CVE Vulnerabilities - 14 April 2026

A security issue in Krayin CRM version 2.2.x allows authenticated users to upload malicious files, potentially allowing hackers to execute unauthorized code on the system. This could lead to system co...

An attacker can access or modify sensitive database data if they have an account. This is a serious issue because it could allow unauthorized changes to confidential information and disrupt system ope...

A security issue in MCP-SSH allows an attacker to execute local code on a server by manipulating the SSH/SCP commands. This could potentially expose sensitive information like passwords and SSH keys. ...

An attacker can exploit a flaw in the Windows IKE Extension to run malicious code on a network-connected computer. This can happen if an attacker sends a specially crafted packet to the vulnerable sys...

An issue in Fortinet FortiSandbox versions 5.0.0 through 5.0.5 and 4.4.0 through 4.4.8 allows an attacker to potentially access files they shouldn't be able to. This could allow an attacker to gain mo...

Fortinet's FortiSandbox version 4.4.0 through 4.4.8 may allow an attacker to execute unauthorized commands on your system. This is a serious issue because it could let someone access or change sensiti...

A security weakness in the Manikandan580 School Management System allows attackers to access unauthorized data. This issue can be exploited through the 'fromdate' field in a specific page. Update or r...

A security issue in anirudhkannan Grocery Store Management System 1.0 allows attackers to manipulate data, potentially stealing sensitive information or disrupting the system. Users of this software s...

If a program dynamically imports untrusted code, it may be able to access the internet or local files without permission. This can happen in Deno CLI, but not in the `deno_core`, `deno_runtime`, or ot...

Versions of PraisonAI and PraisonAI Agents below 4.5.139 and 1.5.140 are at risk of a serious security threat. An attacker can execute arbitrary commands on the system by manipulating specific YAML fi...

A critical security weakness in Talend JobServer and Talend Runtime allows hackers to run malicious code on your system without a password. This happens when they access a special monitoring port on y...

Adobe Connect versions 2025.3 and earlier have a security flaw that allows a hacker to run malicious code on your computer using the privileges of the person currently logged in. This can happen witho...

An attacker on the network can access and modify files on the server without a password, potentially causing data loss or tampering. This issue affects all versions of excel-mcp-server up to 0.1.7. To...

An attacker on the network can read, write, or overwrite files on the server by using special file paths in the Excel MCP Server. This is possible because the server doesn't properly limit file access...

Adobe Connect versions 2025.3 and earlier are vulnerable to a security threat that could allow hackers to run unauthorized code on your system. This means a malicious actor could gain control of your ...

Adobe Connect software versions 2025.3 and earlier may allow a hacker to inject malicious code into your browser if you visit a specially crafted webpage. This could let the hacker access sensitive in...

Adobe Connect versions 2025.3 and earlier have a security weakness that could allow a hacker to trick a user into visiting a malicious link, which could then run malicious code in the user's browser. ...

Adobe Connect versions 2025.3 and earlier have a security flaw that could let an attacker trick someone into visiting a special website. If this happens, the attacker's malicious code can run on the v...

The OECH1 encoding used in OpenEdge is not secure for storing sensitive information. This means that data protected with OECH1 can be accessed by unauthorized users. Replace OECH1 with a stronger encr...

PraisonAI versions 4.5.139 and below leak GitHub credentials, which can be used by attackers to push malicious code, steal secrets, and compromise users. To fix this, update to version 4.5.140. If an ...

PraisonAI's browser bridge has a security flaw that allows an attacker to take control of a user's browser session without a password. This can lead to unauthorized access to sensitive information and...

The LearnPress plugin for WordPress can be exploited by hackers to delete quiz answers without permission. This is because the plugin doesn't check if someone is authorized to make changes. To protect...

Unauthorized users may gain access to a network by exploiting a weakness in Microsoft Power Apps. This weakness allows an attacker to circumvent security features by submitting malicious input. To pro...

A security flaw in upKeeper Instant Privilege Access allows hackers to inject malicious code that can execute with elevated privileges, potentially leading to unauthorized access and system compromise...

A critical security issue in SP1 V6 allows a malicious user to create fake proof data that could trick the system into accepting it. This affects versions 6.0.0 to 6.0.2. You should update to a fixed ...