Published threat advisories for May 18, 2026

An external attacker can use the Amazon Redshift Python driver to gain unauthorized control of a user's system by tricking it into connecting to a malicious database. This exposes the organization to a full system takeover and the loss of sensitive data.

NVD published: May 18, 2026

Dokploy's command injection flaw lets authenticated users take over your server. Update to 0.26.7 now to prevent serious data compromise and unauthorized access.

NVD published: May 18, 2026

An external attacker could exploit WebdriverIO by using a malicious repository to run unauthorized code on CI/CD servers or developer machines. This could lead to the theft of sensitive credentials, source code, and secrets, potentially resulting in a compromise of your build systems.

NVD published: May 18, 2026

An external attacker can take advantage of a flaw in lwIP network software to gain unauthorized control over devices or cause system outages. This vulnerability creates a risk of full system compromise, potentially disrupting critical operations and essential connectivity.

NVD published: May 18, 2026

A critical flaw in Microsoft Edge allows attackers to take control of systems over the internet without any user action, making immediate updates essential for your security.

NVD published: May 18, 2026

Azure Local has a flaw in its disconnected operations feature that allows an external attacker to bypass security checks and gain administrative control. This could enable them to modify sensitive system configurations or create unauthorized accounts, potentially compromising critical business infrastructure.

NVD published: May 18, 2026

NOVUS AirGate 4G firmware has a critical flaw that lets anyone steal administrator passwords. This means unauthorized people could take control of your network access points.

NVD published: May 18, 2026

An external attacker can exploit a vulnerability in the ChromaDB service to gain full control of the server without requiring credentials. This flaw puts business operations at significant risk by enabling the theft of sensitive data and the disruption of critical database services.

NVD published: May 18, 2026

Dify versions prior to 1.14.1 have a critical flaw allowing authenticated users to access internal systems by manipulating file paths, potentially exposing sensitive data. The platform's easy self-registration for Dify Cloud makes it accessible to anyone.

NVD published: May 18, 2026

Dify has a critical flaw allowing editors to redirect all messages and responses from any application to attacker-controlled systems, with easy public access for exploitation.

NVD published: May 18, 2026

An external attacker can cause services using GnuTLS to become unresponsive. This matters because it could disrupt critical network communication and weaken defenses.

NVD published: May 18, 2026

SGLang AI systems face a critical risk of takeover. An attacker can run unauthorized code remotely on systems using SGLang's generation runtime without needing any login, if a specific configuration option is enabled.

NVD published: May 18, 2026

An external attacker can exploit a file upload flaw in SGLang to overwrite critical system files and seize control of the server. This poses a severe risk of a total loss of system integrity and could lead to further unauthorized activity across the business network.

NVD published: May 18, 2026

SGLang systems with exposed network interfaces allow attackers to run any code, potentially taking over your servers. Address this critical vulnerability immediately to prevent unauthorized access.

NVD published: May 18, 2026

Creartia ICMS has a critical flaw allowing anyone to bypass login and gain admin access by tricking the system with a fake redirect. This internet-accessible vulnerability could lead to unauthorized control of your website or data.

NVD published: May 18, 2026