Home / 2026 Advisories Archive

2026 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	3 May 2026	3 May 2026	CPAI-2006-0804	CVE-2006-6478	ScriptPHP AnnonceScriptHP SQL Injection (CVE-2006-6478)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3800	CVE-2026-41940	cPanel Authentication Bypass (CVE-2026-41940)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3798	CVE-2026-42208	LiteLLM SQL Injection (CVE-2026-42208)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3778	CVE-2026-3854	GitHub Enterprise Server Remote Code Execution (CVE-2026-3854)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3805	CVE-2026-3965 CVE-2026-4047	Whyour Qinglong Authentication Bypass (CVE-2026-3965; CVE-2026-4047)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3803	CVE-2026-6770	Mozilla Multiple Products Information Disclosure (CVE-2026-6770)
Medium	30 Apr 2026	30 Apr 2026	CPAI-2026-3422	CVE-2026-40343	free5GC Insecure Deserialization (CVE-2026-40343)
Medium	30 Apr 2026	30 Apr 2026	CPAI-2026-3406	CVE-2026-20959	Microsoft SharePoint Server Cross-Site Scripting (CVE-2026-20959)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3764	CVE-2026-22557	Ubiquiti UniFi Network Application Directory Traversal (CVE-2026-22557)
Medium	29 Apr 2026	29 Apr 2026	CPAI-2025-15506	CVE-2025-4664	Google Chrome Information Disclosure (CVE-2025-4664)
High	28 Apr 2026	29 Apr 2026	CPAI-2026-3635	CVE-2026-3844	WordPress Breeze Cache Plugin Arbitrary File Upload (CVE-2026-3844)
High	28 Apr 2026	28 Apr 2026	CPAI-2026-3566	CVE-2026-3844	WordPress Breeze Cache Plugin Arbitrary File Upload (CVE-2026-3844)
High	27 Apr 2026	28 Apr 2026	CPAI-2025-15464	CVE-2025-32794	OpenEMR Cross-Site Scripting (CVE-2025-32794)
High	27 Apr 2026	27 Apr 2026	CPAI-2025-15293	CVE-2025-32794	OpenEMR Cross-Site Scripting (CVE-2025-32794)
High	27 Apr 2026	27 Apr 2026	CPAI-2025-15290	CVE-2025-71259	BMC FootPrints ITSM Server-Side Request Forgery (CVE-2025-71259)
N/A	27 Apr 2026	27 Apr 2026		CVE-2021-30117	Kaseya VSA SQL Injection (CVE-2021-30117)
Medium	27 Apr 2026	27 Apr 2026	CPAI-2025-15318	CVE-2025-34301	IPFire Cross-Site Scripting (CVE-2025-34301)
Medium	27 Apr 2026	27 Apr 2026	CPAI-2025-15311	CVE-2025-34309	IPFire Cross-Site Scripting (CVE-2025-34309)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2025-15321	CVE-2025-36604	Dell Unity Operating Environment Command Injection (CVE-2025-36604)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3372	CVE-2026-39813	Fortinet FortiSandbox Directory Traversal (CVE-2026-39813)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3371	CVE-2026-1157	TOTOLINK LR350 Buffer Overflow (CVE-2026-1157)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2026-3370	CVE-2026-5852	Totolink A7100RU Command Injection (CVE-2026-5852)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2026-3369	CVE-2026-5853	Totolink A7100RU Command Injection (CVE-2026-5853)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2026-3368	CVE-2026-5850	Totolink A7100RU Command Injection (CVE-2026-5850)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3367	CVE-2026-5851	Totolink A7100RU Command Injection (CVE-2026-5851)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2026-3366	CVE-2026-5854	Totolink A7100RU Command Injection (CVE-2026-5854)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3355	CVE-2026-40871	mailcow: dockerized SQL Injection (CVE-2026-40871)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3346	CVE-2026-6204	LibreNMS Remote Code Execution (CVE-2026-6204)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2026-3345	CVE-2026-6195	Totolink A7100RU Command Injection (CVE-2026-6195)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3344	CVE-2026-6483	Wavlink WL-WN530H4 Command Injection (CVE-2026-6483)
High	27 Apr 2026	27 Apr 2026	CPAI-2025-15285	CVE-2025-71258	BMC FootPrints ITSM Server-Side Request Forgery (CVE-2025-71258)
Critical	26 Apr 2026	26 Apr 2026	CPAI-2026-3291	CVE-2026-30824	FlowiseAI Flowise Authentication Bypass (CVE-2026-30824)
Critical	26 Apr 2026	26 Apr 2026	CPAI-2026-3442	CVE-2026-39987	Marimo Remote Code Execution (CVE-2026-39987)
High	16 Apr 2026	26 Apr 2026	CPAI-2026-3218	CVE-2026-39808	Fortinet FortiSandbox Command Injection (CVE-2026-39808)
Critical	5 Mar 2026	26 Apr 2026	CPAI-2026-1291	CVE-2026-20127	Cisco Catalyst SD-WAN Authentication Bypass (CVE-2026-20127)
Critical	23 Apr 2026	23 Apr 2026	CPAI-2026-3390	CVE-2026-22252	LibreChat Command Injection (CVE-2026-22252)
High	23 Apr 2026	23 Apr 2026	CPAI-2026-3386	CVE-2026-33634	Aquasec Trivy Remote Code Execution (CVE-2026-33634)
High	23 Apr 2026	23 Apr 2026	CPAI-2026-3255	CVE-2026-3808	Tenda FH1202 Buffer Overflow (CVE-2026-3808)
Critical	23 Apr 2026	23 Apr 2026	CPAI-2025-15236	CVE-2025-5120	HuggingFace SmolAgents Remote Code Execution (CVE-2025-5120)
High	23 Apr 2026	23 Apr 2026	CPAI-2026-3253	CVE-2026-30822	FlowiseAI Flowise Arbitrary File Write (CVE-2026-30822)
High	23 Apr 2026	23 Apr 2026	CPAI-2019-3647	CVE-2019-25487	SAPIDO RB-1732 Remote Code Execution (CVE-2019-25487)
High	23 Apr 2026	23 Apr 2026	CPAI-2025-15235	CVE-2025-10891	Google Chrome Integer Overflow (CVE-2025-10891)
Critical	23 Apr 2026	23 Apr 2026	CPAI-2025-15234	CVE-2025-68705	RustFS Directory Traversal (CVE-2025-68705)
Medium	23 Apr 2026	23 Apr 2026	CPAI-2025-15225	CVE-2025-68477	Langflow Server-Side Request Forgery (CVE-2025-68477)
Critical	23 Apr 2026	23 Apr 2026	CPAI-2024-5996	CVE-2024-5452	LightningAI PyTorch Lightning Remote Code Execution (CVE-2024-5452)
High	23 Apr 2026	23 Apr 2026	CPAI-2026-3230	CVE-2026-22666	Dolibarr ERP/CRM Remote Code Execution (CVE-2026-22666)
Medium	23 Apr 2026	23 Apr 2026	CPAI-2025-15302	CVE-2025-39946	Linux Kernel Out of Bounds Write (CVE-2025-39946)
Medium	23 Apr 2026	23 Apr 2026	CPAI-2025-15316	CVE-2025-8100	WordPress Element Pack Plugin Cross-Site Scripting (CVE-2025-8100)
High	16 Apr 2026	23 Apr 2026	CPAI-2026-3391	CVE-2026-21710	Node.js Denial of Service (CVE-2026-21710)
Critical	28 Jan 2026	23 Apr 2026	CPAI-2026-0685	CVE-2026-24423	SmarterTools SmarterMail Remote Code Execution (CVE-2026-24423)