CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2016-20024 ZKTeco ZKTime.Net 3.0.1.6 Insecure File Permissions Privilege Escalation 15.03.2026 9.3
CVE-2016-20026 ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote Code Execution 15.03.2026 9.3
CVE-2016-20030 ZKTeco ZKBioSecurity 3.0 User Enumeration via authLoginAction 15.03.2026 9.3
CVE-2026-4170 Topsec TopACM HTTP Request nmc_sync.php os command injection 15.03.2026 9.3
CVE-2026-4164 Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection 15.03.2026 9.3
CVE-2026-4163 Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection 14.03.2026 9.3
CVE-2025-15060 claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability 13.03.2026 9.8
CVE-2026-32621 Apollo Federation has prototype pollution via incomplete key sanitization 13.03.2026 9.9
CVE-2026-32626 AnythingLLM has a Streaming Phase XSS to RCE via LLM Response Injection 13.03.2026 9.7
CVE-2026-31886 Dagu has a Path Traversal via `dagRunId` in Inline DAG Execution 13.03.2026 9.1
CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions 15.03.2026 9.3
CVE-2026-32746 15.03.2026 9.8
CVE-2026-26954 SandboxJS has a Sandbox Escape 13.03.2026 10
CVE-2026-3891 Pix for WooCommerce <= 1.5.0 - Unauthenticated Arbitrary File Upload 13.03.2026 9.8
CVE-2026-22193 wpDiscuz before 7.6.47 - SQL Injection in getAllSubscriptions() 13.03.2026 9.2
CVE-2026-32301 Centrifugo: SSRF via unverified JWT claims interpolated into dynamic JWKS endpoint URL 13.03.2026 9.3
CVE-2026-32304 Locutus: RCE via unsanitized input in create_function() 13.03.2026 9.8
CVE-2026-32306 OneUptime ClickHouse SQL Injection via Aggregate Query Parameters 14.03.2026 10
CVE-2026-3611 Honeywell IQ4x BMS Controller Missing authentication for critical function 13.03.2026 10
CVE-2026-32248 Parse Server: Account takeover via operator injection in authentication data identifier 13.03.2026 9.3
CVE-2026-32251 Tolgee has an XXE Injection in Translation Import 13.03.2026 9.3
CVE-2026-32242 Parse Server OAuth2 adapter shares mutable state across providers via singleton instance 12.03.2026 9.1
CVE-2026-32140 Dataease: Redshift JDBC RCE Bypass 13.03.2026 9.3
CVE-2026-32137 DataEase SQL Injection Vulnerability 13.03.2026 9.3
CVE-2026-28252 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge 13.03.2026 9.2
CVE-2026-28792 Cross-Origin File Exfiltration via CORS Misconfiguration + Path Traversal in TinaCMS 13.03.2026 9.7
CVE-2026-21708 13.03.2026 10
CVE-2026-21666 13.03.2026 10
CVE-2026-21667 13.03.2026 10
CVE-2026-21669 13.03.2026 10
CVE-2026-21671 13.03.2026 9.1
CVE-2026-28384 Authenticated RCE via unsanitized compression_algorithm 13.03.2026 9.4
CVE-2026-32136 AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass 12.03.2026 9.8
CVE-2026-27591 Winter: Privilege escalation by authenticated backend users 12.03.2026 10
CVE-2026-32096 Plunk has SSRF via unvalidated AWS SNS SubscriptionConfirmation in POST /webhooks/sns 12.03.2026 9.3
CVE-2026-27478 Unity Catalog has a JWT Issuer Validation Bypass Allows Complete User Impersonation 12.03.2026 9.1
CVE-2026-31976 xygeni-action v5 tag poisoned with C2 backdoor 12.03.2026 9.3
CVE-2026-31957 Himmelblau unset domain configuration can allow any-tenant authentication at first login for remote deployments 12.03.2026 10
CVE-2026-31896 WeGIA has a Time-Based Blind SQL Injection in remover_produto_ocultar.php 12.03.2026 9.8
CVE-2018-25159 Epross AVCON6 OGNL Remote Code Execution via login.action 11.03.2026 9.3
CVE-2019-25468 NetGain EM Plus 10.1.68 Remote Code Execution via script_test.jsp 11.03.2026 9.3
CVE-2019-25471 FileThingie 2.5.7 Arbitrary File Upload via ft2.php 11.03.2026 9.3
CVE-2019-25487 SAPIDO RB-1732 V2.0.43 Remote Command Execution via formSysCmd 11.03.2026 9.3
CVE-2026-31874 Taskosaur Improper Role Assignment via Parameter Manipulation in User Registration 12.03.2026 9.8
CVE-2026-31877 Frappe SQL Injection due to improper field sanitization 12.03.2026 9.3
CVE-2026-31871 Parse Server has a SQL Injection via dot-notation sub-key name in `Increment` operation on PostgreSQL 12.03.2026 9.3
CVE-2026-31856 Parse Server has a SQL injection via `Increment` operation on nested object field in PostgreSQL 12.03.2026 9.3
CVE-2026-31862 Cloud CLI has Command Injection via Multiple Parameters 12.03.2026 9.1
CVE-2026-31840 Parse Server has a SQL injection via dot-notation field name in PostgreSQL 11.03.2026 9.3
CVE-2026-31852 Jellyfin Possible Organization/Secret Compromise from dangerous CI implementation 11.03.2026 10
CVE-2026-27897 Vociferous Unauthenticated Remote Path Traversal (RCE via CSRF) 11.03.2026 10
CVE-2026-28229 Argo Workflows has unauthorized access to Argo Workflows Template 11.03.2026 9.8
CVE-2026-30903 12.03.2026 9.6
CVE-2026-3826 WellChoose|IFTOP - Local File Inclusion 11.03.2026 9.3
CVE-2023-27573 11.03.2026 9
CVE-2026-24448 11.03.2026 9.3
CVE-2026-27842 11.03.2026 9.3
CVE-2026-23813 Authentication Bypass in Web Interface allows Unauthenticated Admin Password Reset 12.03.2026 9.8
CVE-2026-29515 MiCode FileExplorer SwiFTP Server Authentication Bypass 11.03.2026 9.3
CVE-2026-28806 Improper authorization in device bulk actions and device update API allows cross-organization device control 12.03.2026 9.4
CVE-2026-0124 11.03.2026 10
CVE-2026-30965 Parse Server session token exfiltration via `redirectClassNameForKey` query parameter 11.03.2026 9.9
CVE-2026-30966 Parse Server role escalation and CLP bypass via direct `_Join` table write 11.03.2026 10
CVE-2026-29792 Feathersjs has an OAuth Callback Account Takeover 11.03.2026 9.3
CVE-2026-29793 NoSQL Injection via WebSocket id Parameter in MongoDB Adapter 11.03.2026 9.3
CVE-2025-48611 11.03.2026 10
CVE-2026-28495 GetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.php 10.03.2026 9.7
CVE-2026-27825 MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained download_path in confluence_download_attachment 10.03.2026 9.1
CVE-2026-28292 simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE 11.03.2026 9.8
CVE-2026-30960 RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface 10.03.2026 9.4
CVE-2026-30956 OneUptime has authorization bypass via client‑controlled is-multi-tenant-query header 10.03.2026 10
CVE-2026-30957 OneUptime Synthetic Monitor RCE via exposed Playwright browser object 10.03.2026 10
CVE-2025-40943 13.03.2026 9.4
CVE-2026-3843 SQL Injection in Nefteprodukttekhnika BUK TS-G Allows Remote Code Execution 10.03.2026 9.3
CVE-2025-41709 Command injection in power analyzer via Modbus-TCP and Modbus-RTU 10.03.2026 9.8
CVE-2026-0953 Tutor LMS Pro <= 3.9.5 - Authentication Bypass via Social Login 10.03.2026 9.8
CVE-2026-27685 Insecure Deserialization in SAP NetWeaver Enterprise Portal Administration 11.03.2026 9.1
CVE-2026-30921 OneUptime Synthetic Monitor RCE via exposed Playwright browser object 10.03.2026 10
CVE-2026-30887 OneUptime Affected by Unsandboxed Code Execution in Probe Allows Any Project Member to Achieve RCE 10.03.2026 10
CVE-2026-30862 Critical Stored XSS & Privilege Escalation in Appsmith 10.03.2026 9.1
CVE-2026-30869 SiYuan has a Path Traversal in /export Endpoint Allows Arbitrary File Read and Secret Leakage 10.03.2026 9.3
CVE-2025-11158 Hitachi Vantara Pentaho Data Integration & Analytics - Missing Authorization 10.03.2026 9.1
CVE-2026-28431 Misskey lacks proper authorization checks and input validation 10.03.2026 9.2
CVE-2026-30240 Budibase PWA ZIP Upload Path Traversal Allows Reading Arbitrary Server Files Including All Environment Secrets 10.03.2026 9.6
CVE-2026-31816 Budibase Universal Auth Bypass via Webhook Query Param Injection 10.03.2026 9.1
CVE-2025-41764 Unchecked role in wwwupdate.cgi 09.03.2026 9.1
CVE-2025-41765 Unchecked role in wwwupload.cgi 09.03.2026 9.1
CVE-2026-3823 Atop Technologies|EHG2408 series switch - Stack-based Buffer Overflow 09.03.2026 9.3
CVE-2026-3630 Stack-based Buffer Overflow Vulnerability in COMMGR2 09.03.2026 9.8

Latest Updates

CVE Title Updated Score
CVE-2016-20024 ZKTeco ZKTime.Net 3.0.1.6 Insecure File Permissions Privilege Escalation 15.03.2026
CVE-2016-20025 ZKTeco ZKAccess Professional 3.5.3 Privilege Escalation via Insecure Permissions 15.03.2026
CVE-2016-20026 ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote Code Execution 15.03.2026
CVE-2016-20027 ZKTeco ZKBioSecurity 3.0 Multiple Reflected XSS Vulnerabilities 15.03.2026
CVE-2016-20028 ZKTeco ZKBioSecurity 3.0 Cross-Site Request Forgery Superadmin 15.03.2026
CVE-2016-20029 ZKTeco ZKBioSecurity 3.0 File Path Manipulation Vulnerability 15.03.2026
CVE-2016-20030 ZKTeco ZKBioSecurity 3.0 User Enumeration via authLoginAction 15.03.2026
CVE-2016-20031 ZKTeco ZKBioSecurity 3.0 Local Authorization Bypass via visLogin.jsp 15.03.2026
CVE-2016-20032 ZKTeco ZKAccess Security System 5.3.1 Stored XSS 15.03.2026
CVE-2026-28519 arduino-TuyaOpen DnsServer Heap-Based Buffer Overflow Remote Code Execution 15.03.2026
CVE-2026-28520 arduino-TuyaOpen WiFiMulti Single-Byte Buffer Overflow Remote Code Execution 15.03.2026
CVE-2026-28521 arduino-TuyaOpen TuyaIoT Out-of-Bounds Memory Read Information Disclosure 15.03.2026
CVE-2026-28522 arduino-TuyaOpen WiFiUDP Null Pointer Dereference Denial of Service 15.03.2026
CVE-2026-4180 D-Link DIR-816 goahead redirect.asp access control 15.03.2026
CVE-2026-4174 Radare2 Mach-O File mach0.c walk_exports_trie resource consumption 15.03.2026
CVE-2026-4175 Aureus ERP Chatter Message content-text-entry.blade.php cross site scripting 15.03.2026
CVE-2025-14287 Command Injection in mlflow/mlflow 15.03.2026
CVE-2026-4173 CodePhiliaX Chat2DB Database Export DMDBManage.java updateProcedure sql injection 15.03.2026
CVE-2026-4172 TRENDnet TEW-632BRP HTTP POST Request ping_response.cgi stack-based overflow 15.03.2026
CVE-2026-4171 CodeGenieApp serverless-express API Endpoint TodoList.ts authorization 15.03.2026
CVE-2026-4170 Topsec TopACM HTTP Request nmc_sync.php os command injection 15.03.2026
CVE-2026-4168 Tecnick TCExam Group tce_edit_group.php cross site scripting 15.03.2026
CVE-2026-4169 Tecnick TCExam XML Export tce_xml_users.php F_xml_export_users cross site scripting 15.03.2026
CVE-2026-4166 Wavlink WL-NU516U1 login.cgi sub_404F68 cross site scripting 15.03.2026
CVE-2026-4167 Belkin F9K1122 formReboot stack-based overflow 15.03.2026
CVE-2026-4165 Worksuite HR, CRM and Project Management create cross site scripting 15.03.2026
CVE-2026-4164 Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection 15.03.2026
CVE-2026-2233 User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.2.8 - Missing Authorization to Unauthenticated Arbitrary Post Modification via 'post_id' Parameter 15.03.2026 5.3
CVE-2026-1883 Wicked Folders <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Folder Deletion 15.03.2026 4.3
CVE-2026-1947 NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.9 - Missing Authorization to Unauthenticated Arbitrary Form Entry Modification via nf_set_entry_update_id 15.03.2026 7.5
CVE-2026-3441 Binutils: gnu binutils: information disclosure via specially crafted xcoff object file 15.03.2026
CVE-2026-3442 Binutils: gnu binutils: information disclosure or denial of service via out-of-bounds read in bfd linker 15.03.2026
CVE-2026-4163 Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection 14.03.2026
CVE-2026-4179 stm32: usb: Infinite while loop in Interrupt Handler 14.03.2026 6.1
CVE-2026-32774 Vulnogram - Stored Cross-Site Scripting via Comment Hypertext 14.03.2026
CVE-2026-0849 crypto: ATAES132A response length allows stack buffer overflow 14.03.2026 3.8