Home / 2026 Advisories Archive

2026 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	6 May 2026	6 May 2026	CPAI-2025-15910	CVE-2025-34510	Sitecore Multiple Products Directory Traversal (CVE-2025-34510)
High	2 Feb 2026	6 May 2026	CPAI-2025-15908	CVE-2025-5965	Centreon Web Command Injection (CVE-2025-5965)
High	5 May 2026	5 May 2026	CPAI-2025-15833	CVE-2025-54766	Xorux Xormon Information Disclosure (CVE-2025-54766)
High	5 May 2026	5 May 2026	CPAI-2025-15825	CVE-2025-32873	Django Denial of Service (CVE-2025-32873)
High	5 May 2026	5 May 2026	CPAI-2026-3932	CVE-2026-40321	DNN Software Cross-Site Scripting (CVE-2026-40321)
High	5 May 2026	5 May 2026	CPAI-2025-15831	CVE-2025-54767	Xorux LPAR2RRD Privilege Escalation (CVE-2025-54767)
High	30 Mar 2026	5 May 2026	CPAI-2025-15846	CVE-2025-1240	WinZip Out Of Bounds Write (CVE-2025-1240)
High	4 May 2026	4 May 2026	CPAI-2026-3886	CVE-2026-20180	Cisco Identity Services Engine Directory Traversal (CVE-2026-20180)
High	4 May 2026	4 May 2026	CPAI-2026-3907	CVE-2026-23696	Windmill SQL Injection (CVE-2026-23696)
High	4 May 2026	4 May 2026	CPAI-2025-15770	CVE-2025-0434	Google Chrome Heap Corruption (CVE-2025-0434)
High	4 May 2026	4 May 2026	CPAI-2025-15772	CVE-2025-8677	ISC BIND Denial Of Service (CVE-2025-8677)
High	30 Apr 2026	4 May 2026	CPAI-2026-3893	CVE-2026-41940	cPanel Authentication Bypass (CVE-2026-41940)
High	3 May 2026	3 May 2026	CPAI-2026-3593	CVE-2026-27305	Adobe ColdFusion Directory Traversal (CVE-2026-27305)
High	3 May 2026	3 May 2026	CPAI-2026-3591	CVE-2026-33824	Microsoft Windows IKE Extension Use After Free (CVE-2026-33824)
High	3 May 2026	3 May 2026	CPAI-2006-0804	CVE-2006-6478	ScriptPHP AnnonceScriptHP SQL Injection (CVE-2006-6478)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3800	CVE-2026-41940	cPanel Authentication Bypass (CVE-2026-41940)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3798	CVE-2026-42208	LiteLLM SQL Injection (CVE-2026-42208)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3778	CVE-2026-3854	GitHub Enterprise Server Remote Code Execution (CVE-2026-3854)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3805	CVE-2026-3965 CVE-2026-4047	Whyour Qinglong Authentication Bypass (CVE-2026-3965; CVE-2026-4047)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3803	CVE-2026-6770	Mozilla Multiple Products Information Disclosure (CVE-2026-6770)
Medium	30 Apr 2026	30 Apr 2026	CPAI-2026-3422	CVE-2026-40343	free5GC Insecure Deserialization (CVE-2026-40343)
Medium	30 Apr 2026	30 Apr 2026	CPAI-2026-3406	CVE-2026-20959	Microsoft SharePoint Server Cross-Site Scripting (CVE-2026-20959)
High	30 Apr 2026	30 Apr 2026	CPAI-2026-3764	CVE-2026-22557	Ubiquiti UniFi Network Application Directory Traversal (CVE-2026-22557)
Medium	29 Apr 2026	29 Apr 2026	CPAI-2025-15506	CVE-2025-4664	Google Chrome Information Disclosure (CVE-2025-4664)
High	28 Apr 2026	29 Apr 2026	CPAI-2026-3635	CVE-2026-3844	WordPress Breeze Cache Plugin Arbitrary File Upload (CVE-2026-3844)
High	28 Apr 2026	28 Apr 2026	CPAI-2026-3566	CVE-2026-3844	WordPress Breeze Cache Plugin Arbitrary File Upload (CVE-2026-3844)
High	27 Apr 2026	28 Apr 2026	CPAI-2025-15464	CVE-2025-32794	OpenEMR Cross-Site Scripting (CVE-2025-32794)
High	27 Apr 2026	27 Apr 2026	CPAI-2025-15293	CVE-2025-32794	OpenEMR Cross-Site Scripting (CVE-2025-32794)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3372	CVE-2026-39813	Fortinet FortiSandbox Directory Traversal (CVE-2026-39813)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3371	CVE-2026-1157	TOTOLINK LR350 Buffer Overflow (CVE-2026-1157)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2026-3370	CVE-2026-5852	Totolink A7100RU Command Injection (CVE-2026-5852)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2026-3369	CVE-2026-5853	Totolink A7100RU Command Injection (CVE-2026-5853)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2026-3368	CVE-2026-5850	Totolink A7100RU Command Injection (CVE-2026-5850)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3367	CVE-2026-5851	Totolink A7100RU Command Injection (CVE-2026-5851)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2026-3366	CVE-2026-5854	Totolink A7100RU Command Injection (CVE-2026-5854)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3355	CVE-2026-40871	mailcow: dockerized SQL Injection (CVE-2026-40871)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3346	CVE-2026-6204	LibreNMS Remote Code Execution (CVE-2026-6204)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2026-3345	CVE-2026-6195	Totolink A7100RU Command Injection (CVE-2026-6195)
High	27 Apr 2026	27 Apr 2026	CPAI-2026-3344	CVE-2026-6483	Wavlink WL-WN530H4 Command Injection (CVE-2026-6483)
High	27 Apr 2026	27 Apr 2026	CPAI-2025-15285	CVE-2025-71258	BMC FootPrints ITSM Server-Side Request Forgery (CVE-2025-71258)
High	27 Apr 2026	27 Apr 2026	CPAI-2025-15290	CVE-2025-71259	BMC FootPrints ITSM Server-Side Request Forgery (CVE-2025-71259)
High	27 Apr 2026	27 Apr 2026	CPAI-2021-3075	CVE-2021-30117	Kaseya VSA SQL Injection (CVE-2021-30117)
Medium	27 Apr 2026	27 Apr 2026	CPAI-2025-15318	CVE-2025-34301	IPFire Cross-Site Scripting (CVE-2025-34301)
Medium	27 Apr 2026	27 Apr 2026	CPAI-2025-15311	CVE-2025-34309	IPFire Cross-Site Scripting (CVE-2025-34309)
Critical	27 Apr 2026	27 Apr 2026	CPAI-2025-15321	CVE-2025-36604	Dell Unity Operating Environment Command Injection (CVE-2025-36604)
Critical	26 Apr 2026	26 Apr 2026	CPAI-2026-3442	CVE-2026-39987	Marimo Remote Code Execution (CVE-2026-39987)
High	16 Apr 2026	26 Apr 2026	CPAI-2026-3218	CVE-2026-39808	Fortinet FortiSandbox Command Injection (CVE-2026-39808)
Critical	5 Mar 2026	26 Apr 2026	CPAI-2026-1291	CVE-2026-20127	Cisco Catalyst SD-WAN Authentication Bypass (CVE-2026-20127)
Critical	23 Apr 2026	23 Apr 2026	CPAI-2026-3390	CVE-2026-22252	LibreChat Command Injection (CVE-2026-22252)
High	23 Apr 2026	23 Apr 2026	CPAI-2026-3386	CVE-2026-33634	Aquasec Trivy Remote Code Execution (CVE-2026-33634)