🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-32734 | High | 7.1 |
baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has DOM-based cross-site scripting in tag …
|
— | Mar 31, 2026 |
| CVE-2026-32971 | High | 7.1 |
OpenClaw before 2026.3.11 contains an approval-integrity vulnerability in node-host system.run approvals that displays e…
|
— | Mar 31, 2026 |
| CVE-2026-33580 | Medium | 6.5 |
OpenClaw before 2026.3.28 contains a missing rate limiting vulnerability in the Nextcloud Talk webhook authentication th…
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-34505 | Medium | 6.5 |
OpenClaw before 2026.3.12 applies rate limiting only after successful webhook authentication, allowing attackers to bypa…
|
— | Mar 31, 2026 |
| CVE-2026-32976 | Medium | 6.5 |
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing channel commands to mutate protected s…
|
— | Mar 31, 2026 |
| CVE-2026-1710 | Medium | 6.5 |
The WooPayments: Integrated WooCommerce Payments plugin for WordPress is vulnerable to unauthorized modification of data…
|
— | Mar 31, 2026 |
| CVE-2026-34215 | Medium | 6.5 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-30521 | Medium | 6.5 |
A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validati…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-33576 | Medium | 6.5 |
OpenClaw before 2026.3.28 downloads and stores inbound media from Zalo channels before validating sender authorization. …
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-2480 | Medium | 6.4 |
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
|
— | Mar 31, 2026 |
| CVE-2026-34716 | Medium | 6.4 |
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo YPTSocket plugin's caller feature r…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-1834 | Medium | 6.4 |
The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin'…
|
— | Mar 31, 2026 |
| CVE-2026-5196 | Medium | 6.3 |
A vulnerability has been found in code-projects Student Membership System 1.0. Impacted is an unknown function of the fi…
|
— | Mar 31, 2026 |
| CVE-2026-5184 | Medium | 6.3 |
A vulnerability was identified in TRENDnet TEW-713RE up to 1.02. The impacted element is an unknown function of the file…
|
— | Mar 31, 2026 |
| CVE-2026-5181 | Medium | 6.3 |
A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some un…
|
— | Mar 31, 2026 |
| CVE-2026-5183 | Medium | 6.3 |
A vulnerability was determined in TRENDnet TEW-713RE up to 1.02. The affected element is the function sub_421494 of the …
|
— | Mar 31, 2026 |
| CVE-2026-5178 | Medium | 6.3 |
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_b20221024. Affected by this issue is the func…
|
— | Mar 31, 2026 |
| CVE-2026-5177 | Medium | 6.3 |
A weakness has been identified in Totolink A3300R 17.0.0cu.557_b20221024. Affected by this vulnerability is the function…
|
— | Mar 31, 2026 |
| CVE-2026-5205 | Medium | 6.3 |
A vulnerability was identified in chatwoot up to 4.11.2. Affected by this vulnerability is the function Webhooks::Trigge…
|
— | Mar 31, 2026 |
| CVE-2026-5206 | Medium | 6.3 |
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects…
|
— | Mar 31, 2026 |