CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-27441 PDF Password CMDi 04.03.2026 9.5
CVE-2026-27442 zip_attachments Path Traversal 04.03.2026 9.3
CVE-2026-27446 Apache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federation 04.03.2026 9.3
CVE-2026-29120 Insecure, Hardcoded Root Password Stored in Anaconda Configuration File On IDC SFX2100 Satellite Receiver 04.03.2026 9.2
CVE-2026-28777 Hardcoded and Insecure Credentials for "User" Local Account with SSH Access On IDC SFX2100 Satellite Receiver 04.03.2026 9.2
CVE-2026-28773 Authenticated OS Command Injection via Ping Utility Leading to RCE as Root 04.03.2026 9.3
CVE-2026-28774 Authenticated OS Command Injection via Traceroute Utility leads to Root RCE 04.03.2026 9.3
CVE-2026-28775 Unauthenticated RCE via SNMP Default Writable Community String 04.03.2026 10
CVE-2026-27971 Qwik affected by unauthenticated RCE via server$ Deserialization 03.03.2026 9.2
CVE-2026-28289 FreeScout 1.8.206 Patch Bypass for CVE-2026-27636 via Zero-Width Space Character Leads to Remote Code Execution 03.03.2026 10
CVE-2026-26279 Froxlor Admin-to-Root Privilege Escalation via Input Validation Bypass + OS Command Injection 03.03.2026 9.1
CVE-2026-26266 AliasVault affected by Cross-Site Scripting (XSS) via Email HTML Rendering 03.03.2026 9.3
CVE-2026-24898 OpenEMR has an Unauthenticated MedEx Token Disclosure 03.03.2026 10
CVE-2026-25146 OpenEMR's payments gateway_api_key secret rendered into client JS code 03.03.2026 9.6
CVE-2026-27012 Unauthenticated privilege escalation in OpenSTAManager via modules/utenti/actions.php 03.03.2026 9.8
CVE-2026-3485 D-Link DIR-868L SSDP Service sub_1BF84 os command injection 03.03.2026 9.3
CVE-2026-3437 Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering Toolkits 03.03.2026 9.3
CVE-2026-22891 03.03.2026 9.8
CVE-2026-22886 03.03.2026 9.8
CVE-2026-1492 User Registration & Membership <= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration 03.03.2026 9.8
CVE-2026-2628 All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login <= 2.2.5 - Authentication Bypass 03.03.2026 9.8
CVE-2025-50187 Chamilo: Evaluation of untrusted user input leads to Remote Code Execution 02.03.2026 9.8
CVE-2026-23600 03.03.2026 10
CVE-2025-12462 Blind SQL Injection in DobryCMS 02.03.2026 9.3
CVE-2025-14532 Remote Code Execution via Unrestricted File Upload in DobryCMS 02.03.2026 9.3
CVE-2026-3431 Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion 02.03.2026 9.8
CVE-2026-3432 Sim Studio AI - Unauthenticated OAuth Token Theft 02.03.2026 9.3
CVE-2025-30035 Lack of API authentication allowing session generation for any user 02.03.2026 9
CVE-2025-30042 Session generation possible with certificate number only 02.03.2026 9
CVE-2025-30044 RCE on uhcapache user permissions 02.03.2026 9.4
CVE-2026-2584 SQL Injection in Ciser System SL firmware 02.03.2026 9.3
CVE-2026-2999 Changing|IDExpert Windows Logon Agent - Remote Code Execution 02.03.2026 9.3
CVE-2026-3000 Changing|IDExpert Windows Logon Agent - Remote Code Execution 02.03.2026 9.3
CVE-2026-3422 e-Excellence|U-Office Force - Insecure Deserialization 02.03.2026 9.3
CVE-2026-2844 TimePictra Authentication Bypass Vulnerability 02.03.2026 9.3
CVE-2026-3010 TimePictra Stored Cross-Site Scripting 02.03.2026 9.3
CVE-2026-28515 openDCIM <= 23.04 Missing Authorization in install.php 02.03.2026 9.3
CVE-2026-28516 openDCIM <= 23.04 SQL Injection in Config::UpdateParameter 02.03.2026 9.3
CVE-2026-28517 openDCIM <= 23.04 OS Command Injection via dot Configuration Parameter 02.03.2026 9.3
CVE-2026-28408 WeGIA lacks authentication verification in adicionar_tipo_docs_atendido.php 02.03.2026 9.8
CVE-2026-28409 WeGIA Vulnerable to Remote Code Execution (RCE) via OS Command Injection 02.03.2026 10
CVE-2026-28411 WeGIA Vulnerable to Authentication Bypass via `extract($_REQUEST)` 02.03.2026 9.8
CVE-2026-28268 Vikunja Vulnerable to Account Takeover via Password Reset Token Reuse 03.03.2026 9.8
CVE-2026-27947 Group-Office Vulnerable to Remote Code Execution (RCE) 03.03.2026 9.4
CVE-2026-27755 SODOLA SL902-SWTGW124AS <= 200.1.20 Predictable Session ID 02.03.2026 9.3
CVE-2026-27751 SODOLA SL902-SWTGW124AS <= 200.1.20 Use of Default Credentials 02.03.2026 9.3
CVE-2026-2749 Path traversal in Centreon Open Tickets 27.02.2026 9.9
CVE-2026-2750 Command Injection via CLAPI generatetraps 27.02.2026 9.1
CVE-2025-15498 SQL Injection in Pro3W CMS 27.02.2026 9.3
CVE-2025-11252 SQLi in Signum Technologies' windesk.fm 27.02.2026 9.8
CVE-2025-11251 SQLi in Dayneks Software's E-Commerce Platform 27.02.2026 9.8
CVE-2026-2251 Path Traversal leading to Remote Code Execution (RCE) 03.03.2026 9.8
CVE-2025-12981 Listee <= 1.1.6 - Unauthenticated Privilege Escalation 27.02.2026 9.8
CVE-2026-3301 Totolink N300RH Web Management cstecgi.cgi setWebWlanIdx os command injection 27.02.2026 9.3
CVE-2026-28370 27.02.2026 9.1
CVE-2026-28363 27.02.2026 9.9
CVE-2026-21718 Copeland XWEB and XWEB Pro Use of a Broken or Risky Cryptographic Algorithm 02.03.2026 10
CVE-2026-24663 Copeland XWEB and XWEB Pro OS Command Injection 02.03.2026 9
CVE-2026-27028 Mobility46 mobility46.se Missing Authentication for Critical Function 03.03.2026 9.4
CVE-2026-27767 SWITCH EV swtchenergy.com Missing Authentication for Critical Function 02.03.2026 9.4
CVE-2026-27772 EV Energy ev.energy Missing Authentication for Critical Function 02.03.2026 9.4
CVE-2026-24731 EV2GO ev2go.io Missing Authentication for Critical Function 03.03.2026 9.4
CVE-2026-20781 CloudCharge cloudcharge.se Missing Authentication for Critical Function 02.03.2026 9.4
CVE-2026-25851 Chargemap chargemap.com Missing Authentication for Critical Function 02.03.2026 9.4
CVE-2026-28213 EverShop Vulnerable to Arbitrary Customer Account Takeover via Exposure of Password Reset Token in API Response 27.02.2026 9.8
CVE-2026-28215 hoppscotch Vulnerable to Unauthenticated Onboarding Config Takeover 02.03.2026 9.1
CVE-2026-22207 OpenViking Missing root_api_key Allows Anonymous ROOT Access 02.03.2026 9.3
CVE-2026-27966 Langflow has Remote Code Execution in CSV Agent 28.02.2026 9.8
CVE-2026-27969 Vitess users with backup storage access can write to arbitrary file paths on restore 26.02.2026 9.3
CVE-2026-27941 OpenLIT Vulnerable to Remote Code Execution and Secret Exposure via Misuse of `pull_request_target` in GitHub Actions Workflows 26.02.2026 10
CVE-2026-27804 Parse Server: Account takeover via JWT algorithm confusion in Google auth adapter 26.02.2026 9.3
CVE-2026-27613 CGI Parameter Injection (Bypass of STRICT_CGI_PARAMS and EscapeShellParam) 26.02.2026 10
CVE-2026-27498 n8n has Arbitrary Command Execution via File Write and Git Operations 26.02.2026 9
CVE-2026-27497 n8n has Potential Remote Code Execution via Merge Node 26.02.2026 9.4
CVE-2026-27577 n8n: Expression Sandbox Escape Leads to RCE 26.02.2026 9.4
CVE-2026-27493 n8n has Unauthenticated Expression Evaluation via Form Node 26.02.2026 9.5
CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner 26.02.2026 9.4
CVE-2026-27575 Vijkunja has Weak Password Policy Combined with Persistent Sessions After Password Change 26.02.2026 9.1

Latest Updates

CVE Title Updated Score
CVE-2025-59787 HTTP 5XX Internal Server Errors 04.03.2026
CVE-2026-26673 04.03.2026
CVE-2025-12801 Nfs-utils: rpc.mountd in the nfs-utils privilege escalation 04.03.2026
CVE-2025-59783 OS Command Injection over API 04.03.2026
CVE-2025-59784 Log Pollution - Control Characters Not Escaped 04.03.2026
CVE-2025-59785 API - Insufficient Input Validation 04.03.2026
CVE-2025-59786 Cookies are not Invalidated upon Logout and Password Change 04.03.2026
CVE-2025-62879 Rancher Backup Operator pod's logs leak S3 tokens 04.03.2026 6.8
CVE-2026-26514 04.03.2026
CVE-2025-70341 04.03.2026
CVE-2025-70342 04.03.2026
CVE-2025-71238 scsi: qla2xxx: Fix bsg_done() causing double free 04.03.2026
CVE-2026-23232 Revert "f2fs: block cache/dio write during f2fs_enable_checkpoint()" 04.03.2026
CVE-2026-23233 f2fs: fix to avoid mapping wrong physical block for swapfile 04.03.2026
CVE-2026-23234 f2fs: fix to avoid UAF in f2fs_write_end_io() 04.03.2026
CVE-2026-23235 f2fs: fix out-of-bounds access in sysfs attribute read/write 04.03.2026
CVE-2026-23236 fbdev: smscufx: properly copy ioctl memory to kernelspace 04.03.2026
CVE-2026-23237 platform/x86: classmate-laptop: Add missing NULL pointer checks 04.03.2026
CVE-2026-23238 romfs: check sb_set_blocksize() return value 04.03.2026
CVE-2025-40894 HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 04.03.2026
CVE-2025-40895 HTML injection in Sensor Map in CMC before 25.6.0 04.03.2026
CVE-2025-40896 Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 04.03.2026
CVE-2026-3103 Deletion of passwords via RestApi 04.03.2026
CVE-2026-21421 04.03.2026 6.7
CVE-2026-21422 04.03.2026 3.4
CVE-2026-21424 04.03.2026 6.7
CVE-2026-23231 netfilter: nf_tables: fix use-after-free in nf_tables_addchain() 04.03.2026
CVE-2026-25907 04.03.2026 5.3
CVE-2026-21423 04.03.2026 6.7
CVE-2026-21426 04.03.2026 6.7
CVE-2026-21425 04.03.2026 6.7
CVE-2026-22270 04.03.2026 6.7
CVE-2026-24732 Improper permission checks in Extension:NSFileRepo 04.03.2026
CVE-2026-1674 Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder <= 1.6.0 - Authenticated (Contributor+) Limited Options Update in save_gutena_forms_schema() 04.03.2026 6.5
CVE-2026-2355 My Calendar – Accessible Event Manager <= 3.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes 04.03.2026 6.4
CVE-2026-3056 Seraphinite Accelerator <= 2.28.14 - Missing Authorization to Authenticated (Subscriber+) Log Clearing 04.03.2026 4.3
CVE-2026-3058 Seraphinite Accelerator <= 2.28.14 - Authenticated (Subscriber+) Exposure of Sensitive Information to an Unauthorized Actor 04.03.2026 4.3
CVE-2023-7337 JS Help Desk – AI-Powered Support & Ticketing System 2.8.2 - Unauthenticated SQL Injection via 'js-support-ticket-token-tkstatus' Cookie 04.03.2026 7.5
CVE-2026-1706 All-in-One Video Gallery <= 4.7.1 - Reflected Cross-Site Scripting via 'vi' Parameter 04.03.2026 6.1
CVE-2026-3439 04.03.2026
CVE-2025-66168 Apache ActiveMQ, Apache ActiveMQ All Module, Apache ActiveMQ MQTT Module: MQTT control packet remaining length field is not properly validated 04.03.2026 5.4
CVE-2026-27441 PDF Password CMDi 04.03.2026
CVE-2026-27442 zip_attachments Path Traversal 04.03.2026
CVE-2026-27443 S/MIME Decryption Tag Sanitization Bypass 04.03.2026
CVE-2026-27444 Header Email Address Parsing 04.03.2026
CVE-2026-27445 PGP Signature Reflection 04.03.2026
CVE-2026-27446 Apache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federation 04.03.2026
CVE-2026-2746 Missing PGP Signature Tag 04.03.2026
CVE-2026-2747 PGP Mixed Plaintext and Encrypted Content 04.03.2026
CVE-2026-2748 S/MIME Certificate Subject Whitespace 04.03.2026
CVE-2026-3094 File Parsing Out-Of-Bounds Write in CNCSoft-G2 04.03.2026 7.8
CVE-2026-1236 Envira Gallery for WordPress <= 1.12.3 - Authenticated (Author+) Stored Cross-Site Scripting via 'justified_gallery_theme' Parameter via REST API 04.03.2026 6.4
CVE-2026-29119 Hardcoded and Insecure Credentials for "Admin" Account providing Telnet Access on IDC SFX2100 Satellite Receiver 04.03.2026
CVE-2026-29120 Insecure, Hardcoded Root Password Stored in Anaconda Configuration File On IDC SFX2100 Satellite Receiver 04.03.2026
CVE-2026-28778 Hardcoded FTP Credentials and LPE(via Insecure Permissions) for `xd` Local Account on IDC SFX2100 04.03.2026
CVE-2026-28776 Hardcoded and Insecure Credentials for "monitor" account with SSH Access On IDC SFX2100 Satellite Receiver 04.03.2026
CVE-2026-28777 Hardcoded and Insecure Credentials for "User" Local Account with SSH Access On IDC SFX2100 Satellite Receiver 04.03.2026
CVE-2026-28771 Reflected XSS In /index.cgi Endpoint On IDC Satellite Receiver Web Management Interface Version 101 04.03.2026
CVE-2026-28772 Reflected XSS in IDC_Logging Index endpoint 04.03.2026
CVE-2026-28773 Authenticated OS Command Injection via Ping Utility Leading to RCE as Root 04.03.2026
CVE-2026-28774 Authenticated OS Command Injection via Traceroute Utility leads to Root RCE 04.03.2026
CVE-2026-28775 Unauthenticated RCE via SNMP Default Writable Community String 04.03.2026
CVE-2026-28769 LFI in /IDC_Logging/checkifdone.cgi, "file" parameter Allowing for File Existence Enumeration On IDC Satellite Receiver Web Management Interface Version 101 04.03.2026
CVE-2026-28770 XML injection In /IDC_Logging/checkifdone.cgi Endpoint On IDC SFX Web Management Interface Version 101 04.03.2026
CVE-2026-2363 WP-Members Membership Plugin <= 3.5.5.1 - Authenticated (Contributor+) SQL Injection via 'order_by' Shortcode Attribute 04.03.2026 6.5
CVE-2026-2732 Enable Media Replace <= 4.1.7 - Improper Authorization to Authenticated (Author+) Arbitrary Attachment Change via Background Replace 04.03.2026 5.4
CVE-2026-2025 Mail Mint < 1.19.5 - Unauthenticated Emails Disclosure 04.03.2026
CVE-2026-2994 Concrete CMS below 9.4.8 is vulnerable to CSRF by a Rogue Admin using the Anti-Spam Allowlist Group 04.03.2026
CVE-2026-3240 Concrete CMS below 9.4.8 is vulnerable to Stored XSS via Legacy form 04.03.2026
CVE-2026-3241 Concrete CMS below version 9.4.8 is vulnerable to a stored cross-site scripting (XSS) in the "Legacy Form" block. 04.03.2026
CVE-2026-3242 Concrete CMS below 9.4.8 is vulnerable to Stored XSS in the Switch Language block 04.03.2026
CVE-2026-1273 PostX <= 5.0.8 - Authenticated (Administrator+) Server-Side Request Forgery via REST API Endpoints 04.03.2026 7.2
CVE-2026-1651 Email Subscribers & Newsletters <= 5.9.16 - Authenticated (Administrator+) SQL Injection via 'workflow_ids' Parameter 04.03.2026 6.5
CVE-2026-1945 WPBookit <= 1.0.8 - Unauthenticated Stored Cross-Site Scripting via 'wpb_user_name' and 'wpb_user_email' Parameters 04.03.2026 7.2
CVE-2026-1980 WPBookit <= 1.0.8 - Missing Authorization to Unauthenticated Sensitive Customer Data Exposure 04.03.2026 5.3
CVE-2026-2289 Taskbuilder <= 5.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Block Emails' Field 04.03.2026 4.4
CVE-2026-2292 Morkva UA Shipping <= 1.7.9 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Weight, kg' Field 04.03.2026 4.4
CVE-2026-3244 Concrete CMS below version 9.4.8 is vulnerable to Stored XSS in Search Results via Page Names 04.03.2026
CVE-2026-3452 Concrete CMS below 9.4.8 is vulnerable to stored deserialization leading to RCE in the Express Entry List block. 04.03.2026
CVE-2026-27971 Qwik affected by unauthenticated RCE via server$ Deserialization 03.03.2026
CVE-2026-28289 FreeScout 1.8.206 Patch Bypass for CVE-2026-27636 via Zero-Width Space Character Leads to Remote Code Execution 03.03.2026 10
CVE-2026-27905 BentoML has an Arbitrary File Write via Symlink Path Traversal in Tar Extraction 03.03.2026
CVE-2026-27932 joserfc PBES2 p2c Unbounded Iteration Count enables Denial of Service (DoS) 03.03.2026 7.5
CVE-2026-26279 Froxlor Admin-to-Root Privilege Escalation via Input Validation Bypass + OS Command Injection 03.03.2026 9.1
CVE-2026-27601 Underscore.js has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack 03.03.2026
CVE-2026-27622 OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write 03.03.2026
CVE-2026-27981 HomeBox has an Auth Rate Limit Bypass via IP Spoofing 03.03.2026 7.4
CVE-2026-3266 Improper access control vulnerability has been discovered in OpenText™ Filr. 03.03.2026
CVE-2026-25590 GLPI Inventory Plugin has Reflected XSS in task jobs 03.03.2026 4.5
CVE-2026-26266 AliasVault affected by Cross-Site Scripting (XSS) via Email HTML Rendering 03.03.2026 9.3
CVE-2026-26272 HomeBox affected by Stored XSS via HTML/SVG Attachment Upload 03.03.2026 4.6
CVE-2026-27600 HomeBox affected by Blind SSRF 03.03.2026 5
CVE-2026-3076 03.03.2026
CVE-2026-24848 OpenEMR Arbitrary File Write leading to Remote Code Execution 03.03.2026
CVE-2026-24898 OpenEMR has an Unauthenticated MedEx Token Disclosure 03.03.2026 10
CVE-2026-25146 OpenEMR's payments gateway_api_key secret rendered into client JS code 03.03.2026 9.6
CVE-2026-27012 Unauthenticated privilege escalation in OpenSTAManager via modules/utenti/actions.php 03.03.2026 9.8
CVE-2026-21866 Dify - Stored XSS in chat 03.03.2026
CVE-2026-24415 OpenSTAManager affected by reflected XSS in modifica_iva.php via righe parameter 03.03.2026
CVE-2026-1775 Missing Authentication for Critical Function in Labkotec LID-3300IP 03.03.2026
CVE-2026-2590 04.03.2026
CVE-2026-3130 04.03.2026
CVE-2026-3204 04.03.2026
CVE-2026-3224 04.03.2026
CVE-2026-3487 itsourcecode College Management System class-result.php sql injection 03.03.2026
CVE-2025-70239 03.03.2026
CVE-2026-3485 D-Link DIR-868L SSDP Service sub_1BF84 os command injection 03.03.2026
CVE-2026-3486 itsourcecode College Management System student-fee.php sql injection 03.03.2026