Vendor: Apache
Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.
DetailsVendor: Microsoft
Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object.
DetailsVendor: Microsoft
Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.
DetailsVendor: Microsoft
Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution.
DetailsVendor: Microsoft
Microsoft Windows contains a link following vulnerability that allows for privilege escalation
DetailsVendor: Microsoft
Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.
DetailsVendor: Microsoft
Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation
DetailsVendor: Adobe
Adobe Acrobat contains a use-after-free vulnerability that allows for code execution
DetailsVendor: Fortinet
Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
DetailsVendor: Adobe
Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.
DetailsLast updated: April 20, 2026, 3:58 p.m.