CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-3564 ScreenConnect Instance Level Cryptographic Material Exposure 17.03.2026 9
CVE-2026-4312 DrangSoft|GCB/FCB Audit Software - Missing Authentication 17.03.2026 9.3
CVE-2026-28430 Chamilo LMS Vulnerable to Unauthenticated SQL Injection in chamiko-lms model.ajax.php 17.03.2026 9.3
CVE-2026-27962 Authlib JWS JWK Header Injection: Signature Verification Bypass 17.03.2026 9.1
CVE-2026-4254 Tenda AC8 HTTP Endpoint SysToolChangePwd doSystemCmd stack-based overflow 16.03.2026 9.3
CVE-2026-23489 Fields GLPI plugin vulnerable to RCE in dropdown generation 16.03.2026 9.1
CVE-2026-4252 Tenda AC8 IPv6 check_is_ipv6 ip address for authentication 16.03.2026 9.3
CVE-2025-62319 Boolean-Based SQL Injection in Multiple Unica Components 17.03.2026 9.8
CVE-2017-20223 Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference 16.03.2026 9.3
CVE-2017-20224 Telesquare SKT LTE Router SDT-CS3B1 WebDAV Arbitrary File Upload 16.03.2026 9.3
CVE-2026-4184 D-Link DIR-816 goahead form2Wl5BasicSetup.cgi stack-based overflow 16.03.2026 9.3
CVE-2026-4183 D-Link DIR-816 goahead form2WlanBasicSetup.cgi stack-based overflow 16.03.2026 9.3
CVE-2026-4181 D-Link DIR-816 goahead form2RepeaterStep2.cgi stack-based overflow 16.03.2026 9.3
CVE-2026-4182 D-Link DIR-816 goahead form2Wl5RepeaterStep2.cgi stack-based overflow 16.03.2026 9.3
CVE-2016-20024 ZKTeco ZKTime.Net 3.0.1.6 Insecure File Permissions Privilege Escalation 16.03.2026 9.3
CVE-2016-20026 ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote Code Execution 16.03.2026 9.3
CVE-2016-20030 ZKTeco ZKBioSecurity 3.0 User Enumeration via authLoginAction 16.03.2026 9.3
CVE-2026-4170 Topsec TopACM HTTP Request nmc_sync.php os command injection 16.03.2026 9.3
CVE-2026-4164 Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection 17.03.2026 9.3
CVE-2026-4163 Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection 17.03.2026 9.3
CVE-2025-15060 claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability 16.03.2026 9.8
CVE-2026-32621 Apollo Federation has prototype pollution via incomplete key sanitization 16.03.2026 9.9
CVE-2026-32626 AnythingLLM has a Streaming Phase XSS to RCE via LLM Response Injection 16.03.2026 9.7
CVE-2026-31886 Dagu has a Path Traversal via `dagRunId` in Inline DAG Execution 13.03.2026 9.1
CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions 15.03.2026 9.3
CVE-2026-32746 15.03.2026 9.8
CVE-2026-26954 SandboxJS has a Sandbox Escape 16.03.2026 10
CVE-2026-3891 Pix for WooCommerce <= 1.5.0 - Unauthenticated Arbitrary File Upload 13.03.2026 9.8
CVE-2026-22193 wpDiscuz before 7.6.47 - SQL Injection in getAllSubscriptions() 13.03.2026 9.2
CVE-2026-32301 Centrifugo: SSRF via unverified JWT claims interpolated into dynamic JWKS endpoint URL 13.03.2026 9.3
CVE-2026-32304 Locutus: RCE via unsanitized input in create_function() 13.03.2026 9.8
CVE-2026-32306 OneUptime ClickHouse SQL Injection via Aggregate Query Parameters 14.03.2026 10
CVE-2026-3611 Honeywell IQ4x BMS Controller Missing authentication for critical function 13.03.2026 10
CVE-2026-32248 Parse Server: Account takeover via operator injection in authentication data identifier 13.03.2026 9.3
CVE-2026-32251 Tolgee has an XXE Injection in Translation Import 13.03.2026 9.3
CVE-2026-32242 Parse Server OAuth2 adapter shares mutable state across providers via singleton instance 12.03.2026 9.1
CVE-2026-32140 Dataease: Redshift JDBC RCE Bypass 13.03.2026 9.3
CVE-2026-32137 DataEase SQL Injection Vulnerability 13.03.2026 9.3
CVE-2026-28252 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge 13.03.2026 9.2
CVE-2026-28792 Cross-Origin File Exfiltration via CORS Misconfiguration + Path Traversal in TinaCMS 13.03.2026 9.7
CVE-2026-21708 13.03.2026 10
CVE-2026-21666 13.03.2026 10
CVE-2026-21667 13.03.2026 10
CVE-2026-21669 13.03.2026 10
CVE-2026-21671 13.03.2026 9.1
CVE-2026-28384 Authenticated RCE via unsanitized compression_algorithm 13.03.2026 9.4
CVE-2026-32136 AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass 12.03.2026 9.8
CVE-2026-27591 Winter: Privilege escalation by authenticated backend users 12.03.2026 10
CVE-2026-32096 Plunk has SSRF via unvalidated AWS SNS SubscriptionConfirmation in POST /webhooks/sns 12.03.2026 9.3
CVE-2026-27478 Unity Catalog has a JWT Issuer Validation Bypass Allows Complete User Impersonation 12.03.2026 9.1
CVE-2026-31976 xygeni-action v5 tag poisoned with C2 backdoor 12.03.2026 9.3
CVE-2026-31957 Himmelblau unset domain configuration can allow any-tenant authentication at first login for remote deployments 12.03.2026 10
CVE-2026-31896 WeGIA has a Time-Based Blind SQL Injection in remover_produto_ocultar.php 12.03.2026 9.8
CVE-2018-25159 Epross AVCON6 OGNL Remote Code Execution via login.action 11.03.2026 9.3
CVE-2019-25468 NetGain EM Plus 10.1.68 Remote Code Execution via script_test.jsp 11.03.2026 9.3
CVE-2019-25471 FileThingie 2.5.7 Arbitrary File Upload via ft2.php 11.03.2026 9.3
CVE-2019-25487 SAPIDO RB-1732 V2.0.43 Remote Command Execution via formSysCmd 11.03.2026 9.3
CVE-2026-31874 Taskosaur Improper Role Assignment via Parameter Manipulation in User Registration 12.03.2026 9.8
CVE-2026-31877 Frappe SQL Injection due to improper field sanitization 12.03.2026 9.3
CVE-2026-31871 Parse Server has a SQL Injection via dot-notation sub-key name in `Increment` operation on PostgreSQL 12.03.2026 9.3
CVE-2026-31856 Parse Server has a SQL injection via `Increment` operation on nested object field in PostgreSQL 12.03.2026 9.3
CVE-2026-31862 Cloud CLI has Command Injection via Multiple Parameters 12.03.2026 9.1
CVE-2026-31840 Parse Server has a SQL injection via dot-notation field name in PostgreSQL 11.03.2026 9.3
CVE-2026-31852 Jellyfin Possible Organization/Secret Compromise from dangerous CI implementation 11.03.2026 10
CVE-2026-27897 Vociferous Unauthenticated Remote Path Traversal (RCE via CSRF) 11.03.2026 10
CVE-2026-28229 Argo Workflows has unauthorized access to Argo Workflows Template 11.03.2026 9.8
CVE-2026-30903 12.03.2026 9.6
CVE-2026-3826 WellChoose|IFTOP - Local File Inclusion 11.03.2026 9.3
CVE-2023-27573 11.03.2026 9
CVE-2026-24448 11.03.2026 9.3
CVE-2026-27842 11.03.2026 9.3
CVE-2026-23813 Authentication Bypass in Web Interface allows Unauthenticated Admin Password Reset 12.03.2026 9.8
CVE-2026-29515 MiCode FileExplorer SwiFTP Server Authentication Bypass 11.03.2026 9.3
CVE-2026-28806 Improper authorization in device bulk actions and device update API allows cross-organization device control 12.03.2026 9.4
CVE-2026-0124 11.03.2026 10
CVE-2026-30965 Parse Server session token exfiltration via `redirectClassNameForKey` query parameter 11.03.2026 9.9
CVE-2026-30966 Parse Server role escalation and CLP bypass via direct `_Join` table write 11.03.2026 10
CVE-2026-29792 Feathersjs has an OAuth Callback Account Takeover 11.03.2026 9.3
CVE-2026-29793 NoSQL Injection via WebSocket id Parameter in MongoDB Adapter 11.03.2026 9.3
CVE-2025-48611 16.03.2026 10
CVE-2026-28495 GetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.php 10.03.2026 9.7
CVE-2026-27825 MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained download_path in confluence_download_attachment 10.03.2026 9.1
CVE-2026-28292 simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE 11.03.2026 9.8

Latest Updates

CVE Title Updated Score
CVE-2026-4147 Stack memory disclosure in filemd5 command 17.03.2026
CVE-2026-4148 ExpressionContext use-after-free in classic engine $lookup and $graphLookup aggregation operators 17.03.2026
CVE-2026-21886 OpenCTI's GraphQL Mutations Allow Deletion of Unrelated Entities 17.03.2026 6.5
CVE-2026-23759 Perle IOLAN STS/SCS Authenticated Command Injection via 'shell ps' 17.03.2026
CVE-2026-24901 Outline's IDOR allows unauthorized viewing and seizing of private deleted drafts 17.03.2026 8.1
CVE-2026-28506 Outline's Information Disclosure in Activity Logs allows User Enumeration of Private Drafts 17.03.2026 4.3
CVE-2026-3564 ScreenConnect Instance Level Cryptographic Material Exposure 17.03.2026 9
CVE-2026-4318 UTT HiPER 810G formApLbConfig strcpy buffer overflow 17.03.2026
CVE-2025-13406 Scanning for higher HART revision device leads into NULL pointer dereference in live list 17.03.2026
CVE-2026-3888 Local Privilege Escalation in snapd 17.03.2026 7.8
CVE-2026-4324 Rubygem-katello: katello: denial of service and potential information disclosure via sql injection 17.03.2026
CVE-2025-62320 HTML Injection Leading to Data Exfiltration to External Server vulnerability affects HCL Unica Platform 17.03.2026 4.7
CVE-2025-31966 Boolean-Based SQL Injection in Multiple Unica Components 17.03.2026 2.7
CVE-2026-4271 Libsoup: libsoup: denial of service via use-after-free in http/2 server 17.03.2026
CVE-2026-26929 Apache Airflow: Wildcard DagVersion Listing Bypasses Per‑DAG RBAC and Leaks Metadata 17.03.2026
CVE-2026-28563 Apache Airflow: DAG authorization bypass 17.03.2026
CVE-2026-30911 Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization 17.03.2026
CVE-2026-28779 Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications 17.03.2026
CVE-2026-3632 Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames 17.03.2026
CVE-2026-3633 Libsoup: libsoup: header and http request injection via crlf injection 17.03.2026
CVE-2026-3634 Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header 17.03.2026
CVE-2025-71239 audit: add fchmodat2() to change attributes class 17.03.2026
CVE-2026-23241 audit: add missing syscalls to read class 17.03.2026
CVE-2026-1323 Insecure Deserialization in extension "Mailqueue" (mailqueue) 17.03.2026
CVE-2026-4202 Broken Access Control in extension "Redirect Tab" 17.03.2026
CVE-2026-4208 Authentication Bypass in extension "E-Mail MFA Provider" (mfa_email) 17.03.2026
CVE-2026-32586 WordPress Booster for WooCommerce plugin < 7.11.3 - Broken Access Control vulnerability 17.03.2026 5.3
CVE-2026-4312 DrangSoft|GCB/FCB Audit Software - Missing Authentication 17.03.2026
CVE-2026-3237 17.03.2026
CVE-2026-4258 17.03.2026 7.5
CVE-2026-2373 Royal Addons for Elementor – Addons and Templates Kit for Elementor <= 1.7.1049 - Missing Authorization to Unauthenticated Custom Post Type Contents Exposure 17.03.2026 5.3
CVE-2026-4307 frdel/agent0ai agent-zero files.py get_abs_path path traversal 17.03.2026
CVE-2026-4308 frdel/agent0ai agent-zero document_query.py handle_pdf_document server-side request forgery 17.03.2026
CVE-2026-0708 Libucl: libucl: denial of service via embedded null byte in ucl input 17.03.2026
CVE-2026-2579 WowStore – Store Builder & Product Blocks for WooCommerce <= 4.4.3 - Unauthenticated SQL Injection via 'search' Parameter 17.03.2026 7.5
CVE-2026-4288 Tiandy Easy7 Integrated Management Platform Endpoint getDevDetailedInfo sql injection 17.03.2026
CVE-2026-4289 Tiandy Easy7 Integrated Management Platform getRecByTemplateId sql injection 17.03.2026
CVE-2026-4287 Tiandy Easy7 Integrated Management Platform Endpoint queryResources sql injection 17.03.2026
CVE-2026-4285 taoofagi easegen-admin Pdf2MdUtil.java recognizeMarkdown path traversal 17.03.2026
CVE-2026-4284 taoofagi easegen-admin PPT File PPTUtil.java downloadFile server-side request forgery 17.03.2026
CVE-2026-4177 YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter 17.03.2026
CVE-2026-21991 17.03.2026 5.5
CVE-2025-69902 17.03.2026
CVE-2026-29522 ZwickRoell Test Data Management < 3.0.8 Path Traversal LFI 17.03.2026
CVE-2026-1629 Permalink Preview Information Disclosure After Permission Revocation 17.03.2026 4.3
CVE-2026-26230 Team Admin Privilege Escalation to Demote Members to Guest 17.03.2026 3.8
CVE-2025-50881 17.03.2026
CVE-2026-2454 DoS in Calls plugin via malformed msgpack in websocket request. 17.03.2026 5.8
CVE-2025-68971 17.03.2026
CVE-2026-26304 Permission Bypass in Playbook Run Creation 17.03.2026 4.3
CVE-2026-30882 Chamilo LMS: Reflected XSS in the session category listing page 16.03.2026 6.1
CVE-2025-69693 16.03.2026
CVE-2026-28430 Chamilo LMS Vulnerable to Unauthenticated SQL Injection in chamiko-lms model.ajax.php 17.03.2026
CVE-2026-29516 Buffalo TeraStation TS5400R Excessive File Permissions Information Disclosure 17.03.2026
CVE-2026-30875 Chamilo LMS: Authenticated RCE via H5P Import 16.03.2026 8.8
CVE-2026-30876 Chamilo LMS: User enumeration vulnerability via response 16.03.2026
CVE-2026-30881 Chamilo LMS: SQL Injection in the statistics AJAX endpoint 16.03.2026 8.8
CVE-2026-32262 Craft CMS has a Path Traversal Vulnerability in AssetsController 17.03.2026
CVE-2026-32263 Craft CMS vulnerable to behavior injection RCE via EntryTypesController 17.03.2026
CVE-2026-32264 Craft CMS vulnerable to behavior injection RCE ElementIndexesController and FieldsController 17.03.2026
CVE-2026-32267 Craft CMS Vulnerable to Privilege Escalation/Bypass through UsersController->actionImpersonateWithToken() 17.03.2026
CVE-2025-69808 16.03.2026
CVE-2025-69809 16.03.2026
CVE-2026-32261 RCE via SSTI for users with permissions to access the Craft CMS Webhooks plugin 16.03.2026