CVE-2026-35056 | XenForo up to 2.2.17/2.3.8 code injection

April 1, 2026 Yanac

A vulnerability was found in XenForo up to 2.2.17/2.3.8. It has been rated as critical. This affects an unknown part. Performing a manipulation results in code injection.

This vulnerability was named CVE-2026-35056. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More

CVE-2026-34443 | freescout-help-desk freescout up to 1.8.210 app/Misc/Helper.php checkIpByMask server-side request forgery (GHSA-c9v3-4c59-x5q2)
CVE-2026-34737 | WWBN AVideo up to 26.0 Endpoint test.php retrieveSubscriptions authorization (GHSA-38rh-4v39-vfxv)