🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2025-14912 | Medium | 5.4 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This ma…
|
— | Mar 25, 2026 |
| CVE-2026-20114 | Medium | 5.4 |
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, …
|
— | Mar 25, 2026 |
| CVE-2026-1015 | Medium | 5.4 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This ma…
|
— | Mar 25, 2026 |
| CVE-2026-20108 | Medium | 5.4 |
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, rem…
|
— | Mar 25, 2026 |
| CVE-2026-1561 | Medium | 5.4 |
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnera…
|
— | Mar 25, 2026 |
| CVE-2026-20113 | Medium | 5.3 |
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software…
|
— | Mar 25, 2026 |
| CVE-2026-33722 | Medium | 5.3 |
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without …
|
— | Mar 25, 2026 |
| CVE-2025-36440 | Medium | 5.1 |
IBM Concert 1.0.0 through 2.2.0 could allow a local user to obtain sensitive information due to missing function level a…
|
— | Mar 25, 2026 |
| CVE-2025-36438 | Medium | 5.1 |
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restrictio…
|
— | Mar 25, 2026 |
| CVE-2025-41660 | High | 8.8 |
A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enab…
|
— | Mar 24, 2026 |
| CVE-2026-30932 | High | 8.8 |
Froxlor is open source server administration software. Prior to version 2.3.5, the DomainZones.add API endpoint (accessi…
|
⚡ Exploit ✅ Patch | Mar 24, 2026 |
| CVE-2026-4639 | High | 8.8 |
Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated rem…
|
— | Mar 24, 2026 |
| CVE-2026-33336 | High | 8.8 |
Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, t…
|
⚡ Exploit | Mar 24, 2026 |
| CVE-2019-25647 | High | 8.8 |
PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attac…
|
⚡ Exploit | Mar 24, 2026 |
| CVE-2026-3533 | High | 8.8 |
The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on import_pop…
|
— | Mar 24, 2026 |
| CVE-2026-4690 | High | 8.6 |
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects…
|
— | Mar 24, 2026 |
| CVE-2026-4687 | High | 8.6 |
Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149…
|
— | Mar 24, 2026 |
| CVE-2019-25626 | High | 8.4 |
River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows lo…
|
— | Mar 24, 2026 |
| CVE-2019-25627 | High | 8.4 |
FlexHEX 2.71 contains a local buffer overflow vulnerability in the Stream Name field that allows local attackers to exec…
|
— | Mar 24, 2026 |
| CVE-2019-25629 | High | 8.4 |
AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functional…
|
⚡ Exploit | Mar 24, 2026 |