New
CVE-2026-33514: Discourse: Information Disclosure in Form Template API Due to Missing Authorization: Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, an authenticated user on a Discourse instance with the form templates feature enabled can read the name and structured content of form templates that are intended exclusively for categories ...
CVE-2026-33234: AutoGPT: SendEmailBlock's IP blocklist bypass allows SSRF via user-controlled SMTP server: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.1.0 through 0.6.51, SendEmailBlock in autogpt_platform/backend/backend/blocks/email_block.py accepts a user-supplied smtp_server (string) and smtp_port (integer) as per-...
CVE-2026-33233: AutoGPT Platform: Remote Code Execution via Unsafe Pickle Deserialization of Redis Cache Entries: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.6.34 through 0.6.51, the backend deserializes Redis cache bytes using pickle.loads without integrity/authenticity checks. The write path serializes values with pi...
CVE-2026-33232: AutoGPT: Unauthenticated DoS via Disk Space Exhaustion: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service (DoS) through the server due to uncontrolled disk space consumption. The download_agent_file endpoint creates persistent temporary fi...
CVE-2026-33052: MantisBT: Authorization Bypass in Global Profile Creation: Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.0 and 2.28.1 allow a low-privileged authenticated user assigned the "add_profile_threshold" permission to create a global profile despite not having manage_global_profile_threshold, by tampering with the user_id parameter in a valid profile creation request. Th...
Updated
CVE-2026-8149: GCM chunking can lead to bad tag exception on decryption: A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X86_64, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-LTS: from 2.73.0 before 2.73.11.
CVE-2026-5588: PKIX draft CompositeVerifier accepts empty signature sequence as valid.: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix modules). This vulnerability is associated with p...
CVE-2026-3505: Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.: Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules). This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java. This issue affects BC-J...
CVE-2026-0636: LDAP Injection Vulnerability in LDAPStoreHelper.java: Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
CVE-2026-5598: Non-constant time comparisons risk private key leakage in FrodoKEM.: Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.80.1, from 1.82 before 1.84.
CISA Known Exploited Vulnerabilities
CVE-2026-42897 Microsoft Microsoft: Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context.
CVE-2026-20182 Cisco Catalyst SD-WAN: Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
CVE-2026-42208 BerriAI LiteLLM: BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and the credentials it manages.
CVE-2026-6973 Ivanti Endpoint Manager Mobile (EPMM): Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.
CVE-2026-0300 Palo Alto Networks PAN-OS: Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.