🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-33051 | Medium | 5.4 |
Craft CMS is a content management system (CMS). In versions 5.9.0-beta.1 through 5.9.10, the revision/draft context menu…
|
✅ Patch | Mar 20, 2026 |
| CVE-2026-3550 | Medium | 5.3 |
The RockPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.17. …
|
— | Mar 20, 2026 |
| CVE-2026-4496 | Medium | 5.3 |
A vulnerability was found in sigmade Git-MCP-Server up to 785aa159f262a02d5791a5d8a8e13c507ac42880. Affected by this vul…
|
— | Mar 20, 2026 |
| CVE-2026-20131 | Critical | 9.8 |
Cisco Secure Firewall Management Center (FMC) — CVE-2026-20131
Cisco Secure Firewall Management Center (FMC) Software an…
|
— | Mar 19, 2026 |
| CVE-2025-66376 | Critical | 9.8 |
Synacor Zimbra Collaboration Suite (ZCS) — CVE-2025-66376
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site…
|
— | Mar 18, 2026 |
| CVE-2025-47813 | Critical | 9.8 |
Wing FTP Server Wing FTP Server — CVE-2025-47813
Wing FTP Server contains a generation of error message containing sensi…
|
— | Mar 16, 2026 |
| CVE-2026-3909 | Critical | 9.8 |
Google Skia — CVE-2026-3909
Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker…
|
— | Mar 13, 2026 |
| CVE-2026-3910 | Critical | 9.8 |
Google Chromium V8 — CVE-2026-3910
Google Chromium V8 contains an improper restriction of operations within the bounds o…
|
— | Mar 13, 2026 |
| CVE-2025-68613 | Critical | 9.8 |
n8n n8n — CVE-2025-68613
n8n contains an improper control of dynamically managed code resources vulnerability in its wor…
|
— | Mar 11, 2026 |
| CVE-2026-28495 | Critical | 9.6 |
GetSimple CMS is a content management system. The massiveAdmin plugin (v6.0.3) bundled with GetSimpleCMS-CE v3.3.22 allo…
|
⚡ Exploit ✅ Patch | Mar 10, 2026 |
| CVE-2026-20967 | High | 8.8 |
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-23654 | High | 8.8 |
Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unauthorized attacker to…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-23669 | High | 8.8 |
Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-24283 | High | 8.8 |
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25177 | High | 8.8 |
Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized att…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25188 | High | 8.8 |
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an ad…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26106 | High | 8.8 |
Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26114 | High | 8.8 |
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a ne…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26116 | High | 8.8 |
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized …
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26118 | High | 8.8 |
Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a networ…
|
✅ Patch | Mar 10, 2026 |