Home / 2026 Advisories Archive

2026 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	27 May 2026	31 May 2026	CPAI-2026-5634	CVE-2026-26980	Ghost SQL Injection (CVE-2026-26980)
High	31 May 2026	31 May 2026	CPAI-2025-16207	CVE-2025-24485	MedDream PACS Server Premium Server-Side Request Forgery (CVE-2025-24485)
High	31 May 2026	31 May 2026	CPAI-2025-16369	CVE-2025-14884	D-Link DIR-605 Command Injection (CVE-2025-14884)
High	31 May 2026	31 May 2026	CPAI-2026-5496	CVE-2026-0599	Hugging Face text-generation-inference Denial of Service (CVE-2026-0599)
Critical	28 May 2026	28 May 2026	CPAI-2026-5607		Gogs Remote Code Execution
High	28 May 2026	28 May 2026	CPAI-2026-5588	CVE-2026-8181	WordPress Burst Statistics Plugin Authentication Bypass (CVE-2026-8181)
High	28 May 2026	28 May 2026	CPAI-2026-5556	CVE-2023-45672 CVE-2026-25643	Frigate Remote Code Execution (CVE-2023-45672; CVE-2026-25643)
High	28 May 2026	28 May 2026	CPAI-2024-6939	CVE-2024-48760	GestioIP Remote Code Execution (CVE-2024-48760)
High	28 May 2026	28 May 2026	CPAI-2026-5196	CVE-2026-44127	SEPPmail Secure Email Gateway Directory Traversal (CVE-2026-44127)
High	28 May 2026	28 May 2026	CPAI-2026-5189	CVE-2026-34472	ZTE ZXHN H188A Information Disclosure (CVE-2026-34472)
High	28 May 2026	28 May 2026	CPAI-2026-5187	CVE-2026-31861	CloudCLI Cloud CLI Command Injection (CVE-2026-31861)
Critical	28 May 2026	28 May 2026	CPAI-2025-12529	CVE-2025-45988	B-Link Multiple Products Command Injection (CVE-2025-45988)
High	28 May 2026	28 May 2026	CPAI-2025-12527	CVE-2025-14156	WordPress Fox LMS Plugin Privilege Escalation (CVE-2025-14156)
High	27 May 2026	27 May 2026	CPAI-2026-5521	CVE-2026-26980	Ghost SQL Injection (CVE-2026-26980)
High	27 May 2026	27 May 2026	CPAI-2026-5519	CVE-2026-42271	LiteLLM Command Injection (CVE-2026-42271)
High	27 May 2026	27 May 2026	CPAI-2026-5507	CVE-2026-27826	Sooperset MCP Atlassian Server-Side Request Forgery (CVE-2026-27826)
Critical	25 May 2026	27 May 2026	CPAI-2026-5517	CVE-2026-48172	LiteSpeed cPanel Plugin Command Injection (CVE-2026-48172)
High	24 May 2026	27 May 2026	CPAI-2026-5516	CVE-2026-48132	IKE Improper Length Validation (CVE-2026-48132)
High	24 May 2026	26 May 2026	CPAI-2026-5502	CVE-2026-48132	IKE Improper Length Validation (CVE-2026-48132)
High	11 May 2026	26 May 2026	CPAI-2026-5501	CVE-2026-48131	IKE Unsigned Underflow (CVE-2026-48131)
Critical	26 May 2026	26 May 2026	CPAI-2026-5425		Windows System Files Information Disclosure Over HTTP
High	26 May 2026	26 May 2026	CPAI-2026-5435	CVE-2026-45434	Apache OFBiz Remote Code Execution (CVE-2026-45434)
High	25 May 2026	25 May 2026	CPAI-2026-5355	CVE-2026-48172	LiteSpeed cPanel Plugin Command Injection (CVE-2026-48172)
High	25 May 2026	25 May 2026	CPAI-2025-16239	CVE-2025-29962	Microsoft Windows Media Heap Overflow (CVE-2025-29962)
High	30 Mar 2026	25 May 2026	CPAI-2026-5373	CVE-2026-25769	Wazuh Remote Code Execution (CVE-2026-25769)
High	25 May 2026	25 May 2026	CPAI-2026-5322	CVE-2026-4537	Cudy TR1200 Command Injection (CVE-2026-4537)
Critical	24 May 2026	25 May 2026	CPAI-2026-5356	CVE-2026-9082	Drupal Core SQL Injection (CVE-2026-9082)
Critical	24 May 2026	24 May 2026	CPAI-2026-5315	CVE-2026-9082	Drupal Core SQL Injection (CVE-2026-9082)
High	24 May 2026	24 May 2026	CPAI-2026-5310		IKE Improper Length Validation
High	24 May 2026	24 May 2026	CPAI-2025-16218	CVE-2025-34291	Langflow Remote Code Execution (CVE-2025-34291)
Critical	24 May 2026	24 May 2026	CPAI-2026-5229	CVE-2026-25874	HuggingFace LeRobot Remote Code Execution (CVE-2026-25874)
Medium	24 May 2026	24 May 2026	CPAI-2021-3115	CVE-2021-30119	Kaseya VSA Cross-Site Scripting (CVE-2021-30119)
High	24 May 2026	24 May 2026	CPAI-2021-3114	CVE-2021-30201	Kaseya VSA XML External Entity Injection (CVE-2021-30201)
Critical	24 May 2026	24 May 2026	CPAI-2024-6801	CVE-2024-5982	Gaizhenbiao ChuanhuChatGPT Directory Traversal (CVE-2024-5982)
High	24 May 2026	24 May 2026	CPAI-2024-6798	CVE-2024-1675	Google Chrome Security Bypass (CVE-2024-1675)
High	24 May 2026	24 May 2026	CPAI-2026-4976	CVE-2026-33497	Langflow Directory Traversal (CVE-2026-33497)
High	24 May 2026	24 May 2026	CPAI-2026-4973	CVE-2026-0766	OpenWebUI Open WebUI Command Injection (CVE-2026-0766)
High	24 May 2026	24 May 2026	CPAI-2023-3926	CVE-2023-4069	Google Chrome Type Confusion (CVE-2023-4069)
High	24 May 2026	24 May 2026	CPAI-2025-16148	CVE-2025-68478	Langflow Arbitrary File Write (CVE-2025-68478)
High	24 May 2026	24 May 2026	CPAI-2025-16149	CVE-2025-14700	CraftyControl Crafty Controller Remote Code Execution (CVE-2025-14700)
High	24 May 2026	24 May 2026	CPAI-2026-5232	CVE-2026-32255	Kan Server-Side Request Forgery (CVE-2026-32255)
High	24 May 2026	24 May 2026	CPAI-2026-5228	CVE-2026-6988 CVE-2026-7151	Tenda HG Routers Buffer Overflow (CVE-2026-6988; CVE-2026-7151)
High	24 May 2026	24 May 2026	CPAI-2026-4810	CVE-2026-4903	Tenda AC5 Buffer Overflow (CVE-2026-4903)
High	24 May 2026	24 May 2026	CPAI-2026-4805	CVE-2026-33340	ParisNeo LoLLMs WEBUI Server-Side Request Forgery (CVE-2026-33340)
High	24 May 2026	24 May 2026	CPAI-2026-4803	CVE-2026-33484	Langflow Information Disclosure (CVE-2026-33484)
High	24 May 2026	24 May 2026	CPAI-2026-5206	CVE-2026-3715 CVE-2026-5004	Wavlink WL-WN579X3-C Buffer Overflow (CVE-2026-3715; CVE-2026-5004)
High	24 May 2026	24 May 2026	CPAI-2026-5017	CVE-2026-25620	Arista NG Firewall Command Injection (CVE-2026-25620)
Critical	14 May 2026	24 May 2026	CPAI-2026-5215	CVE-2026-42945	Nginx Heap Overflow (CVE-2026-42945)
High	13 Apr 2026	24 May 2026	CPAI-2026-3335	CVE-2026-34197	Apache ActiveMQ Code Injection (CVE-2026-34197)
Critical	5 Mar 2026	24 May 2026	CPAI-2026-1265	CVE-2026-21902	Juniper Networks Junos OS Evolved Remote Code Execution (CVE-2026-21902)