🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-3124 | High | 7.5 |
The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and i…
|
— | Mar 30, 2026 |
| CVE-2026-5150 | High | 7.3 |
A security vulnerability has been detected in code-projects Accounting System 1.0. This issue affects some unknown proce…
|
— | Mar 30, 2026 |
| CVE-2026-5147 | High | 7.3 |
A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This affects an unknown part of the file /admin…
|
— | Mar 30, 2026 |
| CVE-2026-33987 | High | 7.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistent_cache_read_entry…
|
✅ Patch | Mar 30, 2026 |
| CVE-2026-33982 | High | 7.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there is a heap-buffer-overflo…
|
✅ Patch | Mar 30, 2026 |
| CVE-2026-5043 | High | 8.8 |
A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the fi…
|
⚡ Exploit | Mar 29, 2026 |
| CVE-2026-5044 | High | 8.8 |
A security vulnerability has been detected in Belkin F9K1122 1.00.33. This affects the function formSetSystemSettings of…
|
⚡ Exploit | Mar 29, 2026 |
| CVE-2026-5042 | High | 8.8 |
A security flaw has been discovered in Belkin F9K1122 1.00.33. The affected element is the function formCrossBandSwitch …
|
⚡ Exploit | Mar 29, 2026 |
| CVE-2026-5046 | High | 8.8 |
A flaw has been found in Tenda FH1201 1.2.0.14(408). Affected is the function formWrlExtraSet of the file /goform/WrlExt…
|
⚡ Exploit | Mar 29, 2026 |
| CVE-2026-5045 | High | 8.8 |
A vulnerability was detected in Tenda FH1201 1.2.0.14(408). This impacts the function WrlclientSet of the file /goform/W…
|
⚡ Exploit | Mar 29, 2026 |
| CVE-2026-5021 | High | 8.8 |
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserS…
|
⚡ Exploit | Mar 29, 2026 |
| CVE-2026-5036 | High | 8.8 |
A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the f…
|
⚡ Exploit | Mar 29, 2026 |
| CVE-2026-5024 | High | 8.8 |
A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formS…
|
⚡ Exploit | Mar 29, 2026 |
| CVE-2026-33573 | High | 8.8 |
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC that allows authentica…
|
— | Mar 29, 2026 |
| CVE-2026-32914 | High | 8.8 |
OpenClaw before 2026.3.12 contains an insufficient access control vulnerability in the /config and /debug command handle…
|
— | Mar 29, 2026 |
| CVE-2026-32915 | High | 8.8 |
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability allowing leaf subagents to access the subagen…
|
— | Mar 29, 2026 |
| CVE-2026-32918 | High | 8.4 |
OpenClaw before 2026.3.11 contains a session sandbox escape vulnerability in the session_status tool that allows sandbox…
|
— | Mar 29, 2026 |
| CVE-2026-0562 | High | 8.3 |
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or rej…
|
⚡ Exploit ✅ Patch | Mar 29, 2026 |
| CVE-2026-32978 | High | 8.0 |
OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals fail to bind mutable f…
|
— | Mar 29, 2026 |
| CVE-2026-32980 | High | 7.5 |
OpenClaw before 2026.3.13 reads and buffers Telegram webhook request bodies before validating the x-telegram-bot-api-sec…
|
✅ Patch | Mar 29, 2026 |