CVE Vulnerabilities - 12 April 2026

Mozilla Thunderbird has released an update to fix several critical security issues that could allow attackers to take control of your computer, steal sensitive information, or disrupt your email and b...

An attacker can execute arbitrary system commands on a vulnerable system using the 1Panel-dev MaxKB MCP Node, which can lead to unauthorized access and data theft. This vulnerability allows an attacke...

The MetaGPT Mineflayer API, used in Minecraft bots, has a security flaw that makes it vulnerable to a type of attack where an attacker can trick the system into performing unwanted actions. This could...

A security flaw in 1Panel-dev MaxKB's chat headers middleware can allow attackers to inject malicious code, potentially allowing them access to sensitive information or taking control of user sessions...

Apache HTTP Server may reveal sensitive files on the server to unauthorized users. This could potentially allow an attacker to access confidential data. To protect your server, ensure that you're runn...

Adobe ColdFusion Server has a vulnerability that allows attackers to upload arbitrary files, potentially allowing them to execute malicious code. This could lead to unauthorized access to sensitive da...

Apache HTTP Server's mod_proxy_html module is vulnerable to a cross-site scripting (XSS) attack. This means that an attacker could inject malicious code into web pages, potentially stealing user data ...

A remote attacker can execute malicious code on affected servers, potentially compromising data and system integrity. This can happen if a user opens a specially crafted email attachment or visits a m...

Adobe Flash Player has a security weakness that could allow an attacker to take control of a computer remotely. This affects many Windows, macOS, and Linux systems. To stay safe, update to the latest ...