🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-4718 | High | 8.1 |
Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Th…
|
— | Mar 24, 2026 |
| CVE-2026-33668 | High | 8.1 |
Vikunja is an open-source self-hosted task management platform. Starting in version 0.18.0 and prior to version 2.2.1, w…
|
⚡ Exploit ✅ Patch | Mar 24, 2026 |
| CVE-2026-32853 | High | 8.1 |
LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the …
|
⚡ Exploit ✅ Patch | Mar 24, 2026 |
| CVE-2026-4021 | High | 8.1 |
The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in …
|
— | Mar 24, 2026 |
| CVE-2026-33335 | High | 8.0 |
Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, t…
|
⚡ Exploit | Mar 24, 2026 |
| CVE-2025-33248 | High | 7.8 |
NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may cause an RCE by convin…
|
— | Mar 24, 2026 |
| CVE-2025-33247 | High | 7.8 |
NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code executi…
|
— | Mar 24, 2026 |
| CVE-2026-32948 | High | 7.8 |
sbt is a build tool for Scala, Java, and others. From version 0.9.5 to before version 1.12.7, on Windows, sbt uses Proce…
|
⚡ Exploit ✅ Patch | Mar 24, 2026 |
| CVE-2026-24152 | High | 7.8 |
NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a use…
|
— | Mar 24, 2026 |
| CVE-2026-32647 | High | 7.8 |
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker t…
|
— | Mar 24, 2026 |
| CVE-2026-24150 | High | 7.8 |
NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a use…
|
— | Mar 24, 2026 |
| CVE-2026-27784 | High | 7.8 |
The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might allow …
|
— | Mar 24, 2026 |
| CVE-2026-4775 | High | 7.8 |
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the …
|
— | Mar 24, 2026 |
| CVE-2026-24151 | High | 7.8 |
NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may cause an RCE by convincing a user to lo…
|
— | Mar 24, 2026 |
| CVE-2026-4726 | High | 7.5 |
Denial-of-service in the XML component. This vulnerability affects Firefox < 149 and Thunderbird < 149.
|
— | Mar 24, 2026 |
| CVE-2026-4686 | High | 7.5 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR…
|
— | Mar 24, 2026 |
| CVE-2026-4685 | High | 7.5 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR…
|
— | Mar 24, 2026 |
| CVE-2026-33174 | High | 7.5 |
Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, a…
|
✅ Patch | Mar 24, 2026 |
| CVE-2026-32854 | High | 7.5 |
LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the…
|
⚡ Exploit ✅ Patch | Mar 24, 2026 |
| CVE-2026-33176 | High | 7.5 |
Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to v…
|
✅ Patch | Mar 24, 2026 |