🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-4876 | Medium | 6.3 |
A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown fun…
|
— | Mar 26, 2026 |
| CVE-2018-25214 | Medium | 6.2 |
MegaPing contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplyin…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2018-25216 | Medium | 6.2 |
AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by suppl…
|
⚡ Exploit | Mar 26, 2026 |
| CVE-2019-25648 | Medium | 6.2 |
MyVideoConverter Pro 3.14 contains a local buffer overflow vulnerability that allows attackers to crash the application …
|
— | Mar 26, 2026 |
| CVE-2026-1986 | Medium | 6.1 |
The FloristPress for Woo – Customize your eCommerce store for your Florist plugin for WordPress is vulnerable to Reflect…
|
— | Mar 26, 2026 |
| CVE-2025-41027 | Medium | 6.1 |
Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an attacker execute JavaS…
|
— | Mar 26, 2026 |
| CVE-2025-41026 | Medium | 6.1 |
Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an attacker execute JavaS…
|
— | Mar 26, 2026 |
| CVE-2026-4887 | Medium | 6.1 |
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A re…
|
— | Mar 26, 2026 |
| CVE-2026-28297 | Medium | 6.1 |
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when…
|
— | Mar 26, 2026 |
| CVE-2025-55266 | Medium | 5.9 |
HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carr…
|
— | Mar 26, 2026 |
| CVE-2026-28298 | Medium | 5.9 |
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when…
|
— | Mar 26, 2026 |
| CVE-2026-4830 | Medium | 5.6 |
A vulnerability was identified in kalcaddle kodbox 1.64. This issue affects the function Add of the file app/controller/…
|
— | Mar 26, 2026 |
| CVE-2018-25215 | Medium | 5.5 |
Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cau…
|
— | Mar 26, 2026 |
| CVE-2019-25649 | Medium | 5.5 |
River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allow…
|
— | Mar 26, 2026 |
| CVE-2026-4897 | Medium | 5.5 |
A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to th…
|
— | Mar 26, 2026 |
| CVE-2026-33915 | Medium | 5.4 |
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to versio…
|
✅ Patch | Mar 26, 2026 |
| CVE-2026-4335 | Medium | 5.4 |
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the attachment post…
|
— | Mar 26, 2026 |
| CVE-2026-4900 | Medium | 5.3 |
A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the fil…
|
— | Mar 26, 2026 |
| CVE-2026-4281 | Medium | 5.3 |
The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to Missing Authorization in all versions up t…
|
— | Mar 26, 2026 |
| CVE-2026-33017 | Critical | 9.8 |
Langflow Langflow — CVE-2026-33017
Langflow contains a code injection vulnerability that could allow building public flo…
|
— | Mar 25, 2026 |