🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-32976 | Medium | 6.5 |
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing channel commands to mutate protected s…
|
— | Mar 31, 2026 |
| CVE-2026-34505 | Medium | 6.5 |
OpenClaw before 2026.3.12 applies rate limiting only after successful webhook authentication, allowing attackers to bypa…
|
— | Mar 31, 2026 |
| CVE-2026-1710 | Medium | 6.5 |
The WooPayments: Integrated WooCommerce Payments plugin for WordPress is vulnerable to unauthorized modification of data…
|
— | Mar 31, 2026 |
| CVE-2026-30521 | Medium | 6.5 |
A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validati…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-33576 | Medium | 6.5 |
OpenClaw before 2026.3.28 downloads and stores inbound media from Zalo channels before validating sender authorization. …
|
✅ Patch | Mar 31, 2026 |
| CVE-2026-34716 | Medium | 6.4 |
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo YPTSocket plugin's caller feature r…
|
⚡ Exploit | Mar 31, 2026 |
| CVE-2026-2480 | Medium | 6.4 |
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
|
— | Mar 31, 2026 |
| CVE-2026-1834 | Medium | 6.4 |
The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin'…
|
— | Mar 31, 2026 |
| CVE-2026-5183 | Medium | 6.3 |
A vulnerability was determined in TRENDnet TEW-713RE up to 1.02. The affected element is the function sub_421494 of the …
|
— | Mar 31, 2026 |
| CVE-2026-5181 | Medium | 6.3 |
A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some un…
|
— | Mar 31, 2026 |
| CVE-2026-5184 | Medium | 6.3 |
A vulnerability was identified in TRENDnet TEW-713RE up to 1.02. The impacted element is an unknown function of the file…
|
— | Mar 31, 2026 |
| CVE-2026-5178 | Medium | 6.3 |
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_b20221024. Affected by this issue is the func…
|
— | Mar 31, 2026 |
| CVE-2026-5205 | Medium | 6.3 |
A vulnerability was identified in chatwoot up to 4.11.2. Affected by this vulnerability is the function Webhooks::Trigge…
|
— | Mar 31, 2026 |
| CVE-2026-5206 | Medium | 6.3 |
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects…
|
— | Mar 31, 2026 |
| CVE-2026-32977 | Medium | 6.3 |
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that u…
|
— | Mar 31, 2026 |
| CVE-2026-32921 | Medium | 6.3 |
OpenClaw before 2026.3.8 contains an approval bypass vulnerability in system.run where mutable script operands are not b…
|
— | Mar 31, 2026 |
| CVE-2026-5197 | Medium | 6.3 |
A vulnerability was found in code-projects Student Membership System 1.0. The affected element is an unknown function of…
|
— | Mar 31, 2026 |
| CVE-2026-5196 | Medium | 6.3 |
A vulnerability has been found in code-projects Student Membership System 1.0. Impacted is an unknown function of the fi…
|
— | Mar 31, 2026 |
| CVE-2026-5177 | Medium | 6.3 |
A weakness has been identified in Totolink A3300R 17.0.0cu.557_b20221024. Affected by this vulnerability is the function…
|
— | Mar 31, 2026 |
| CVE-2026-1877 | Medium | 6.1 |
The Auto Post Scheduler plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and incl…
|
— | Mar 31, 2026 |