🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-32983 | Medium | 5.8 |
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-i…
|
— | Mar 27, 2026 |
| CVE-2026-4948 | Medium | 5.5 |
A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D…
|
— | Mar 27, 2026 |
| CVE-2026-32859 | Medium | 5.4 |
ByteDance Deer-Flow versions prior to commit 5dbb362 contain a stored cross-site scripting vulnerability in the artifact…
|
— | Mar 27, 2026 |
| CVE-2026-34411 | Medium | 5.3 |
Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticat…
|
— | Mar 27, 2026 |
| CVE-2026-33669 | Critical | 9.8 |
SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-33670 | Critical | 9.8 |
SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to tr…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-33152 | Critical | 9.1 |
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior t…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-4862 | High | 8.8 |
A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the functio…
|
— | Mar 26, 2026 |
| CVE-2025-15101 | High | 8.8 |
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS ro…
|
— | Mar 26, 2026 |
| CVE-2026-33413 | High | 8.8 |
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9,…
|
— | Mar 26, 2026 |
| CVE-2026-4902 | High | 8.8 |
A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addr…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-4840 | High | 8.8 |
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTo…
|
— | Mar 26, 2026 |
| CVE-2026-4903 | High | 8.8 |
A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /gofo…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-2931 | High | 8.8 |
The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and includ…
|
— | Mar 26, 2026 |
| CVE-2026-33622 | High | 8.8 |
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.8.3` throug…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2026-4861 | High | 8.8 |
A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /…
|
— | Mar 26, 2026 |
| CVE-2026-33661 | High | 8.6 |
Pay is an open-source payment SDK extension package for various Chinese payment services. Prior to version 3.7.20, the `…
|
⚡ Exploit ✅ Patch | Mar 26, 2026 |
| CVE-2026-32857 | High | 8.6 |
Firecrawl version 2.8.0 and prior contain a server-side request forgery (SSRF) protection bypass vulnerability in the Pl…
|
— | Mar 26, 2026 |
| CVE-2018-25212 | High | 8.4 |
Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2018-25213 | High | 8.4 |
Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to…
|
⚡ Exploit | Mar 26, 2026 |