April 2026

303 security articles published this month.

124

critical

84

high

12

medium

12

low

71

Advisory

171

Breaches

7

News

9

Intel

45

Learn

2

Research

0

Malware

69

Advisory

(171)

critical Apr 18

NovumOS local privilege escalation to kernel (CVE-2026-40317)

critical Apr 18

Hot Chocolate GraphQL server crash via stack overflow (CVE-2026-40324)

critical Apr 18

ChurchCRM admin can upload webshell for RCE (CVE-2026-40484)

Postiz stored XSS via file upload (CVE-2026-40487) [PoC]

critical Apr 18

NovumOS local privilege escalation (CVE-2026-40572)

critical Apr 17

Simple Attendance System unauth SQLi bypass (CVE-2026-37749) [PoC]

Note Mark stored XSS via file upload (CVE-2026-40262)

critical Apr 17

FastGPT NoSQL injection grants admin login (CVE-2026-40351)

FastGPT NoSQL injection enables account takeover (CVE-2026-40352)

critical Apr 17

Thymeleaf SSTI allows server-side code execution (CVE-2026-40477)

critical Apr 17

Thymeleaf server-side template injection, unauth (CVE-2026-40478)

Unlimited Elements for Elementor reads arbitrary files (CVE-2026-4659)

Vault unauth denial-of-service blocks admin (CVE-2026-5807)

critical Apr 16

Pay-Uz Laravel package unauthenticated RCE (CVE-2026-31843)

Simple Music Cloud SQLi leaks database (CVE-2026-37336)

Simple Music Cloud SQL injection, unauth (CVE-2026-37337)

critical Apr 16

Simple Music Cloud SQL injection, unauthenticated (CVE-2026-37338)

critical Apr 16

Vehicle Parking System SQL injection, unauthenticated (CVE-2026-37345)

critical Apr 16

Payroll Management System SQL injection, unauth (CVE-2026-37347)

critical Apr 16

SiYuan stored XSS leads to code execution (CVE-2026-40322)

Assets and Nodes stored XSS in admin panel (CVE-2025-40899)

critical Apr 15

Cisco ISE authenticated command execution (CVE-2026-20147)

critical Apr 15

Cisco ISE authenticated command injection to root (CVE-2026-20180)

critical Apr 15

Webex SSO impersonates any user, unauth (CVE-2026-20184)

critical Apr 15

Cisco ISE authenticated command injection (CVE-2026-20186)

critical Apr 15

Chrome sandbox escape via heap overflow (CVE-2026-6296)

Chrome use-after-free RCE via Prerender (CVE-2026-6299)

Chrome sandbox escape via CSS use-after-free (CVE-2026-6300)

Chrome sandbox escape via type confusion (CVE-2026-6301)

Chrome sandbox escape via video code execution (CVE-2026-6302)

critical Apr 14

Grocery Store Management System 1.0 SQL injection (CVE-2025-63939)

critical Apr 14

School-management-system 1.0 unauthenticated SQL injection (CVE-2025-65135)

critical Apr 14

Adobe Connect reflected XSS, unauthenticated (CVE-2026-27243)

critical Apr 14

Adobe Connect reflected XSS, unauthenticated (CVE-2026-27245)

critical Apr 14

Adobe Connect DOM XSS, patch now (CVE-2026-27246)

critical Apr 14

SAP BPC/BW SQL injection, unauth data access (CVE-2026-27681)

SharePoint spoofing exploited in the wild (CVE-2026-32201)

critical Apr 14

Windows IKE Extension unauthenticated RCE (CVE-2026-33824)

critical Apr 14

OAuth2 Proxy authentication bypass, unauth (CVE-2026-34457)

critical Apr 14

NuGet Gallery RCE via crafted nuspec file (CVE-2026-39399)

critical Apr 14

FortiSandbox unauthenticated command injection (CVE-2026-39808)

critical Apr 14

FortiSandbox path traversal grants admin (CVE-2026-39813)

critical Apr 14

PraisonAI workflow engine unauthenticated RCE (CVE-2026-40288)

critical Apr 14

PraisonAI unauthenticated remote session hijacking (CVE-2026-40289)

critical Apr 14

PraisonAI leaks GitHub tokens in public artifacts (CVE-2026-40313)

critical Apr 13

UniFi Play path traversal to RCE, patch now (CVE-2026-22562)

CVE-2026-25208: Samsung Escargot Buffer Overflow

simple-git arbitrary command execution (CVE-2026-28291)

Airflow webserver code execution by Dag Authors (CVE-2026-33858)

Storm RCE via Kerberos credential deserialization (CVE-2026-35337)

Pachno 1.0.6 RCE via file upload (CVE-2026-40040)

critical Apr 13

Pachmo unauthenticated RCE via cache deserialization (CVE-2026-40044)

critical Apr 13

CVE-2026-6139: Totolink A7100RU Command Injection - PoC Available

CVE-2026-6142: Tushar-2223 Hotel Management System SQLi - PoC Available

CVE-2026-6148: Vehicle Showroom Management System SQLi - PoC Available

CVE-2026-6149: Vehicle Showroom Management System SQLi - PoC Available

CVE-2026-6151: Vehicle Showroom Management System SQLi - PoC Available

CVE-2026-6152: Vehicle Showroom Management System SQLi - PoC Available

CVE-2026-6153: Vehicle Showroom Management System SQLi - PoC Available

CVE-2019-25697: CMSsite SQLi

CVE-2019-25710: Dolibarr ERP-CRM SQLi - Patch Guide

CVE-2026-1116: Lollms XSS

critical Apr 12

CVE-2026-6112: Totolink A7100RU Command Injection - PoC Available

critical Apr 12

CVE-2026-6113: Totolink A7100RU Command Injection - PoC Available

critical Apr 12

CVE-2026-6114: Totolink A7100RU Command Injection - PoC Available

critical Apr 12

CVE-2026-6115: Totolink A7100RU Command Injection - PoC Available

critical Apr 12

CVE-2026-6116: Totolink A7100RU Command Injection - PoC Available

critical Apr 11

CVE-2026-31845: Rukovoditel CRM XSS

critical Apr 11

Sonos Era 300 unauthenticated SMB RCE (CVE-2026-4149)

critical Apr 11

aws-mcp-server unauthenticated RCE (CVE-2026-5058)

critical Apr 11

CVE-2026-5059: aws-mcp-server Command Injection RCE

CVE-2026-6105: perfree go-fastdfs-web Improper Authorization - PoC Available

CVE-2021-47961: Synology SSL VPN Client Plaintext Stora

critical Apr 10

CVE-2026-1115: parisneo/lollms Stored XSS

Spring Gateway exposes TLS traffic (CVE-2026-22750)

critical Apr 10

CVE-2026-32892: Chamilo LMS RCE

CVE-2026-35643: OpenClaw Android RCE

ActiveMQ TLSv1.3 memory DoS (CVE-2026-39304)

critical Apr 10

Axios Prototype Pollution leads to RCE (CVE-2026-40175)

CVE-2026-5483: Red Hat OpenShift AI Token Disclosure

Juniper Networks default password exposes admin

CVE-2026-34424: Smart Slider 3 Pro RCE

CVE-2026-39911: Hashgraph Guardian RCE

CVE-2026-39980: OpenCTI Remote Code Execution

basic-ftp CRLF command injection (CVE-2026-39983)

CVE-2026-40088: PraisonAI Command Injection

CVE-2026-40089: Sonicverse SSRF

CVE-2026-40154: PraisonAI Remote Code Execution

Vertex Addons Auth Bypass (CVE-2026-4326)

CVE-2026-5976: Totolink A7100RU Command Injection - PoC Available

kcp Cache Server (CVE-2026-39429)

Nix Privilege Escalation (CVE-2026-39860)

PraisonAI RCE (CVE-2026-39888)

PraisonAI RCE Vulnerability (CVE-2026-39890)

PraisonAI Template Injection RCE (CVE-2026-39891)

Unfurl Flask Debug RCE (CVE-2026-40035)

Kibana Privilege Escalation (CVE-2026-4498)

GitLab CE/EE websocket access bypass (CVE-2026-5173)

CoolerControl UI XSS (CVE-2026-5301)

Tianxin Behavior Management RCE (CVE-2021-4473)

ActiveMQ RCE exploited in the wild (CVE-2026-34197) [PoC]

changedetection.io Auth Bypass (CVE-2026-35490)

ChurchCRM Path Traversal RCE (CVE-2026-35573)

Emissary shell injection enables RCE (CVE-2026-35580)

ChurchCRM unauthenticated RCE (CVE-2026-39337)

ChurchCRM Auth Bypass (CVE-2026-39339)

Genealogy App Privilege Escalation (CVE-2026-39355)

Firefox & Thunderbird Critical RCE (CVE-2026-5731)

Firefox, Thunderbird memory corruption (CVE-2026-5734)

Firefox & Thunderbird RCE (CVE-2026-5735)

Samsung Exynos SMS Buffer Overflow (CVE-2025-54328)

Homarr Dashboard XSS (CVE-2026-33510)

SandboxJS Sandbox Escape (CVE-2026-34208)

Bruno CLI Compromised via Axios RAT (CVE-2026-34841)

Dgraph Unauthenticated Database Overwrite (CVE-2026-349

Claude Code CLI OS command injection (CVE-2026-35022)

BentoML RCE in Containerize (CVE-2026-35044)

Brave CMS RCE via File Upload (CVE-2026-35164)

OpenSTAManager SQLi (CVE-2026-35470)

AWS RES Remote Code Execution (CVE-2026-5707)

ResourceSpace SQLi (CVE-2019-25662)

News Website Script SQLi (CVE-2019-25668)

VA MAX RCE Vulnerability (CVE-2019-25671)

CMSsite SQLi Vulnerability (CVE-2019-25674)

eDirectory SQL Injection (CVE-2019-25675)

Ask Expert Script XSS and SQLi (CVE-2019-25676)

C4G Basic Laboratory SQLi (CVE-2019-25678)

OpenDocMan SQLi Vulnerability (CVE-2019-25684)

Pegasus CMS RCE (CVE-2019-25687)

itsourcecode SQLi Vulnerability (CVE-2026-5534)

FedML-AI FedML RCE (CVE-2026-5536)

Simple Laundry System SQLi (CVE-2026-5540)

UTT HiPER 1250GW RCE (CVE-2026-5544) - Exploit Released

itsourcecode Hotel SQLi (CVE-2026-5551) - Exploit Released

Snews CMS RCE (CVE-2016-20052)

VPN Browser+ DoS Vulnerability (CVE-2018-25241)

7 Tik DoS Vulnerability (CVE-2018-25245)

MyBB Downloads Plugin XSS (CVE-2018-25248)

NICO-FTP RCE (CVE-2018-25254)

FortiClientEMS unauthenticated RCE (CVE-2026-35616) [PoC]

WCFM Plugin IDOR (CVE-2026-4896)

Hirschmann HiOS/HiSecOS Auth Bypass (CVE-2018-25236)

Azure Custom Locations SSRF (CVE-2026-26135)

Stackfield Desktop App Path Traversal (CVE-2026-28373)

Azure MCP Server Auth Bypass (CVE-2026-32211)

Azure AI Foundry Privilege Escalation (CVE-2026-32213)

Azure Kubernetes Privilege Escalation (CVE-2026-33105)

Azure Databricks SSRF (CVE-2026-33107)

Kestra SQLi to RCE (CVE-2026-34612)

PraisonAI SQL Injection (CVE-2026-34934)

PraisonAI CLI Argument RCE (CVE-2026-34935)

PraisonAI Critical RCE (CVE-2026-34938)

PraisonAI Agent Access (CVE-2026-34952)

PraisonAI Auth Bypass (CVE-2026-34953)

PraisonAI SSRF Vulnerability (CVE-2026-34954)

macOS Image Processing (CVE-2025-43219)

macOS Image Processing Memory Corruption (CVE-2025-4326

OpenSTAManager SQL Injection (CVE-2026-28805)

OneUptime Auth Bypass (CVE-2026-34758)

OpenSTAManager SQL Injection (CVE-2026-35168)

IBM Storage Protect SQLi (CVE-2025-13855)

Cisco IMC Authentication Bypass (CVE-2026-20093)

Cisco SSM On-Prem RCE (CVE-2026-20160)

MetInfo CMS RCE (CVE-2026-29014)

Reviactyl OAuth Account Takeover (CVE-2026-34456)

CI4MS Critical XSS Vulnerability (CVE-2026-34559)

CI4MS XSS Vulnerability (CVE-2026-34563)

CI4MS CMS XSS Vulnerability (CVE-2026-34566)

CI4MS CMS Stored XSS (CVE-2026-34567)

CI4MS CMS Stored XSS (CVE-2026-34569)

CI4MS CMS Stored XSS (CVE-2026-34571)

Breaches

(7)

Amtrak Breach: 2.1M Emails, Names & Addresses Exposed (2026)

critical Apr 16

McGraw Hill Breach: 13.5M Emails & Personal Data Exposed (2026)

Hallmark Breach: 1.7M Emails & Addresses Exposed (2026)

My Lovely AI Breach Exposes 106K User Prompts

Crunchyroll Breach Exposes 1.2M User Records

SongTrivia2 Breach Exposes 291K User Passwords

SUCCESS Breach Exposes 253K User Records

News

(9)

critical Apr 17

Apache ActiveMQ CVE-2026-34197 added to CISA KEV catalo

critical Apr 13

Adobe Acrobat Zero-Day CVE-2026-34621

critical Apr 12

Weekly Threat Roundup: APT28 DNS Hijacking (Apr 6-12

Smart Slider 3 Pro Backdoored via Hijacked Update

APT28 Hijacks SOHO Routers - Microsoft 365 Credentials

Storm-1175 Exploits Zero-Days to Deploy Medusa

GPUBreach Rowhammer Attack Targets GPU Memory

Next.js React2Shell Actively Exploited - Credential

Anthropic Claude Code Source Leaked via npm Error

Intel

(45)

BBA Law Group Ransomware Claim by Safepay (April 2026)

Cheeky.com.ar Ransomware Claim by Safepay (April 2026)

First Cambodia Ransomware Claim by Safepay (April 2026)

critical Apr 18

Mag. Fünder Hausverwaltungs GmbH Ransomware Claim by INC Ransom (April 2026)

Rhode-HV Ransomware Attack by Krybit (April 2026)

Franziskusschule Wilhelmshaven Ransomware Claim by payload (Apr 2026)

Marino Food Products Hit by Payload Ransomware - April 2026

Oriental Weavers Ransomware Claim by Payload (Apr 2026)

Sunlight Express Airways Ransomware Claim by payload (Apr 2026)

TFE Group Ransomware Claim by payload (April 2026)

critical Apr 16

Clearwater Marine Aquarium Ransomware Claim by Qilin (Apr 2026)

critical Apr 16

Gruppo ICM SPA Ransomware Claim by Qilin (April 2026)

Harris Beach Murtha Ransomware Claim by SilentRansomGroup (April 2026)

critical Apr 16

Limkon Ransomware Claim by Qilin (April 2026)

The Epoch Times Ransomware Claim by coinbasecartel (April 2026)

Coast Appliances Ransomware Claim by Chaos (Apr 2026)

Flash Charm INC (Idera) Ransomware Claim by coinbasecartel (April 2026)

critical Apr 15

Gastroenterology & Hepatology of CNY Hit by Exitium (Apr 2026)

Hacked 0APT Ransomware Claim by krybit (April 2026)

LACROIX Ransomware Claim by Lamashtu (April 2026)

GRUPO RONDA Ransomware Claim by Lamashtu (April 2026)

Indigo Group Ransomware Claim by SecPo (April 2026)

JM Bozeman Enterprises Ransomware Claim by secpo (April 2026)

Mike Brandner Law Ransomware Claim by secpo (April 2026)

Richmond Plywood Ransomware Claim by secpo (April 2026)

critical Apr 13

Affordable Oil Ransomware Claim by DragonForce (April 2026)

Carters Ransomware Claim by coinbasecartel (April 2026)

Helzberg Ransomware Claim by Coinbasecartel (April 2026)

critical Apr 13

K Subsea Group Ransomware Claim by Everest (Apr 2026)

Ralph Lauren Ransomware Claim by coinbasecartel (April 2026)

Amtrak Ransomware Claim by ShinyHunters (April 2026)

CONREP SA Ransomware Claim by Krybit (April 2026)

critical Apr 12

Mastercom Ransomware Claim by INC Ransom (Apr 2026)

critical Apr 12

Morgan County GA Ransomware Claim by INC Ransom (April 2026)

Mytheresa Ransomware Claim by ShinyHunters (April 2026)

critical Apr 11

A Roettgers Ransomware Claim by Qilin (April 2026)

critical Apr 11

Campbell University Ransomware Claim by INC Ransom (April 2026)

critical Apr 11

Chalmers & Kubeck Ransomware Claim by Qilin (April 2026)

critical Apr 11

Hofland Ransomware Claim by Qilin (April 2026)

critical Apr 11

SAAM Towage Ransomware Claim by Qilin (Apr 2026)

Alvi Associates Ransomware Claim by AiLock (April 2026)

Goulston & Storrs Ransomware Claim by SilentRansomGroup (April 2026)

critical Apr 10

Kannarr Eye Care Ransomware Claim by INC Ransom (Apr 2026)

T..t Ste..ius & Ho..ter LLP Ransomware Claim by SilentRansomGroup (April 2026)

critical Apr 10

Wright-Ryan Hit by INC Ransom - April 2026

Learn

(2)

SQL Injection Attacks: Exploitation, Detection, and Modern Prevention Techniques

XSS Payload Cheat Sheet (Updated 2026 Edition)

Malware

(69)

Agent Tesla Malware: 16 Samples, Declining Trend (Apr 2026)

AsyncRAT Malware: 7 Samples, Declining Trend (Apr 2026)

Formbook Malware: 9 Samples, Declining Trend (Apr 2026)

Vidar Malware: 16 Samples, Rising Trend (Apr 2026)

Agent Tesla Malware: 23 Samples, Stable Trend (Apr 2026)

AsyncRAT Malware: 5 Samples, Declining Trend (Apr 2026)

Formbook Malware: 15 Samples, Rising Trend (Apr 2026)

QuasarRAT Malware: 3 Samples, Declining Trend (Apr 2026)

Vidar Malware: 16 Samples, Rising Trend (Apr 2026)

Agent Tesla Malware: 45 Samples, Rising Trend (Apr 2026)

AsyncRAT Malware: 15 Samples, Rising Trend (Apr 2026)

Formbook Malware: 28 Samples, Rising Trend (Apr 2026)

QuasarRAT Malware: 8 Samples, Rising Trend (Apr 2026)

Vidar Malware: 11 Samples, Rising Trend (Apr 2026)

Agent Tesla Malware: 45 Samples, Rising Trend (Apr 2026)

AsyncRAT Malware: 17 Samples, Rising Trend (Apr 2026)

Formbook Malware: 24 Samples, Rising Trend (Apr 2026)

QuasarRAT Malware: 9 Samples, Rising Trend (Apr 2026)

Vidar Malware: 15 Samples, Rising Trend (Apr 2026)

Agent Tesla Malware: 20 Samples, Rising Trend (Apr 2026)

AsyncRAT Malware: 9 Samples, Rising Trend (Apr 2026)

Formbook Malware: 13 Samples, Rising Trend (Apr 2026)

QuasarRAT Malware: 7 Samples, Rising Trend (Apr 2026)

Vidar Malware: 11 Samples, Rising Trend (Apr 2026)

AsyncRAT Malware: 4 Samples, Declining Trend (Apr 2026)

QuasarRAT Malware: 4 Samples, Stable Trend (Apr 2026)

Vidar Malware: 10 Samples, Rising Trend (Apr 2026)

AsyncRAT Malware: 4 Samples, Declining Trend (Apr 2026)

QuasarRAT Malware: 3 Samples, Declining Trend (Apr 2026)

Vidar Malware: 9 Samples, Rising Trend (Apr 2026)

Agent Tesla Malware: 12 Samples, Rising Trend (Apr 2026)

AsyncRAT Malware: 6 Samples, Stable Trend (Apr 2026)

Formbook Malware: 6 Samples, Declining Trend (Apr 2026)

QuasarRAT Malware: 4 Samples, Rising Trend (Apr 2026)

Agent Tesla Malware: 21 Samples, Rising Trend (Apr 2026)

AsyncRAT Malware: 15 Samples, Rising Trend (Apr 2026)

Formbook Malware: 14 Samples, Rising Trend (Apr 2026)

QuasarRAT Malware: 7 Samples, Rising Trend (Apr 2026)

Vidar Report - 8 New Samples (Apr 2026)

Agent Tesla Report - 9 New Samples (Apr 2026)

AsyncRAT Report - 3 New Samples (Apr 2026)

Formbook Report - 16 New Samples (Apr 2026)

QuasarRAT Report - 3 New Samples (Apr 2026)

Vidar Report - 7 New Samples (Apr 2026)

Formbook Report - 8 New Samples (Apr 2026)

QuasarRAT Report - 3 New Samples (Apr 2026)

Vidar Report - 10 New Samples (Apr 2026)

AsyncRAT Report - 3 New Samples (Apr 2026)

Vidar Report - 8 New Samples (Apr 2026)

AsyncRAT Report - 3 New Samples (Apr 2026)

Agent Tesla Report - 10 New Samples (Apr 2026)

AsyncRAT Report - 7 New Samples (Apr 2026)

QuasarRAT Report - 5 New Samples (Apr 2026)

Vidar Report - 6 New Samples (Apr 2026)

Agent Tesla Report - 21 New Samples (Apr 2026)

AsyncRAT Report - 9 New Samples (Apr 2026)

Formbook Report - 14 New Samples (Apr 2026)

QuasarRAT Report - 5 New Samples (Apr 2026)

Vidar Report - 19 New Samples (Apr 2026)

Agent Tesla Report - 22 New Samples (Apr 2026)

AsyncRAT Report - 11 New Samples (Apr 2026)

Formbook Report - 20 New Samples (Apr 2026)

QuasarRAT Report - 12 New Samples (Apr 2026)

Vidar Report - 30 New Samples (Apr 2026)

Agent Tesla Report - 22 New Samples (Apr 2026)

AsyncRAT Report - 10 New Samples (Apr 2026)

Formbook Report - 17 New Samples (Apr 2026)

QuasarRAT Report - 11 New Samples (Apr 2026)

Vidar Report - 32 New Samples (Apr 2026)

March 2026 All Threats