CVE Prioritization
Triage CVEs by EPSS, CISA KEV, PoC availability, attack complexity, and in-feed incidents.
50
Total CVEs
12
Critical
0
KEV / Exploited
0
PoC Exists
0
Zero Day
0
Patch Available
| CVE ID | Published | Severity | EPSS Score | Complexity | Status | PoC | Patch | Due Date | Feed Hits | Description | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 03 Apr 2026 | MEDIUM 5.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus a | Details | |
| 03 Apr 2026 | HIGH 8.6 |
0.0%
|
LOW |
—
|
— | — | — | 0 | PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates | Details | |
| 03 Apr 2026 | CRITICAL 9.1 |
0.0%
|
LOW |
—
|
— | — | — | 0 | PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any tok | Details | |
| 03 Apr 2026 | CRITICAL 9.1 |
0.0%
|
LOW |
—
|
— | — | — | 0 | PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connect | Details | |
| 03 Apr 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied | Details | |
| 03 Apr 2026 | CRITICAL 10 |
0.0%
|
LOW |
—
|
— | — | — | 0 | PraisonAI is a multi-agent teams system. Prior to version 1.5.90, execute_code() in praisonai-agents runs attacker-contr | Details | |
| 03 Apr 2026 | HIGH 7.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | PraisonAI is a multi-agent teams system. Prior to version 1.5.90, run_python() in praisonai constructs a shell command s | Details | |
| 03 Apr 2026 | HIGH 7.7 |
0.0%
|
LOW |
—
|
— | — | — | 0 | PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough() and apassthrough() in praisonai accept a | Details | |
| 03 Apr 2026 | CRITICAL 9.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI argument is passed | Details | |
| 03 Apr 2026 | CRITICAL 9.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the get_all_user_threads function constructs raw SQL q | Details | |
| 03 Apr 2026 | MEDIUM 5.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to ve | Details | |
| 03 Apr 2026 | HIGH 7.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1 | Details | |
| 03 Apr 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Emlog is an open source website building system. In versions 2.6.2 and prior, a SQL injection vulnerability exists in in | Details | |
| 03 Apr 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Emlog is an open source website building system. In versions 2.6.2 and prior, a Local File Inclusion (LFI) vulnerability | Details | |
| 03 Apr 2026 | CRITICAL 9.9 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Kestra is an open-source, event-driven orchestration platform. Prior to version 1.3.7, Kestra (default docker-compose de | Details | |
| 03 Apr 2026 | HIGH 7.2 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Emlog is an open source website building system. In versions 2.6.2 and prior, a path traversal vulnerability exists in t | Details | |
| 03 Apr 2026 | MEDIUM 6.1 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Emlog is an open source website building system. Prior to version 2.6.8, there is a stored cross-site scripting (XSS) vu | Details | |
| 03 Apr 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Emlog is an open source website building system. Prior to version 2.6.8, the backend upgrade interface accepts remote SQ | Details | |
| 03 Apr 2026 | MEDIUM 4.9 |
0.0%
|
LOW |
—
|
— | — | — | 0 | nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus a | Details | |
| 03 Apr 2026 | MEDIUM 5.9 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | LTI JupyterHub Authenticator is a JupyterHub authenticator for LTI. Prior to version 1.6.3, the LTI 1.1 validator stores | Details | |
| 03 Apr 2026 | HIGH 7.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus a | Details | |
| 03 Apr 2026 | CRITICAL 9.1 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec deployments that all | Details | |
| 03 Apr 2026 | CRITICAL 9.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authenticatio | Details | |
| 03 Apr 2026 | HIGH 7.1 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorizat | Details | |
| 03 Apr 2026 | CRITICAL 9.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | ProSoft Technology ICX35-HWC versions 1.3 and prior cellular gateways contain an input validation vulnerability in the w | Details | |
| 03 Apr 2026 | CRITICAL 9.1 |
0.0%
|
LOW |
—
|
— | — | — | 0 | ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in t | Details | |
| 03 Apr 2026 | CRITICAL 9.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated | Details | |
| 03 Apr 2026 | MEDIUM 5.4 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correc | Details | |
| 03 Apr 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 | Details | |
| 03 Apr 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 | Details | |
| 03 Apr 2026 | MEDIUM 5.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 | Details | |
| 03 Apr 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 | Details | |
| 03 Apr 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to be | Details | |
| 03 Apr 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an o | Details | |
| 03 Apr 2026 | HIGH 8.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub. Prior to ver | Details | |
| 03 Apr 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions 0.24.0 and prior, a Server-Side Templ | Details | |
| 03 Apr 2026 | HIGH 7.2 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injection vulnerability w | Details | |
| 03 Apr 2026 | HIGH 7.2 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injection vulnerability e | Details | |
| 03 Apr 2026 | HIGH 7.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the pwg.history.search API meth | Details | |
| 03 Apr 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the four date filter parameters | Details | |
| 03 Apr 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to be | Details | |
| 03 Apr 2026 | MEDIUM 4.7 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use) vuln | Details | |
| 03 Apr 2026 | MEDIUM 4.8 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 | Details | |
| 03 Apr 2026 | CRITICAL 9.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interfac | Details | |
| 03 Apr 2026 | HIGH 8.1 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior t | Details | |
| 03 Apr 2026 | HIGH 8.2 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical | Details | |
| 03 Apr 2026 | HIGH 7.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux | Details | |
| 03 Apr 2026 | HIGH 7.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow | Details | |
| 03 Apr 2026 | HIGH 7.4 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC drive | Details | |
| 03 Apr 2026 | HIGH 7.4 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0 | Details |