CVE Vulnerabilities - 10 April 2026

A vulnerability in JeecgBoot's announcement system can allow an attacker to access unauthorized areas. This could potentially lead to sensitive information being viewed or modified without permission....

The wolfSSL TLS 1.3 implementation for post-quantum cryptography has a bug that allows sensitive data to be leaked. This is a security risk because it could potentially expose confidential information...

A specific input can cause wolfSSL to access memory it shouldn't. When using wolfSSL with certain experimental features enabled, a crafted certificate can cause the software to accidentally read memor...

The Royal WordPress Backup & Restore Plugin is at risk of being exploited if an administrator is tricked into clicking on a malicious link. Attackers could inject malicious scripts into the plugin's i...

The WP-Optimize plugin for WordPress has a security issue that lets users with basic access levels perform actions reserved for administrators, such as accessing logs, deleting files, and modifying se...

A critical issue has been discovered in the CowAgent component of ChatGPT on WeChat, which could allow an attacker to access files on your system. This means that a hacker could potentially access sen...

This plugin for WooCommerce has a security weakness that lets anyone submit, modify, or inject fake reviews for any product without needing a password. This can happen because the plugin doesn't prope...

An unknown function in the SQL Database Backup File Handler of Code-projects Online Library Management System 1.0 can leak sensitive information. This could happen if an attacker remotely exploits a p...

The UsersWP plugin for WordPress is affected by a security flaw that allows attackers with subscriber-level access to delete sensitive user information. This can happen when an attacker uses the plugi...

The Download Manager plugin for WordPress has a security flaw that allows attackers with Contributor-level access to make protected files public. This is a risk for sites using this plugin, as it coul...

An attacker can trick a site administrator into resetting plugin settings to their default values without permission. This can happen if the administrator clicks on a malicious link. To fix this, upda...

Certain OpenStack Keystone users with restricted permissions can create full AWS credentials, potentially allowing unauthorized access to AWS resources. This affects users who use restricted credentia...

The Simple IT Discussion Forum version 1.0 has a security issue that can allow an attacker to inject malicious code into the admin user management page. This could potentially allow an attacker to tak...

In certain cases, wolfSSL may incorrectly process X.509 certificates with intentionally malformed data. This can happen when using the default configuration. To avoid potential issues, review your wol...

A bug in the wolfSSL library can cause a security issue if an attacker creates a specially crafted X.509 certificate. This bug only affects specific direct calls to the library, not regular operations...

A malicious email message can cause OpenSSL to access memory it shouldn't, potentially leading to security issues. This issue affects OpenSSL's ability to properly handle certain types of encrypted em...

Adobe Flash Player has a security issue that could allow hackers to take control of your computer if you visit a malicious website. This is a serious issue, as it could lead to unauthorized access to ...

Adobe Acrobat and Adobe Reader can be tricked into crashing or executing malicious code if a specially crafted PDF is opened. This can lead to a denial of service or potentially allow an attacker to g...