| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33589 | Arbitrary File Read via Local File Inclusion (LFI) | Open Notebook | Open Notebook | - | - | 2026-05-07 10:31:53 | Deep Dive |
| CVE-2026-33588 | Arbitrary File Write Through Path Traversal | Open Notebook | Open Notebook | - | - | 2026-05-07 10:28:09 | Deep Dive |
| CVE-2026-33587 | Remote Code Execution (RCE) via Server-Side Template Injection (SSTI) | Open Notebook | Open Notebook | - | - | 2026-05-07 10:22:16 | Deep Dive |
| CVE-2026-27415 | WordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability | PluginUs.Net | BEAR | Medium | 4.3 | 2026-05-07 10:20:29 | Deep Dive |
| CVE-2026-28201 | SurrealDB Injection on Open Notebook | Open Notebook | Open Notebook | - | - | 2026-05-07 10:12:06 | Deep Dive |
| CVE-2026-6805 | Vulnerability on Cryptobox external sharing feature | Ercom | Cryptobox | - | - | 2026-05-07 09:45:43 | Deep Dive |
| CVE-2026-27416 | WordPress PDF Poster plugin <= 2.4.1 - Broken Access Control vulnerability | bPlugins | PDF Poster | Medium | 5.3 | 2026-05-07 08:38:15 | Deep Dive |
| CVE-2024-43384 | Phoenix Contact: Improper removal of sensitive information in MGUARD products | PHOENIX CONTACT | FL MGUARD 2102 | High | 8.0 | 2026-05-07 08:37:04 | Deep Dive |
| CVE-2025-1978 | Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console | Hitachi | Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900 | High | 8.3 | 2026-05-07 08:05:43 | Deep Dive |
| CVE-2025-62127 | WordPress WEN Logo Slider plugin <= 3.4.0 - Cross Site Scripting (XSS) vulnerability | WEN Themes | WEN Logo Slider | Medium | 5.9 | 2026-05-07 07:54:05 | Deep Dive |
| CVE-2025-66105 | WordPress Bus Ticket Booking with Seat Reservation plugin < 5.6.8 - Broken Access Control vulnerability | Magepeople inc. | Bus Ticket Booking with Seat Reservation | Medium | 5.3 | 2026-05-07 07:46:34 | Deep Dive |
| CVE-2025-68060 | WordPress Team Member plugin <= 8.5 - SQL Injection vulnerability | WPMart | Team Member | High | 7.6 | 2026-05-07 07:44:13 | Deep Dive |
| CVE-2025-68604 | WordPress WPGraphQL plugin <= 2.5.3 - Cross Site Request Forgery (CSRF) vulnerability | WPGraphQL | WPGraphQL | Medium | 5.4 | 2026-05-07 07:40:27 | Deep Dive |
| CVE-2026-25468 | WordPress Happy Addons for Elementor plugin <= 3.20.8 - Sensitive Data Exposure vulnerability | weDevs | Happy Addons for Elementor | Medium | 5.3 | 2026-05-07 07:37:59 | Deep Dive |
| CVE-2026-27329 | WordPress YITH WooCommerce Wishlist plugin <= 4.12.0 - Insecure Direct Object References (IDOR) vulnerability | YITH | YITH WooCommerce Wishlist | Medium | 5.3 | 2026-05-07 07:35:51 | Deep Dive |
| CVE-2026-25436 | WordPress Royal Elementor Addons plugin < 1.7.1053 - Broken Access Control vulnerability | WProyal | Royal Elementor Addons | Medium | 5.3 | 2026-05-07 07:34:02 | Deep Dive |
| CVE-2026-44407 | Remote Denial of Service Vulnerability Exists in ZTE Cloud PC Client uSmartview | ZTE | ZXCLOUD iRAI | Medium | 4.7 | 2026-05-07 07:33:18 | Deep Dive |
| CVE-2026-27421 | WordPress Royal Elementor Addons plugin < 1.7.1053 - Cross Site Scripting (XSS) vulnerability | WProyal | Royal Elementor Addons | Medium | 6.5 | 2026-05-07 07:31:53 | Deep Dive |
| CVE-2025-2514 | Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachi Virtual Storage Platform | Hitachi | Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900 | Medium | 5.3 | 2026-05-07 07:30:28 | Deep Dive |
| CVE-2026-4430 | Heap Buffer Overflow in AgileEngine | The Document Foundation | LibreOffice | - | - | 2026-05-07 07:16:19 | Deep Dive |