🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-27651 | High | 7.5 |
When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause …
|
— | Mar 24, 2026 |
| CVE-2026-33498 | High | 7.5 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…
|
✅ Patch | Mar 24, 2026 |
| CVE-2026-33497 | High | 7.5 |
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.1, in the download_p…
|
⚡ Exploit | Mar 24, 2026 |
| CVE-2026-33332 | High | 7.5 |
NiceGUI is a Python-based UI framework. Prior to version 3.9.0, NiceGUI's app.add_media_file() and app.add_media_files()…
|
✅ Patch | Mar 24, 2026 |
| CVE-2026-33306 | High | 7.5 |
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt() password hashing algorithm. Prior to version 3.1.22, an integer o…
|
✅ Patch | Mar 24, 2026 |
| CVE-2026-33241 | High | 7.5 |
Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations (`form_data()` method …
|
⚡ Exploit ✅ Patch | Mar 24, 2026 |
| CVE-2026-4640 | High | 7.5 |
Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated re…
|
— | Mar 24, 2026 |
| CVE-2026-3509 | High | 7.5 |
An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of th…
|
— | Mar 24, 2026 |
| CVE-2026-4662 | High | 7.5 |
The JetEngine plugin for WordPress is vulnerable to SQL Injection via the `listing_load_more` AJAX action in all version…
|
— | Mar 24, 2026 |
| CVE-2026-4625 | High | 7.3 |
A flaw has been found in SourceCodester Online Admission System 1.0. This affects an unknown function of the file /progr…
|
— | Mar 24, 2026 |
| CVE-2026-4632 | High | 7.3 |
A weakness has been identified in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of …
|
— | Mar 24, 2026 |
| CVE-2026-4624 | High | 7.3 |
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown …
|
— | Mar 24, 2026 |
| CVE-2026-4623 | High | 7.3 |
A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c…
|
— | Mar 24, 2026 |
| CVE-2026-4617 | High | 7.3 |
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element…
|
— | Mar 24, 2026 |
| CVE-2026-4613 | High | 7.3 |
A vulnerability was found in SourceCodester E-Commerce Site 1.0. This vulnerability affects unknown code of the file /pr…
|
— | Mar 24, 2026 |
| CVE-2026-4615 | High | 7.3 |
A vulnerability was identified in SourceCodester Online Catering Reservation 1.0. Impacted is an unknown function of the…
|
— | Mar 24, 2026 |
| CVE-2026-33539 | High | 7.2 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…
|
✅ Patch | Mar 24, 2026 |
| CVE-2026-33157 | High | 7.2 |
Craft CMS is a content management system (CMS). From version 5.6.0 to before version 5.9.13, a Remote Code Execution (RC…
|
⚡ Exploit ✅ Patch | Mar 24, 2026 |
| CVE-2026-4627 | High | 7.2 |
A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handler_update_system_tim…
|
— | Mar 24, 2026 |
| CVE-2019-25638 | High | 7.1 |
Meeplace Business Review Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute…
|
— | Mar 24, 2026 |