CVE Vulnerabilities - 18 April 2026

The libgphoto2 library is used to interact with cameras. A bug in older versions of this library could allow an attacker to access sensitive data. Update to version 2.5.34 or later to fix the issue.

A bug in Sentry kernel versions before 0.4.7 allows a task with certain capabilities to talk to other tasks or crash the system. This could lead to denial of service or unauthorized data transfer. Upd...

In ChurchCRM versions before 7.2.0, malicious usernames can cause unintended actions when viewed by an administrator. This could lead to unauthorized access or data theft. Update to version 7.2.0 or l...

# Summary `SubFileSystem` fails to confine operations to its declared sub path when the input path is `/../` (or equivalents `/../`, `/..\\`). This path passes all validation but resolves to the root...

Libgphoto2, a library for accessing and controlling cameras, has a bug that can cause it to crash when it receives bad data from an untrusted USB device. This could potentially be exploited by an atta...

Libgphoto2's camera library has a bug that can cause it to crash or expose sensitive data when interacting with Canon cameras. This affects all versions up to and including 2.5.33. To fix the issue, u...

A memory leak exists in libgphoto2 when processing Sony cameras. This can cause the library to consume more and more memory over time, potentially leading to performance issues or crashes. Update to v...

Apache's HTTP server has a flaw that allows hackers to access sensitive files without a password. This can lead to unauthorized access to sensitive data. Update the server to the latest version to fix...

Apache's HTTP Server contains a vulnerability that allows an attacker to execute unauthorized code on a server without needing a password. This could lead to data theft, system compromise, or other ma...