🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-1345 | High | 7.3 |
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 …
|
— | Apr 1, 2026 |
| CVE-2026-5261 | High | 7.3 |
A vulnerability was identified in Shandong Hoteam InforCenter PLM up to 8.3.8. The impacted element is the function uplo…
|
— | Apr 1, 2026 |
| CVE-2026-5238 | High | 7.3 |
A weakness has been identified in itsourcecode Payroll Management System 1.0. Affected by this issue is some unknown fun…
|
— | Apr 1, 2026 |
| CVE-2026-5258 | High | 7.3 |
A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the function _get_file of the file iopaint/file_manager/…
|
— | Apr 1, 2026 |
| CVE-2026-35056 | High | 7.2 |
XenForo before 2.3.9 and before 2.2.18 allows remote code execution (RCE) by authenticated, but malicious, admin users. …
|
— | Apr 1, 2026 |
| CVE-2026-34604 | High | 7.1 |
Tina is a headless content management system. Prior to version 2.2.2, @tinacms/graphql uses string-based path containmen…
|
✅ Patch | Apr 1, 2026 |
| CVE-2026-34603 | High | 7.1 |
Tina is a headless content management system. Prior to version 2.2.2, @tinacms/cli recently added lexical path-traversal…
|
✅ Patch | Apr 1, 2026 |
| CVE-2026-34373 | High | 8.8 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-34227 | High | 8.8 |
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click …
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-5204 | High | 8.8 |
A vulnerability was determined in Tenda CH22 1.0.0.1. Affected is the function formWebTypeLibrary of the file /goform/we…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-5211 | High | 8.8 |
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, D…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-5214 | High | 8.8 |
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-32…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-5212 | High | 8.8 |
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-5213 | High | 8.8 |
A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-34040 | High | 8.8 |
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that all…
|
— | Mar 31, 2026 |
| CVE-2026-5156 | High | 8.8 |
A vulnerability was determined in Tenda CH22 1.0.0.1. This impacts the function formQuickIndex of the file /goform/Quick…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2025-32957 | High | 8.7 |
baserCMS is a website development framework. Prior to version 5.2.3, the application's restore function allows users to …
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-34585 | High | 8.6 |
SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-32920 | High | 8.4 |
OpenClaw before 2026.3.12 automatically discovers and loads plugins from .OpenClaw/extensions/ without explicit trust ve…
|
— | Mar 31, 2026 |
| CVE-2026-34504 | High | 8.3 |
OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-prov…
|
✅ Patch | Mar 31, 2026 |