Command Injection (CVE-2026-4537)
Critical	24 May 2026	25 May 2026	CPAI-2026-5356	CVE-2026-9082	Drupal Core SQL Injection (CVE-2026-9082)
Critical	24 May 2026	24 May 2026	CPAI-2026-5315	CVE-2026-9082	Drupal Core SQL Injection (CVE-2026-9082)
High	24 May 2026	24 May 2026	CPAI-2026-5310		IKE Improper Length Validation
High	24 May 2026	24 May 2026	CPAI-2025-16218	CVE-2025-34291	Langflow Remote Code Execution (CVE-2025-34291)
Critical	24 May 2026	24 May 2026	CPAI-2026-5229	CVE-2026-25874	HuggingFace LeRobot Remote Code Execution (CVE-2026-25874)
Medium	24 May 2026	24 May 2026	CPAI-2021-3115	CVE-2021-30119	Kaseya VSA Cross-Site Scripting (CVE-2021-30119)
High	24 May 2026	24 May 2026	CPAI-2021-3114	CVE-2021-30201	Kaseya VSA XML External Entity Injection (CVE-2021-30201)
Critical	24 May 2026	24 May 2026	CPAI-2024-6801	CVE-2024-5982	Gaizhenbiao ChuanhuChatGPT Directory Traversal (CVE-2024-5982)
High	24 May 2026	24 May 2026	CPAI-2024-6798	CVE-2024-1675	Google Chrome Security Bypass (CVE-2024-1675)
High	24 May 2026	24 May 2026	CPAI-2026-4976	CVE-2026-33497	Langflow Directory Traversal (CVE-2026-33497)
High	24 May 2026	24 May 2026	CPAI-2026-4973	CVE-2026-0766	OpenWebUI Open WebUI Command Injection (CVE-2026-0766)
High	24 May 2026	24 May 2026	CPAI-2023-3926	CVE-2023-4069	Google Chrome Type Confusion (CVE-2023-4069)
High	24 May 2026	24 May 2026	CPAI-2025-16148	CVE-2025-68478	Langflow Arbitrary File Write (CVE-2025-68478)
High	24 May 2026	24 May 2026	CPAI-2025-16149	CVE-2025-14700	CraftyControl Crafty Controller Remote Code Execution (CVE-2025-14700)
High	24 May 2026	24 May 2026	CPAI-2026-5232	CVE-2026-32255	Kan Server-Side Request Forgery (CVE-2026-32255)
High	24 May 2026	24 May 2026	CPAI-2026-5228	CVE-2026-6988 CVE-2026-7151	Tenda HG Routers Buffer Overflow (CVE-2026-6988; CVE-2026-7151)
High	24 May 2026	24 May 2026	CPAI-2026-4810	CVE-2026-4903	Tenda AC5 Buffer Overflow (CVE-2026-4903)
High	24 May 2026	24 May 2026	CPAI-2026-4805	CVE-2026-33340	ParisNeo LoLLMs WEBUI Server-Side Request Forgery (CVE-2026-33340)
High	24 May 2026	24 May 2026	CPAI-2026-4803	CVE-2026-33484	Langflow Information Disclosure (CVE-2026-33484)
High	24 May 2026	24 May 2026	CPAI-2026-5206	CVE-2026-3715 CVE-2026-5004	Wavlink WL-WN579X3-C Buffer Overflow (CVE-2026-3715; CVE-2026-5004)
High	24 May 2026	24 May 2026	CPAI-2026-5017	CVE-2026-25620	Arista NG Firewall Command Injection (CVE-2026-25620)
Critical	14 May 2026	24 May 2026	CPAI-2026-5215	CVE-2026-42945	Nginx Heap Overflow (CVE-2026-42945)
High	13 Apr 2026	24 May 2026	CPAI-2026-3335	CVE-2026-34197	Apache ActiveMQ Code Injection (CVE-2026-34197)
Critical	5 Mar 2026	24 May 2026	CPAI-2026-1265	CVE-2026-21902	Juniper Networks Junos OS Evolved Remote Code Execution (CVE-2026-21902)
High	11 May 2026	20 May 2026	CPAI-2026-5167		IKE Unsigned Underflow
Critical	20 May 2026	20 May 2026	CPAI-2026-5159	CVE-2026-45829	Chroma ChromaDB Remote Code Execution (CVE-2026-45829)
High	20 May 2026	20 May 2026	CPAI-2026-5140	CVE-2026-26956	VM2 Remote Code Execution (CVE-2026-26956)
High	20 May 2026	20 May 2026	CPAI-2025-16177	CVE-2025-65958	Open WebUI Server-Side Request Forgery (CVE-2025-65958)
High	20 May 2026	20 May 2026	CPAI-2024-6818	CVE-2024-32965	LobeHub Lobe Chat Server-Side Request Forgery (CVE-2024-32965)
Critical	20 May 2026	20 May 2026	CPAI-2025-16179	CVE-2025-11201	MLflow Tracking Server Directory Traversal (CVE-2025-11201)
High	20 May 2026	20 May 2026	CPAI-2026-5101	CVE-2026-7864	SEPPmail Secure Email Gateway Information Disclosure (CVE-2026-7864)
Critical	20 May 2026	20 May 2026	CPAI-2026-5100	CVE-2026-2743 CVE-2026-44128	SEPPMail Secure Email Gateway Remote Code Execution (CVE-2026-2743; CVE-2026-44128)
High	11 May 2026	19 May 2026	CPAI-2026-5047		IKE Unsigned Underflow
High	19 May 2026	19 May 2026	CPAI-2026-5081	CVE-2026-29205	cPanel Directory Traversal (CVE-2026-29205)
High	19 May 2026	19 May 2026	CPAI-2026-5009	CVE-2026-36356	MeiG Smart FORGE SLT711 Command Injection (CVE-2026-36356)
High	19 May 2026	19 May 2026	CPAI-2026-5022	CVE-2026-4567	Tenda A15 Buffer Overflow (CVE-2026-4567)
Critical	14 May 2026	18 May 2026	CPAI-2026-4923	CVE-2026-42945	Nginx Heap Overflow (CVE-2026-42945)