| | CVE-2026-26183 |  Microsoft | high | 7.8 | 0.0%
| | Improper access control in Windows RPC API allows an authorized attacker to elevate privileges local… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26181 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privilege… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26180 | Microsoft | high | 7.8 | 0.0%
| | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges loc… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26179 | Microsoft | high | 7.8 | 0.1%
| | Double free in Windows Kernel allows an authorized attacker to elevate privileges locally. | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26175 | Microsoft | medium | 4.6 | 0.2%
| | Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a se… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26174 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26167 | Microsoft | high | 8.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26166 | Microsoft | high | 7.0 | 0.0%
| | Double free in Windows Shell allows an authorized attacker to elevate privileges locally. | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26165 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Shell allows an authorized attacker to elevate privileges locally. | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26162 | Microsoft | high | 7.8 | 0.1%
| | Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized at… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26161 | Microsoft | high | 7.8 | 0.1%
| | Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevat… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26160 | Microsoft | high | 7.8 | 0.0%
| | Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an a… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26155 | Microsoft | medium | 6.5 | 0.1%
| | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26154 | Microsoft | high | 7.5 | 0.1%
| | Improper input validation in Windows Server Update Service allows an unauthorized attacker to perfor… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26151 | Microsoft | high | 7.1 | 0.1%
| | Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized att… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-23670 | Microsoft | medium | 5.7 | 0.1%
| | Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an autho… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-25184 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Applo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-20930 | Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-39815 |  Fortinet | high | 8.8 | 0.1%
| | A improper neutralization of special elements used in an sql command ('sql injection') vulnerability… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2026-39814 | Fortinet | medium | 6.7 | 0.0%
| | A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 thr… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39813 | Fortinet | critical | 9.8 | 0.1%
| | A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSand… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2026-39812 | Fortinet | medium | 4.8 | 0.0%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39811 | Fortinet | medium | 4.9 | 0.1%
| | A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39810 | Fortinet | medium | 6.0 | 0.0%
| | A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 m… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39809 | Fortinet | medium | 6.7 | 0.0%
| | A improper neutralization of special elements used in an sql command ('sql injection') vulnerability… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39808 | Fortinet | critical | 9.8 | 0.1%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Apr 14, 2026 | Apr 22, 2026 |
| | CVE-2026-27316 | Fortinet | low | 2.7 | 0.0%
| | A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, F… | Apr 14, 2026 | Apr 22, 2026 |
| | CVE-2026-25691 | Fortinet | medium | 6.7 | 0.1%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Apr 14, 2026 | Apr 22, 2026 |
| | CVE-2026-23708 | Fortinet | high | 7.5 | 0.1%
| | A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR Pa… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-22828 | Fortinet | high | 8.1 | 0.2%
| | A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, Fort… | Apr 14, 2026 | May 1, 2026 |
| | CVE-2026-22576 | Fortinet | medium | 4.3 | 0.0%
| | A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-22574 | Fortinet | medium | 4.1 | 0.0%
| | A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-22573 | Fortinet | medium | 6.5 | 0.1%
| | An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in F… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-22155 | Fortinet | medium | 6.5 | 0.0%
| | A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 thr… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-22154 | Fortinet | medium | 4.6 | 0.0%
| | An improper neutralization of input during web page generation ('cross-site scripting') vulnerabilit… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-21742 | Fortinet | medium | 5.7 | 0.0%
| | A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 thr… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-21741 | Fortinet | low | 2.4 | 0.0%
| | An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fort… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2025-68649 | Fortinet | medium | 6.0 | 0.1%
| | An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in F… | Apr 14, 2026 | Apr 22, 2026 |
| | CVE-2025-61886 | Fortinet | medium | 5.4 | 0.0%
| | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilit… | Apr 14, 2026 | Apr 22, 2026 |
| | CVE-2025-61848 | Fortinet | high | 7.2 | 0.0%
| | An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2025-61624 | Fortinet | medium | 6.0 | 0.1%
| | An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') [CWE-22] vulnerabi… | Apr 14, 2026 | May 12, 2026 |
| | CVE-2025-59809 | Fortinet | medium | 4.3 | 0.0%
| | A server-side request forgery (ssrf) vulnerability [CWE-918] vulnerability in Fortinet FortiSOAR Paa… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2024-23104 | Fortinet | medium | 5.4 | 0.1%
| | An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2025-53847 | Fortinet | medium | 6.2 | 0.0%
| | A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3… | Apr 14, 2026 | May 12, 2026 |
| | CVE-2026-5713 |  Red Hat | medium | 6.0 | — | | A flaw was found in Python. A malicious Python process could exploit the "profiling.sampling" module… | Apr 14, 2026 | Apr 14, 2026 |
| | CVE-2026-33929 |  Apache | medium | 4.3 | 0.0%
| | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apac… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2026-31924 | Apache | medium | 5.3 | 0.0%
| | Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.
tencent-cloud-cls l… | Apr 14, 2026 | Apr 17, 2026 |
| | CVE-2026-31923 | Apache | high | 7.5 | 0.0%
| | Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.
This can occur due … | Apr 14, 2026 | Apr 17, 2026 |
| | CVE-2026-31908 | Apache | critical | 9.1 | 0.1%
| | Header injection vulnerability in Apache APISIX.
The attacker can take advantage of certain configu… | Apr 14, 2026 | Apr 17, 2026 |
| | CVE-2026-34984 | Red Hat | medium | 6.5 | 0.0%
| | A flaw was found in External Secrets Operator. An attacker with the ability to create or update temp… | Apr 14, 2026 | Apr 14, 2026 |