| CVE-2025-71284 | CVE-2025-71284: Critical Vulnerability in Synway SMG Gateway Management Software | CRITICAL | Command Injection | Smg Gateway Management Software | -- | Apr 30, 2026 |
| CVE-2026-41940 | CVE-2026-41940: Critical Vulnerability in cPanel & WHM | CRITICAL | Missing Authentication | Cpanel | Yes | Apr 29, 2026 |
| CVE-2025-60889 | CVE-2025-60889: Critical Vulnerability in StellarGroup HPX | CRITICAL | Insecure Deserialization | — | -- | Apr 28, 2026 |
| CVE-2026-42363 | CVE-2026-42363: Critical Vulnerability in GeoVision GV-IP Device Utility | CRITICAL | Other | — | -- | Apr 27, 2026 |
| CVE-2026-6951 | CVE-2026-6951: Critical Vulnerability in simple-git | CRITICAL | Code Injection | — | -- | Apr 25, 2026 |
| CVE-2026-41478 | CVE-2026-41478: Critical Vulnerability in Saltcorn | CRITICAL | SQL Injection | — | -- | Apr 24, 2026 |
| CVE-2026-41248 | CVE-2026-41248: Critical Vulnerability in Clerk JavaScript | CRITICAL | Incorrect Authorization | — | -- | Apr 24, 2026 |
| CVE-2026-41428 | CVE-2026-41428: Critical Vulnerability in Budibase | CRITICAL | Authentication Bypass | — | -- | Apr 24, 2026 |
| CVE-2026-39920 | CVE-2026-39920: Critical Vulnerability in BridgeHead FileStore | CRITICAL | Other | — | -- | Apr 24, 2026 |
| CVE-2026-32210 | CVE-2026-32210: Critical Vulnerability in Microsoft Dynamics 365 (Online) | CRITICAL | SSRF | — | -- | Apr 23, 2026 |
| CVE-2026-26210 | CVE-2026-26210: Critical Vulnerability in KTransformers | CRITICAL | Insecure Deserialization | — | -- | Apr 23, 2026 |
| CVE-2025-62373 | CVE-2025-62373: Critical Vulnerability in Pipecat | CRITICAL | Insecure Deserialization | Pipecat | -- | Apr 23, 2026 |
| CVE-2025-50229 | CVE-2025-50229: Critical Vulnerability in Jizhicms | CRITICAL | SQL Injection | Jizhicms | -- | Apr 23, 2026 |
| CVE-2026-39440 | CVE-2026-39440: Critical Vulnerability in Funnelforms LLC FunnelFormsPro | CRITICAL | Code Injection | — | -- | Apr 23, 2026 |
| CVE-2025-41029 | CVE-2025-41029: Critical Vulnerability in Zeon Academy Pro | CRITICAL | SQL Injection | — | -- | Apr 21, 2026 |
| CVE-2025-15638 | CVE-2025-15638: Critical Vulnerability in Atrodo Net::Dropbear | CRITICAL | Unknown | Net\ | -- | Apr 21, 2026 |
| CVE-2025-15625 | CVE-2025-15625: Critical Vulnerability in Sparx Pro Cloud Server | CRITICAL | SQL Injection | — | -- | Apr 17, 2026 |
| CVE-2025-15624 | CVE-2025-15624: Critical Vulnerability in Sparx Systems Sparx Pro Cloud Server | CRITICAL | Other | — | -- | Apr 17, 2026 |
| CVE-2025-15623 | CVE-2025-15623: Critical Vulnerability in Sparx Systems Sparx Pro Cloud Server | CRITICAL | Other | — | -- | Apr 17, 2026 |
| CVE-2026-37340 | CVE-2026-37340: Critical Vulnerability in SourceCodester Simple Music Cloud Community System | CRITICAL | SQL Injection | — | -- | Apr 16, 2026 |
.webp)