🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-2931 | High | 8.8 |
The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and includ…
|
— | Mar 26, 2026 |
| CVE-2026-33622 | High | 8.8 |
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.8.3` throug…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-4862 | High | 8.8 |
A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the functio…
|
— | Mar 26, 2026 |
| CVE-2026-4861 | High | 8.8 |
A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /…
|
— | Mar 26, 2026 |
| CVE-2025-15101 | High | 8.8 |
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS ro…
|
— | Mar 26, 2026 |
| CVE-2026-4840 | High | 8.8 |
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTo…
|
— | Mar 26, 2026 |
| CVE-2026-4903 | High | 8.8 |
A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /gofo…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-4902 | High | 8.8 |
A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addr…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-32857 | High | 8.6 |
Firecrawl version 2.8.0 and prior contain a server-side request forgery (SSRF) protection bypass vulnerability in the Pl…
|
— | Mar 26, 2026 |
| CVE-2026-33661 | High | 8.6 |
Pay is an open-source payment SDK extension package for various Chinese payment services. Prior to version 3.7.20, the `…
|
⚡ Exploit ✅ Patch | Mar 26, 2026 |
| CVE-2018-25213 | High | 8.4 |
Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2018-25217 | High | 8.4 |
PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers t…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2018-25212 | High | 8.4 |
Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2018-25218 | High | 8.4 |
PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that all…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2019-25650 | High | 8.4 |
River Past CamDo 3.7.6 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local att…
|
— | Mar 26, 2026 |
| CVE-2018-25219 | High | 8.4 |
PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-23995 | High | 8.4 |
EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initi…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-22593 | High | 8.4 |
EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-one check in IsoMux certificate filename…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2025-55262 | High | 8.3 |
HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensiti…
|
— | Mar 26, 2026 |
| CVE-2018-25202 | High | 8.2 |
SAT CFDI 3.3 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting S…
|
— | Mar 26, 2026 |