🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-26130 | High | 7.5 |
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service ove…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26308 | High | 7.5 |
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC (Rol…
|
⚡ Exploit ✅ Patch | Mar 10, 2026 |
| CVE-2026-28431 | High | 7.5 |
Misskey is an open source, federated social media platform. All Misskey servers running versions 8.45.0 and later, but p…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-28432 | High | 7.5 |
Misskey is an open source, federated social media platform. All Misskey servers prior to 2026.3.1 contain a vulnerabilit…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-30925 | High | 7.5 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.0-a…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-30939 | High | 7.5 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.13 …
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-30941 | High | 7.5 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.14 …
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-3585 | High | 7.5 |
The The Events Calendar plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.15.…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25167 | High | 7.4 |
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25569 | High | 7.4 |
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). An out-of-bounds write vulnerability exi…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25570 | High | 7.4 |
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK does not perform che…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25573 | High | 7.4 |
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application builds shell co…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-2364 | High | 7.3 |
If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low pr…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-1261 | High | 7.2 |
The MetForm Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Quiz feature in all versions u…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-2724 | High | 7.2 |
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form entr…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-30958 | High | 7.2 |
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, an unauthenticated path traversal…
|
⚡ Exploit ✅ Patch | Mar 10, 2026 |
| CVE-2026-23667 | High | 7.0 |
Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-23668 | High | 7.0 |
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Compon…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-23671 | High | 7.0 |
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM P…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-24285 | High | 7.0 |
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |