CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-32915 OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Subagent Control Surface 29.03.2026 9.3
CVE-2026-32918 OpenClaw < 2026.3.11 - Session Sandbox Escape via session_status Tool 29.03.2026 9.2
CVE-2026-32922 OpenClaw < 2026.3.11 - Privilege Escalation via Unvalidated Scope in device.token.rotate 29.03.2026 9.4
CVE-2026-32978 OpenClaw < 2026.3.11 - Approval Bypass via Unrecognized Script Runners 29.03.2026 9.4
CVE-2026-32987 OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing 29.03.2026 9.3
CVE-2016-20049 JAD 1.5.8e-1kali1 Stack-Based Buffer Overflow Remote Code Execution 28.03.2026 9.3
CVE-2017-20225 TiEmu 2.08 Stack-Based Buffer Overflow Vulnerability 28.03.2026 9.3
CVE-2017-20227 JAD 1.5.8e-1kali1 Stack-Based Buffer Overflow 28.03.2026 9.3
CVE-2017-20229 MAWK 1.3.3-17 Stack-Based Buffer Overflow 28.03.2026 9.3
CVE-2018-25220 Bochs 2.6-5 Buffer Overflow Remote Code Execution 28.03.2026 9.3
CVE-2018-25221 EChat Server 3.1 Buffer Overflow via chat.ghp username Parameter 28.03.2026 9.3
CVE-2018-25223 Crashmail 1.6 Stack-based Buffer Overflow Remote Code Execution 28.03.2026 9.3
CVE-2026-33992 pyLoad: Server-Side Request Forgery via Download Link Submission Enables Cloud Metadata Exfiltration 27.03.2026 9.3
CVE-2026-33976 Notesnook vulnerable to RCE via stored XSS in Web Clipper rendering 27.03.2026 9.7
CVE-2026-33937 Handlebars.js has JavaScript Injection via AST Type Confusion 27.03.2026 9.8
CVE-2026-33875 Authenticator Vulnerable to Authentication Flow Hijack 27.03.2026 9.3
CVE-2026-33873 Langflow has Authenticated Code Execution in Agentic Assistant Validation 27.03.2026 9.3
CVE-2026-34205 Home Assistant: Unauthenticated App (Add-on) Endpoints Exposed to Local Network via Host Network Mode 27.03.2026 9.7
CVE-2026-34374 AVideo has SQL Injection in Live_schedule::keyExists() via Unparameterized Stream Key 27.03.2026 9.1
CVE-2026-33867 AVideo has Plaintext Video Password Storage 27.03.2026 9.1
CVE-2026-27876 RCE on Grafana via sqlExpressions 28.03.2026 9.1
CVE-2026-1496 Coverity CLI Authentication Bypass 27.03.2026 9.3
CVE-2026-33757 OpenBao lacks user confirmation for OIDC direct callback mode 27.03.2026 9.6
CVE-2026-33758 OpenBao has Reflected XSS in its OIDC authentication error message 27.03.2026 9.4
CVE-2026-22738 SpEL Injection via Unescaped Filter Key in SimpleVectorStore Leads to Remote Code Execution 28.03.2026 9.8
CVE-2026-33701 OpenTelemetry: Unsafe Deserialization in RMI Instrumentation may Lead to Remote Code Execution 27.03.2026 9.3
CVE-2026-33728 dd-trace-java: Unsafe deserialization in RMI instrumentation may lead to remote code execution 27.03.2026 9.3
CVE-2026-33945 Abitrary file write through systemd-creds option 27.03.2026 10
CVE-2026-33897 Incus vulnerable to arbitrary file read and write through pongo templates 27.03.2026 10
CVE-2026-33669 SiYuan has Arbitrary Document Reading within the Publishing Service 27.03.2026 9.8
CVE-2026-33670 SiYuan has directory traversal within its publishing service 26.03.2026 9.8
CVE-2026-33640 Outline has a rate limit bypass that allows brute force of email login OTP 26.03.2026 9.1
CVE-2026-33152 Tandoor Recipes Vulnerable to Unrestricted Brute-Force via BasicAuthentication 26.03.2026 9.1
CVE-2026-33494 Ory Oathkeeper has a path traversal authorization bypass 27.03.2026 10
CVE-2026-33396 OneUptime has sandbox escape in Synthetic Monitor Playwright runtime allows project members to execute arbitrary commands on Probe 26.03.2026 10
CVE-2026-4809 Unsafe Client MIME Type Handling Can Enable Arbitrary File Upload in plank/laravel-mediable 26.03.2026 9.3
CVE-2026-4484 Masteriyo LMS <= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to Administrator 26.03.2026 9.8
CVE-2026-33526 Squid vulnerable to Denial of Service in ICP Request handling 26.03.2026 9.2
CVE-2026-33696 n8n Vulnerable to Prototype Pollution in XML & GSuiteAdmin node parameters lead to RCE 25.03.2026 9.4
CVE-2026-33660 n8n Has Multiple Remote Code Execution Vulnerabilities in Merge Node AlaSQL SQL Mode 28.03.2026 9.4
CVE-2026-26832 25.03.2026 9.8
CVE-2026-26830 27.03.2026 9.8
CVE-2025-33244 25.03.2026 9
CVE-2026-33322 MinIO: JWT Algorithm Confusion in OIDC Authentication 25.03.2026 9.2
CVE-2026-33419 MinIO: LDAP login brute-force via user enumeration and missing rate limit 25.03.2026 9.1
CVE-2026-2417 Missing Authentication for Critical Function in Pharos Controls Mosaic Show Controller 24.03.2026 9.3
CVE-2026-33340 LoLLMs WEBUI has unauthenticated Server-Side Request Forgery (SSRF) in /api/proxy endpoint 24.03.2026 9.1
CVE-2026-33309 Langflow has an Arbitrary File Write (RCE) via v2 API 25.03.2026 10
CVE-2026-33475 Langflow GitHub Actions Shell Injection 25.03.2026 9.1
CVE-2019-25628 Download Accelerator Plus DAP 10.0.6.0 SEH Buffer Overflow 24.03.2026 9.3
CVE-2019-25646 Tabs Mail Carrier 2.5.1 Buffer Overflow via MAIL FROM 24.03.2026 9.3
CVE-2026-4755 CWE-20 in MolotovCherry Android-ImageMagick7 24.03.2026 9.8
CVE-2026-4750 Out-of-bounds Read in fabiangreffrath woof 24.03.2026 9.1
CVE-2026-4753 Out-of-bounds Read in slajerek RetroDebugger 24.03.2026 9.1
CVE-2026-4283 WP DSGVO Tools (GDPR) <= 3.1.38 - Missing Authorization to Unauthenticated Account Destruction of Non-Admin Users 24.03.2026 9.1
CVE-2026-4745 Arbitrary Code Execution via Crafted Bytecode in dendibakh/perf-ninja 24.03.2026 10
CVE-2026-4746 Heap Buffer Over-Write Vulenrabilty in timeplus-io/proton 24.03.2026 10
CVE-2026-4734 Heap Buffer Overflow in yoyofr/modizer 24.03.2026 9.4
CVE-2026-4738 GDAL Bundled zlib (inftree9.c) Pointer Offset Optimization Undefined Behavior Allows Heap Corruption or Remote Code Execution 24.03.2026 9.4
CVE-2026-4739 Integer overflow vulnerabilities in InsightSoftwareConsortium/ITK 24.03.2026 9.4
CVE-2026-4744 Notepad3 Bundled Oniguruma compile_string_node() Heap Buffer Overflow via Crafted Regex Pattern Allows Arbitrary Code Execution 24.03.2026 9.3
CVE-2026-33211 Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver pod 24.03.2026 9.6
CVE-2026-33286 Graphiti Affected by Arbitrary Method Execution via Unvalidated Relationship Names 24.03.2026 9.1
CVE-2026-4001 Woocommerce Custom Product Addons Pro <= 5.4.1 - Unauthenticated Remote Code Execution via Custom Pricing Formula 24.03.2026 9.8
CVE-2026-4681 Critical Remote Code Execution vulnerability reported in Windchill 24.03.2026 9.3
CVE-2026-33634 Trivy ecosystem supply chain briefly compromised 27.03.2026 9.4
CVE-2025-60949 Census CSWeb leaked configuration files 25.03.2026 9.3
CVE-2026-3055 Insufficient input validation leading to memory overread 24.03.2026 9.3
CVE-2026-30849 MantisBT SOAP API has an authentication bypass vulnerability on MySQL 24.03.2026 9.3
CVE-2026-0898 An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robot Studio developers who are automating Google Chrome and Microsoft Edge using either version 22.1 or R25. 24.03.2026 9
CVE-2026-33716 AVideo Allows Unauthenticated Live Stream Control via Token Verification URL Override in control.json.php 24.03.2026 9.4
CVE-2026-33502 AVideo has Unauthenticated SSRF via plugin/Live/test.php 24.03.2026 9.3
CVE-2026-33478 AVideo Multi-Chain Attack: Unauthenticated Remote Code Execution via Clone Key Disclosure, Database Dump, and Command Injection 23.03.2026 10
CVE-2026-33351 AVideo has Unauthenticated SSRF via `webSiteRootURL` Parameter in saveDVR.json.php, Chaining to Verification Bypass 23.03.2026 9.1
CVE-2026-33352 AVideo has an Unauthenticated SQL Injection via `doNotShowCats` Parameter (Backslash Escape Bypass) 24.03.2026 9.8
CVE-2025-41008 SQL Injection in Sinturno 23.03.2026 9.3
CVE-2025-41007 SQL Injection in Cuantis 23.03.2026 9.3
CVE-2026-32968 Unauthenticated RCE in com_mb24sysapi 23.03.2026 9.8
CVE-2026-4585 Tiandy Easy7 Integrated Management Platform Configuration ImportSystemConfiguration.jsp os command injection 23.03.2026 9.3
CVE-2026-3587 Hidden CLI Function Allows Root Access 24.03.2026 10
CVE-2026-4599 23.03.2026 9.3
CVE-2026-4600 23.03.2026 9.1
CVE-2026-4601 23.03.2026 9.4
CVE-2026-4567 Tenda A15 UploadCfg stack-based overflow 23.03.2026 9.3
CVE-2026-4606 GeoVision ERM Improper Privilege Assignment Leads to SYSTEM-Level Privilege 24.03.2026 10

Latest Updates

CVE Title Updated Score
CVE-2026-5046 Tenda FH1201 Parameter WrlExtraSet formWrlExtraSet stack-based overflow 29.03.2026
CVE-2026-5045 Tenda FH1201 Parameter WrlclientSet stack-based overflow 29.03.2026
CVE-2026-23400 rust_binder: call set_notification_done() without proc lock 29.03.2026
CVE-2026-32914 OpenClaw < 2026.3.12 - Insufficient Access Control in /config and /debug Endpoints 29.03.2026 8.8
CVE-2026-32915 OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Subagent Control Surface 29.03.2026 8.8
CVE-2026-32918 OpenClaw < 2026.3.11 - Session Sandbox Escape via session_status Tool 29.03.2026 8.4
CVE-2026-32919 OpenClaw < 2026.3.11 - Unauthorized Session Reset via agent Slash Commands 29.03.2026 6.1
CVE-2026-32922 OpenClaw < 2026.3.11 - Privilege Escalation via Unvalidated Scope in device.token.rotate 29.03.2026 9.9
CVE-2026-32923 OpenClaw < 2026.3.11 - Authorization Bypass in Discord Guild Reaction Allowlist Enforcement 29.03.2026 5.4
CVE-2026-32924 OpenClaw < 2026.3.12 - Authorization Bypass via Misclassified Reaction Events in Feishu 29.03.2026
CVE-2026-32972 OpenClaw < 2026.3.11 - Authorization Bypass in Browser Profile Management via browser.request 29.03.2026 7.1
CVE-2026-32973 OpenClaw < 2026.3.11 - Exec Allowlist Pattern Overmatch via POSIX Path Normalization 29.03.2026
CVE-2026-32974 OpenClaw < 2026.3.12 - Forged Event Injection via Feishu Webhook Verification Token 29.03.2026 8.6
CVE-2026-32975 OpenClaw < 2026.3.12 - Weak Authorization via Mutable Group Names in Zalouser Allowlist 29.03.2026
CVE-2026-32978 OpenClaw < 2026.3.11 - Approval Bypass via Unrecognized Script Runners 29.03.2026 8
CVE-2026-32979 OpenClaw < 2026.3.11 - Unbound Interpreter and Runtime Commands Bypass in node-host Approval 29.03.2026 7.3
CVE-2026-32980 OpenClaw < 2026.3.13 - Resource Exhaustion via Unauthenticated Telegram Webhook Request 29.03.2026
CVE-2026-32987 OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing 29.03.2026
CVE-2026-33572 OpenClaw < 2026.2.17 - Insufficient File Permissions in Session Transcript Files 29.03.2026
CVE-2026-33573 OpenClaw < 2026.3.11 - Workspace Boundary Bypass via Agent RPC Parameters 29.03.2026 8.8
CVE-2026-33574 OpenClaw < 2026.3.8 - Path Traversal via Tools Root Rebinding in Skills Download 29.03.2026
CVE-2026-33575 OpenClaw < 2026.3.12 - Long-lived Credential Exposure in Pairing Setup Codes 29.03.2026
CVE-2026-5044 Belkin F9K1122 Setting formSetSystemSettings stack-based overflow 29.03.2026
CVE-2026-5043 Belkin F9K1122 Parameter formSetPassword stack-based overflow 29.03.2026
CVE-2026-5042 Belkin F9K1122 Parameter formCrossBandSwitch stack-based overflow 29.03.2026
CVE-2026-5041 code-projects Chamber of Commerce Membership Management System pageMail.php fwrite command injection 29.03.2026
CVE-2026-5037 mxml mxmlIndexNew mxml-index.c index_sort stack-based overflow 29.03.2026
CVE-2026-5036 Tenda 4G06 Endpoint DhcpListClient fromDhcpListClient stack-based overflow 29.03.2026
CVE-2026-5035 code-projects Accounting System Parameter view_work.php sql injection 29.03.2026
CVE-2026-5034 code-projects Accounting System Parameter edit_costumer.php sql injection 29.03.2026
CVE-2026-5033 code-projects Accounting System Parameter view_costumer.php sql injection 29.03.2026
CVE-2026-5031 BichitroGan ISP Billing Software Endpoint users-view resource injection 29.03.2026
CVE-2026-5030 Totolink NR1800X Telnet Service cstecgi.cgi NTPSyncWithHost command injection 29.03.2026
CVE-2026-5024 D-Link DIR-513 formSetEmail stack-based overflow 29.03.2026
CVE-2026-2602 Twentig <= 1.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'featuredImageSizeWidth' 29.03.2026 6.4
CVE-2026-5023 DeDeveloper23 codebase-mcp RepoMix codebase.ts saveCodebase os command injection 29.03.2026
CVE-2026-5021 Tenda F453 httpd PPTPUserSetting fromPPTPUserSetting stack-based overflow 29.03.2026
CVE-2026-4851 GRID::Machine versions through 0.127 for Perl allows arbitrary code execution via unsafe deserialization 29.03.2026
CVE-2026-5020 Totolink A3600R Parameter cstecgi.cgi setNoticeCfg command injection 29.03.2026
CVE-2026-5019 code-projects Simple Food Order System Parameter all-orders.php sql injection 28.03.2026
CVE-2026-5017 code-projects Simple Food Order System Parameter all-tickets.php sql injection 28.03.2026
CVE-2026-5018 code-projects Simple Food Order System Parameter register-router.php sql injection 28.03.2026
CVE-2026-5016 elecV2 elecV2P URL mock eAxios server-side request forgery 28.03.2026
CVE-2026-5014 elecV2 elecV2P Wildcard log path.join path traversal 28.03.2026
CVE-2026-5015 elecV2 elecV2P Endpoint logs cross site scripting 28.03.2026
CVE-2026-5013 elecV2 elecV2P :key path.join path traversal 28.03.2026
CVE-2026-5012 elecV2 elecV2P rpc pm2run os command injection 28.03.2026
CVE-2026-3256 HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids 28.03.2026
CVE-2025-15604 Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions 28.03.2026
CVE-2026-5007 kazuph mcp-docs-rag add_git_repository/add_text_file index.ts cloneRepository os command injection 28.03.2026
CVE-2026-5011 elecV2 elecV2P JSON webhook runJSFile code injection 28.03.2026