🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-3098 | Medium | 6.5 |
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1…
|
— | Mar 27, 2026 |
| CVE-2026-4970 | Medium | 6.3 |
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the…
|
— | Mar 27, 2026 |
| CVE-2026-4907 | Medium | 6.3 |
A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db6751050d2ad0. The impacted…
|
— | Mar 27, 2026 |
| CVE-2025-15615 | Medium | 5.8 |
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-i…
|
— | Mar 27, 2026 |
| CVE-2026-32983 | Medium | 5.8 |
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-i…
|
— | Mar 27, 2026 |
| CVE-2026-4948 | Medium | 5.5 |
A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D…
|
— | Mar 27, 2026 |
| CVE-2026-32859 | Medium | 5.4 |
ByteDance Deer-Flow versions prior to commit 5dbb362 contain a stored cross-site scripting vulnerability in the artifact…
|
— | Mar 27, 2026 |
| CVE-2026-34411 | Medium | 5.3 |
Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticat…
|
— | Mar 27, 2026 |
| CVE-2026-33669 | Critical | 9.8 |
SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-33670 | Critical | 9.8 |
SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to tr…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-33152 | Critical | 9.1 |
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior t…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-4862 | High | 8.8 |
A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the functio…
|
— | Mar 26, 2026 |
| CVE-2026-4861 | High | 8.8 |
A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /…
|
— | Mar 26, 2026 |
| CVE-2025-15101 | High | 8.8 |
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS ro…
|
— | Mar 26, 2026 |
| CVE-2026-33413 | High | 8.8 |
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9,…
|
— | Mar 26, 2026 |
| CVE-2026-4840 | High | 8.8 |
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTo…
|
— | Mar 26, 2026 |
| CVE-2026-2931 | High | 8.8 |
The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and includ…
|
— | Mar 26, 2026 |
| CVE-2026-33622 | High | 8.8 |
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.8.3` throug…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-4902 | High | 8.8 |
A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addr…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-4903 | High | 8.8 |
A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /gofo…
|
⚡ Exploit | Mar 26, 2026 |