CVE Database — CyberOps Hub

CVE

CVE-2026-35616 — Fortinet FortiClient EMS Improper Access Control Vulnerability

Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute u…

CISA KEV · Apr 6, 2026 · CRITICAL

CVE

CVE-2026-3502 — TrueConf Client Download of Code Without Integrity Check Vulnerability

TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update…

CISA KEV · Apr 2, 2026 · CRITICAL

CVE

CVE-2026-5281 — Google Dawn Use-After-Free Vulnerability

Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process t…

CISA KEV · Apr 1, 2026 · CRITICAL

CVE

CVE-2026-3055 — Citrix NetScaler Out-of-Bounds Read Vulnerability

Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain a…

CISA KEV · Mar 30, 2026 · CRITICAL

CVE

CVE-2025-53521 — F5 BIG-IP Stack-Based Buffer Overflow Vulnerability

F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code executio…

CISA KEV · Mar 27, 2026 · CRITICAL

CVE

CVE-2026-33634 — Aquasecurity Trivy Embedded Malicious Code Vulnerability

Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to everything in …

CISA KEV · Mar 26, 2026 · CRITICAL

CVE

CVE-2026-33017 — Langflow Code Injection Vulnerability

Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication. Required…

CISA KEV · Mar 25, 2026 · CRITICAL

CVE

CVE-2025-32432 — Craft CMS Code Injection Vulnerability

Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code. Required action: Apply …