🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2025-15617 | Medium | 6.5 |
Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to ex…
|
— | Mar 27, 2026 |
| CVE-2026-3098 | Medium | 6.5 |
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1…
|
— | Mar 27, 2026 |
| CVE-2026-4907 | Medium | 6.3 |
A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db6751050d2ad0. The impacted…
|
— | Mar 27, 2026 |
| CVE-2026-4970 | Medium | 6.3 |
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the…
|
— | Mar 27, 2026 |
| CVE-2025-15615 | Medium | 5.8 |
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-i…
|
— | Mar 27, 2026 |
| CVE-2026-32983 | Medium | 5.8 |
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-i…
|
— | Mar 27, 2026 |
| CVE-2026-4948 | Medium | 5.5 |
A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D…
|
— | Mar 27, 2026 |
| CVE-2026-32859 | Medium | 5.4 |
ByteDance Deer-Flow versions prior to commit 5dbb362 contain a stored cross-site scripting vulnerability in the artifact…
|
— | Mar 27, 2026 |
| CVE-2026-34411 | Medium | 5.3 |
Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticat…
|
— | Mar 27, 2026 |
| CVE-2026-27663 | Medium | 6.5 |
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), RTUM85 RTU Base …
|
— | Mar 26, 2026 |
| CVE-2026-3121 | Medium | 6.5 |
A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where thi…
|
— | Mar 26, 2026 |
| CVE-2026-4075 | Medium | 6.4 |
The BWL Advanced FAQ Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'baf_sbox' s…
|
— | Mar 26, 2026 |
| CVE-2026-4278 | Medium | 6.4 |
The Simple Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sdc_menu' shortco…
|
— | Mar 26, 2026 |
| CVE-2026-4389 | Medium | 6.4 |
The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting v…
|
— | Mar 26, 2026 |
| CVE-2026-4836 | Medium | 6.3 |
A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the …
|
— | Mar 26, 2026 |
| CVE-2026-4876 | Medium | 6.3 |
A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown fun…
|
— | Mar 26, 2026 |
| CVE-2018-25214 | Medium | 6.2 |
MegaPing contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplyin…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2018-25216 | Medium | 6.2 |
AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by suppl…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2019-25648 | Medium | 6.2 |
MyVideoConverter Pro 3.14 contains a local buffer overflow vulnerability that allows attackers to crash the application …
|
— | Mar 26, 2026 |
| CVE-2025-41026 | Medium | 6.1 |
Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an attacker execute JavaS…
|
— | Mar 26, 2026 |