🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-34503 | High | 8.1 |
OpenClaw before 2026.3.28 fails to disconnect active WebSocket sessions when devices are removed or tokens are revoked. …
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-34377 | High | 8.1 |
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-consensus version 5.0.1, a logic…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-33579 | High | 8.1 |
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to …
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-33577 | High | 8.1 |
OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that…
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-34210 | High | 8.1 |
mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method …
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-22561 | High | 7.8 |
Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.336…
|
— | Mar 31, 2026 |
| CVE-2026-24165 | High | 7.8 |
NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful explo…
|
— | Mar 31, 2026 |
| CVE-2026-2123 | High | 7.8 |
A security audit identified a privilege escalation
vulnerability in Operations Agent(<=OA 12.29) on Windows. Under speci…
|
— | Mar 31, 2026 |
| CVE-2026-34163 | High | 7.7 |
FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, FastGPT's MCP (Model Context Protocol) tools endpoi…
|
⚡ Exploit ✅ Patch | Mar 31, 2026 |
| CVE-2026-34366 | High | 7.6 |
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-34365 | High | 7.6 |
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-34573 | High | 7.5 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-32982 | High | 7.5 |
OpenClaw before 2026.3.13 contains an information disclosure vulnerability in the fetchRemoteMedia function that exposes…
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-32988 | High | 7.5 |
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in fs-bridge staged writes where temporary fi…
|
— | Mar 31, 2026 |
| CVE-2026-5115 | High | 7.5 |
The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijackin…
|
— | Mar 31, 2026 |
| CVE-2026-5201 | High | 7.5 |
A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loade…
|
— | Mar 31, 2026 |
| CVE-2026-4020 | High | 7.5 |
The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and includi…
|
— | Mar 31, 2026 |
| CVE-2026-34784 | High | 7.5 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-5179 | High | 7.3 |
A vulnerability was detected in SourceCodester Simple Doctors Appointment System 1.0. This affects an unknown part of th…
|
— | Mar 31, 2026 |
| CVE-2026-5180 | High | 7.3 |
A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code o…
|
— | Mar 31, 2026 |