CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2025-15060 claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability 13.03.2026 9.8
CVE-2026-32621 Apollo Federation has prototype pollution via incomplete key sanitization 13.03.2026 9.9
CVE-2026-32626 AnythingLLM has a Streaming Phase XSS to RCE via LLM Response Injection 13.03.2026 9.7
CVE-2026-31886 Dagu has a Path Traversal via `dagRunId` in Inline DAG Execution 13.03.2026 9.1
CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions 14.03.2026 9.3
CVE-2026-32746 14.03.2026 9.8
CVE-2026-26954 SandboxJS has a Sandbox Escape 13.03.2026 10
CVE-2026-3891 Pix for WooCommerce <= 1.5.0 - Unauthenticated Arbitrary File Upload 13.03.2026 9.8
CVE-2026-22193 wpDiscuz before 7.6.47 - SQL Injection in getAllSubscriptions() 13.03.2026 9.2
CVE-2026-32301 Centrifugo: SSRF via unverified JWT claims interpolated into dynamic JWKS endpoint URL 13.03.2026 9.3
CVE-2026-32304 Locutus: RCE via unsanitized input in create_function() 13.03.2026 9.8
CVE-2026-32306 OneUptime ClickHouse SQL Injection via Aggregate Query Parameters 14.03.2026 10
CVE-2026-3611 Honeywell IQ4x BMS Controller Missing authentication for critical function 13.03.2026 10
CVE-2026-32248 Parse Server: Account takeover via operator injection in authentication data identifier 13.03.2026 9.3
CVE-2026-32251 Tolgee has an XXE Injection in Translation Import 13.03.2026 9.3
CVE-2026-32242 Parse Server OAuth2 adapter shares mutable state across providers via singleton instance 12.03.2026 9.1
CVE-2026-32140 Dataease: Redshift JDBC RCE Bypass 13.03.2026 9.3
CVE-2026-32137 DataEase SQL Injection Vulnerability 13.03.2026 9.3
CVE-2026-28252 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge 13.03.2026 9.2
CVE-2026-28792 Cross-Origin File Exfiltration via CORS Misconfiguration + Path Traversal in TinaCMS 13.03.2026 9.7
CVE-2026-21708 13.03.2026 10
CVE-2026-21666 13.03.2026 10
CVE-2026-21667 13.03.2026 10
CVE-2026-21669 13.03.2026 10
CVE-2026-21671 13.03.2026 9.1
CVE-2026-28384 Authenticated RCE via unsanitized compression_algorithm 13.03.2026 9.4
CVE-2026-32136 AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass 12.03.2026 9.8
CVE-2026-27591 Winter: Privilege escalation by authenticated backend users 12.03.2026 10
CVE-2026-32096 Plunk has SSRF via unvalidated AWS SNS SubscriptionConfirmation in POST /webhooks/sns 12.03.2026 9.3
CVE-2026-27478 Unity Catalog has a JWT Issuer Validation Bypass Allows Complete User Impersonation 12.03.2026 9.1
CVE-2026-31976 xygeni-action v5 tag poisoned with C2 backdoor 12.03.2026 9.3
CVE-2026-31957 Himmelblau unset domain configuration can allow any-tenant authentication at first login for remote deployments 12.03.2026 10
CVE-2026-31896 WeGIA has a Time-Based Blind SQL Injection in remover_produto_ocultar.php 12.03.2026 9.8
CVE-2018-25159 Epross AVCON6 OGNL Remote Code Execution via login.action 11.03.2026 9.3
CVE-2019-25468 NetGain EM Plus 10.1.68 Remote Code Execution via script_test.jsp 11.03.2026 9.3
CVE-2019-25471 FileThingie 2.5.7 Arbitrary File Upload via ft2.php 11.03.2026 9.3
CVE-2019-25487 SAPIDO RB-1732 V2.0.43 Remote Command Execution via formSysCmd 11.03.2026 9.3
CVE-2026-31874 Taskosaur Improper Role Assignment via Parameter Manipulation in User Registration 12.03.2026 9.8
CVE-2026-31877 Frappe SQL Injection due to improper field sanitization 12.03.2026 9.3
CVE-2026-31871 Parse Server has a SQL Injection via dot-notation sub-key name in `Increment` operation on PostgreSQL 12.03.2026 9.3
CVE-2026-31856 Parse Server has a SQL injection via `Increment` operation on nested object field in PostgreSQL 12.03.2026 9.3
CVE-2026-31862 Cloud CLI has Command Injection via Multiple Parameters 12.03.2026 9.1
CVE-2026-31840 Parse Server has a SQL injection via dot-notation field name in PostgreSQL 11.03.2026 9.3
CVE-2026-31852 Jellyfin Possible Organization/Secret Compromise from dangerous CI implementation 11.03.2026 10
CVE-2026-27897 Vociferous Unauthenticated Remote Path Traversal (RCE via CSRF) 11.03.2026 10
CVE-2026-28229 Argo Workflows has unauthorized access to Argo Workflows Template 11.03.2026 9.8
CVE-2026-30903 12.03.2026 9.6
CVE-2026-3826 WellChoose|IFTOP - Local File Inclusion 11.03.2026 9.3
CVE-2023-27573 11.03.2026 9
CVE-2026-24448 11.03.2026 9.3
CVE-2026-27842 11.03.2026 9.3
CVE-2026-23813 Authentication Bypass in Web Interface allows Unauthenticated Admin Password Reset 12.03.2026 9.8
CVE-2026-29515 MiCode FileExplorer SwiFTP Server Authentication Bypass 11.03.2026 9.3
CVE-2026-28806 Improper authorization in device bulk actions and device update API allows cross-organization device control 12.03.2026 9.4
CVE-2026-0124 11.03.2026 10
CVE-2026-30965 Parse Server session token exfiltration via `redirectClassNameForKey` query parameter 11.03.2026 9.9
CVE-2026-30966 Parse Server role escalation and CLP bypass via direct `_Join` table write 11.03.2026 10
CVE-2026-29792 Feathersjs has an OAuth Callback Account Takeover 11.03.2026 9.3
CVE-2026-29793 NoSQL Injection via WebSocket id Parameter in MongoDB Adapter 11.03.2026 9.3
CVE-2025-48611 11.03.2026 10
CVE-2026-28495 GetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.php 10.03.2026 9.7
CVE-2026-27825 MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained download_path in confluence_download_attachment 10.03.2026 9.1
CVE-2026-28292 simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE 11.03.2026 9.8
CVE-2026-30960 RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface 10.03.2026 9.4
CVE-2026-30956 OneUptime has authorization bypass via client‑controlled is-multi-tenant-query header 10.03.2026 10
CVE-2026-30957 OneUptime Synthetic Monitor RCE via exposed Playwright browser object 10.03.2026 10
CVE-2025-40943 13.03.2026 9.4
CVE-2026-3843 SQL Injection in Nefteprodukttekhnika BUK TS-G Allows Remote Code Execution 10.03.2026 9.3
CVE-2025-41709 Command injection in power analyzer via Modbus-TCP and Modbus-RTU 10.03.2026 9.8
CVE-2026-0953 Tutor LMS Pro <= 3.9.5 - Authentication Bypass via Social Login 10.03.2026 9.8
CVE-2026-27685 Insecure Deserialization in SAP NetWeaver Enterprise Portal Administration 11.03.2026 9.1
CVE-2026-30921 OneUptime Synthetic Monitor RCE via exposed Playwright browser object 10.03.2026 10
CVE-2026-30887 OneUptime Affected by Unsandboxed Code Execution in Probe Allows Any Project Member to Achieve RCE 10.03.2026 10
CVE-2026-30862 Critical Stored XSS & Privilege Escalation in Appsmith 10.03.2026 9.1
CVE-2026-30869 SiYuan has a Path Traversal in /export Endpoint Allows Arbitrary File Read and Secret Leakage 10.03.2026 9.3
CVE-2025-11158 Hitachi Vantara Pentaho Data Integration & Analytics - Missing Authorization 10.03.2026 9.1
CVE-2026-28431 Misskey lacks proper authorization checks and input validation 10.03.2026 9.2
CVE-2026-30240 Budibase PWA ZIP Upload Path Traversal Allows Reading Arbitrary Server Files Including All Environment Secrets 10.03.2026 9.6
CVE-2026-31816 Budibase Universal Auth Bypass via Webhook Query Param Injection 10.03.2026 9.1
CVE-2025-41764 Unchecked role in wwwupdate.cgi 09.03.2026 9.1
CVE-2025-41765 Unchecked role in wwwupload.cgi 09.03.2026 9.1
CVE-2026-3823 Atop Technologies|EHG2408 series switch - Stack-based Buffer Overflow 09.03.2026 9.3
CVE-2026-3630 Stack-based Buffer Overflow Vulnerability in COMMGR2 09.03.2026 9.8
CVE-2026-3703 Wavlink NU516U1 login.cgi sub_401A10 out-of-bounds write 10.03.2026 9.3

Latest Updates

CVE Title Updated Score
CVE-2026-1870 Thim Kit for Elementor <= 1.3.7 - Missing Authorization to Unauthenticated Private Course Disclosure 14.03.2026 5.3
CVE-2025-54920 Apache Spark: Spark History Server Code Execution Vulnerability 14.03.2026
CVE-2026-1948 NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.9 - Missing Authorization to Authenticated (Subscriber+) License Deactivation via deactivate_license 14.03.2026 4.3
CVE-2026-0385 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability 14.03.2026 5
CVE-2026-32724 PX4 autopilot has a heap Use-After-Free in MavlinkShell::available() via SERIAL_CONTROL Race Condition 13.03.2026 5.3
CVE-2026-32729 Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp` 13.03.2026 8.1
CVE-2026-32732 XSS in @leanprover/unicode-input-component 13.03.2026
CVE-2026-3227 Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N 13.03.2026
CVE-2026-32708 Zenoh uORB Subscriber Allows Arbitrary Stack Allocation (PX4/PX4-Autopilot) 13.03.2026 7.8
CVE-2026-32709 PX4 Autopilot MAVLink FTP Unauthenticated Path Traversal (Arbitrary File Read/Write/Delete) 13.03.2026 5.4
CVE-2026-32713 PX4 Autopilot MAVLink FTP Session Validation Logic Error Allows Operations on Invalid File Descriptors 13.03.2026 4.3
CVE-2026-32715 AnythingLLM Manager Privilege Bypass Allows Access to Admin-Only System Preferences 13.03.2026 3.8
CVE-2026-32717 AnythingLLM access control bypass: suspended users can continue using Browser Extension API keys 13.03.2026 2.7
CVE-2026-32719 AnythingLLM has a Zip Slip Path Traversal and Code Execution via Community Hub Plugin Import 13.03.2026 4.2
CVE-2026-32720 Improper Access Control in github.com/ctfer-io/monitoring 13.03.2026
CVE-2026-26133 M365 Copilot Information Disclosure Vulnerability 13.03.2026 7.1
CVE-2026-32616 Pigeon has a Host Header Injection in email verification flow 13.03.2026 8.2
CVE-2026-32640 (SimpleEval) Objects (including modules) can leak dangerous modules through to direct access inside the sandbox. 13.03.2026
CVE-2026-32702 Cleanuparr has Username Enumeration via Timing Attack 13.03.2026
CVE-2026-32704 SiYuan renderSprig: missing admin check allows any user to read full workspace DB 13.03.2026 6.5
CVE-2026-32705 PX4 autopilot BST Device Name Length Can Overflow Driver Buffer 13.03.2026 6.8
CVE-2026-32706 PX4 autopilot has a global buffer overflow in crsf_rc via oversized variable-length known packet 13.03.2026 7.1
CVE-2026-32707 PX4 autopilot has a stack buffer overflow in tattu_can due to unbounded memcpy in frame assembly loop 13.03.2026 5.2
CVE-2026-32628 AnythingLLM has SQL Injection in Built-in SQL Agent Plugin via Unsanitized table_name Parameter 13.03.2026
CVE-2026-32630 file-type affected by ZIP Decompression Bomb DoS via [Content_Types].xml entry 13.03.2026 5.3
CVE-2026-32635 Angular has XSS in i18n attribute bindings 13.03.2026
CVE-2026-32772 13.03.2026 3.4
CVE-2025-15060 claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability 13.03.2026
CVE-2026-2491 Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability 13.03.2026
CVE-2026-2493 IceWarp collaboration Directory Traversal Information Disclosure Vulnerability 13.03.2026
CVE-2026-2920 GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-2921 GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-2922 GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability 13.03.2026
CVE-2026-2923 GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability 13.03.2026
CVE-2026-32627 cpp-httplib has a Silent TLS Certificate Verification Bypass on HTTPS Redirect via Proxy 13.03.2026 8.7
CVE-2026-3081 GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3082 GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3083 GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3084 GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3085 GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3086 GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3555 Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3556 Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3557 Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3558 Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability 13.03.2026
CVE-2026-3559 Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability 13.03.2026
CVE-2026-3560 Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3561 Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3562 Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability 13.03.2026
CVE-2026-3838 Unraid Update Request Path Traversal Remote Code Execution Vulnerability 13.03.2026
CVE-2026-3839 Unraid Authentication Request Path Traversal Authentication Bypass Vulnerability 13.03.2026
CVE-2026-32621 Apollo Federation has prototype pollution via incomplete key sanitization 13.03.2026 9.9
CVE-2026-0977 IBM CICS Transaction Gateway for Multiplatforms Information Disclosure 13.03.2026 5.1
CVE-2026-32614 Go ShangMi SM9 Infinity-Point Ciphertext Forgery Vulnerability 13.03.2026 7.5
CVE-2026-32617 AnythingLLM Permissable CORS policy 13.03.2026 7.1
CVE-2026-32626 AnythingLLM has a Streaming Phase XSS to RCE via LLM Response Injection 13.03.2026 9.7
CVE-2025-13212 IBM Aspera Console Denial of Service 13.03.2026 5.3
CVE-2025-13459 IBM Aspera Console Denial of Service 13.03.2026 2.7
CVE-2025-13460 IBM Aspera Console Information Disclosure 13.03.2026 5.3
CVE-2026-32313 xmlseclibs is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption 13.03.2026 8.2
CVE-2026-32314 Yamux remote Panic via malformed Data frame with SYN set and len = 262145 13.03.2026
CVE-2026-32594 Parse Server GraphQL WebSocket endpoint bypasses security middleware 13.03.2026
CVE-2026-32600 xml-security is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption 13.03.2026 8.2
CVE-2025-36368 IBM Sterling B2B Integrator and IBM Sterling File Gateway SQL Injection 13.03.2026 6.5
CVE-2026-31899 CairoSVG vulnerable to Exponential DoS via recursive <use> element amplification 13.03.2026 7.5
CVE-2026-31944 LibreChat MCP OAuth callback does not validate browser session — allows token theft via redirect link 13.03.2026 7.6
CVE-2026-31949 LibreChat Denial of Service (DoS) via Unhandled Exception in DELETE /api/convos 13.03.2026 6.5
CVE-2023-40693 IBM Sterling B2B Integrator and IBM Sterling File Gateway Cross-Site Scripting 13.03.2026 5.4
CVE-2026-31864 JumpServer has a Server-Side Template Injection Leading to RCE via YAML Rendering 13.03.2026 6.8
CVE-2026-31882 Dagu SSE Authentication Bypass in Basic Auth Mode 13.03.2026 7.5
CVE-2026-31886 Dagu has a Path Traversal via `dagRunId` in Inline DAG Execution 13.03.2026 9.1
CVE-2025-14483 IBM Sterling B2B Integrator and IBM Sterling File Gateway Information Disclosure 13.03.2026 4.3
CVE-2025-14504 IBM Sterling B2B Integrator and IBM Sterling File Gateway Cross-Site Scripting 13.03.2026 5.4
CVE-2026-30914 SFTPGo has a Path Traversal and Permission Bypass via Path Normalization Discrepancy 13.03.2026
CVE-2026-30915 SFTPGo improperly sanitizes placeholders in group home directories/key prefixes 13.03.2026
CVE-2026-30943 Gokapi has Privilege Escalation in File Replace 13.03.2026 4.1
CVE-2026-30955 Gokapi vulnerable to DoS in E2E Metadata Parser 13.03.2026 6.5
CVE-2026-30961 Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload 13.03.2026 4.3
CVE-2026-31798 JumpServer Improper Certificate Validation in Custom SMS API Client 13.03.2026 5
CVE-2026-31814 Yamux remote Panic via malformed WindowUpdate credit 13.03.2026
CVE-2026-0835 13.03.2026 5.4
CVE-2026-30853 calibre has a Path Traversal Leading to Arbitrary File Write 13.03.2026 5
CVE-2025-12453 Improper neutralization of input during web page generation vulnerability has been discovered in OpenText™ Vertica. 13.03.2026
CVE-2025-12454 Improper neutralization of input during web page generation vulnerability has been discovered in OpenText™ Vertica. 13.03.2026
CVE-2025-12455 Username Enumeration Observable Response Discrepancy vulnerability has been discovered in OpenText™ Vertica. 13.03.2026
CVE-2025-13702 IBM Sterling Partner Engagement Manager Cross-Site Scripting 13.03.2026 6.1
CVE-2025-13718 IBM Sterling Partner Engagement Manager Information Disclosure 13.03.2026 3.7
CVE-2025-13723 IBM Sterling Partner Engagement Manager Information Disclosure 13.03.2026 5.3
CVE-2025-13726 IBM Sterling Partner Engagement Manager Information Disclosure 13.03.2026 5.3
CVE-2025-71263 13.03.2026 7.4