One hundred sixty-five new vulnerabilities were published on April 2, 2026, with 47 meeting relevance criteria. Two headlines dominate the day. watchTowr discovered a pre-authentication RCE chain in Progress ShareFile Storage Zones Controller affecting up to 30,000 internet-exposed instances. FastMCP, the standard Python framework for MCP (Model Context Protocol) applications, received a CVSS 10.0 for SSRF and path traversal.
| CVE | CVSS | Product | Type |
|---|---|---|---|
| CVE-2026-32871 | 10.0 | FastMCP | SSRF + path traversal |
| CVE-2026-2699 | 9.8 | Progress ShareFile SZC | Authentication bypass |
| CVE-2026-33746 | 9.8 | Convoy KVM Panel | Not disclosed |
| CVE-2026-33950 | 9.4 | Signal K Server | Privilege escalation |
| CVE-2026-35002 | 9.3 | Agno AI Framework | Arbitrary code execution |
| CVE-2026-2701 | 9.1 | Progress ShareFile SZC | RCE (config manipulation) |
| CVE-2026-28805 | 8.8 | OpenSTAManager | SQL injection |
| CVE-2026-35168 | 8.8 | OpenSTAManager | SQL injection |
| CVE-2026-21765 | 8.8 | HCL BigFix | Insecure key permissions |
| CVE-2026-34121 | 8.7 | TP-Link Tapo C520WS | Authentication bypass |
| CVE-2026-4347 | 8.1 | WordPress MW WP Form | Arbitrary file move → RCE |
CVE-2026-2699 (CVSS 9.8) is an authentication bypass in Progress ShareFile Storage Zones Controller branch 5.x. Improper handling of HTTP redirects gives an unauthenticated attacker access to the admin interface. CVE-2026-2701 (CVSS 9.1) turns that access into RCE. The attacker modifies Storage Zone configuration, generates valid HMAC signatures, uploads a webshell, and executes it.
Progress acquired ShareFile from Citrix in 2024. Researchers at watchTowr reported the flaws to Progress between February 6 and 13, 2026, and confirmed the full chain on February 18. Their scans found approximately 30,000 Storage Zone Controller instances exposed online. Shadowserver Foundation observes 700, mostly in the US and Europe. No active exploitation has been observed.
Progress patched both flaws in version 5.12.4 on March 10, 2026. Branch 6.x is not vulnerable. watchTowr published a Detection Artifact Generator that checks for exposure to CVE-2026-2699 by querying Admin.aspx.
ShareFile Storage Zones Controller has a history. CVE-2021-22941 was an unauthenticated RCE exploited in the wild. CVE-2020-7473, CVE-2020-8982, and CVE-2020-8983 were access control flaws. Organisations running SZC should treat this product as high-maintenance from a patching perspective.
— Artem Safonov, Threat Analyst at AnonHaven
CVE-2026-32871 (CVSS 10.0) hits FastMCP, the primary Python library for building MCP applications. The OpenAPIProvider component substitutes path parameter values into URL templates without URL-encoding them. An attacker controlling a path parameter can use ../ sequences to escape the intended API prefix and reach arbitrary backend endpoints.
Requests carry the MCP provider's authorization headers, letting an attacker reach internal-only APIs and exfiltrate data. Fixed in FastMCP version 3.2.0.
FastMCP has disclosed multiple flaws recently. CVE-2025-62801 (CVSS 7.8) was command injection in the server_name field. CVE-2025-64340 was command injection via shell metacharacters.
CVE-2026-27124 was an OAuth confused deputy, fixed in the same 3.2.0 release. IBM's watsonx.data is among products hit by CVE-2025-62801, per IBM's own security bulletin.
Two AI framework CVEs in one digest. FastMCP CVSS 10.0 and Agno arbitrary code execution at 9.3. MCP adoption is accelerating across enterprise AI deployments, and the frameworks that power it are accumulating vulnerabilities at a pace that security teams may not be tracking yet.
— Artem Safonov, Threat Analyst at AnonHaven
CVE-2026-33746 (CVSS 9.8) affects Convoy, a KVM server management panel for hosting businesses. Beta versions 3.9.0 and later are vulnerable. The specific flaw type has not been disclosed.
Signal K Server is a marine data hub for vessel navigation. CVE-2026-33950 (CVSS 9.4) is a privilege escalation that could compromise navigation data integrity on vulnerable vessels.
CVE-2026-35002 (CVSS 9.3) is arbitrary code execution in Agno, a Python AI agent framework. Versions prior to 2.3.24 are affected. The flaw sits in the model execution component.
Four vulnerabilities hit the TP-Link Tapo C520WS v2.6 security camera. CVE-2026-34121 (CVSS 8.7) is an authentication bypass in the HTTP configuration service. Three lower-severity flaws cover denial of service (CVE-2026-34124), a stack buffer overflow (CVE-2026-34122), and a heap buffer overflow (CVE-2026-34120), all at CVSS 7.1. An auth bypass on a security camera means access to video feeds.
WordPress picked up four plugin flaws. CVE-2026-4347 (CVSS 8.1) is an arbitrary file move leading to RCE in MW WP Form. CVE-2026-5032 (CVSS 7.5) is information disclosure in W3 Total Cache through version 2.9.3.
CVE-2026-1540 (CVSS 7.2) affects Spam Protect for Contact Form 7 prior to 1.2.10. CVE-2026-0686 (CVSS 7.2) is SSRF in the Webmention plugin through version 5.6.
CVE-2026-21765 (CVSS 8.8) exposes private cryptographic keys through insecure permissions in HCL BigFix. CVE-2026-30332 (CVSS 7.5) is a TOCTOU (time-of-check to time-of-use) race condition in Balena Etcher that could allow image substitution during USB writes. CVE-2026-0634 (CVSS 7.8) is command injection in the TECNO Pova7 Pro 5G via AssistFeedbackService.
Have a story? Become a contributor.
We work with independent researchers and cybersecurity professionals. Send us a tip or submit your article for editorial review.
