🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-23635 | Medium | 6.5 |
Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of …
|
— | Mar 25, 2026 |
| CVE-2026-33246 | Medium | 6.4 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server offers a…
|
— | Mar 25, 2026 |
| CVE-2026-33223 | Medium | 6.4 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.1…
|
— | Mar 25, 2026 |
| CVE-2026-4825 | Medium | 6.3 |
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /up…
|
— | Mar 25, 2026 |
| CVE-2025-14810 | Medium | 6.3 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been mod…
|
— | Mar 25, 2026 |
| CVE-2025-64646 | Medium | 6.2 |
IBM Concert 1.0.0 through 2.2.0 could allow an attacker to access sensitive information in memory due to the buffer not …
|
— | Mar 25, 2026 |
| CVE-2025-12708 | Medium | 6.2 |
IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user.
|
— | Mar 25, 2026 |
| CVE-2026-20115 | Medium | 6.1 |
A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confide…
|
— | Mar 25, 2026 |
| CVE-2025-40842 | Medium | 6.1 |
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a
Cross-Site Scripting (XSS) vulnerability which, if exp…
|
— | Mar 25, 2026 |
| CVE-2026-20104 | Medium | 6.1 |
A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS93…
|
— | Mar 25, 2026 |
| CVE-2025-64648 | Medium | 5.9 |
IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an attacker to obtain sensitive informatio…
|
— | Mar 25, 2026 |
| CVE-2026-27656 | Medium | 5.7 |
Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to properly validate …
|
— | Mar 25, 2026 |
| CVE-2026-2483 | Medium | 5.4 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to cross-site scripting. This vulnerability al…
|
— | Mar 25, 2026 |
| CVE-2026-3591 | Medium | 5.4 |
A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a spec…
|
— | Mar 25, 2026 |
| CVE-2026-4816 | Medium | 5.4 |
A Reflected Cross Site Scripting (XSS) vulnerability has been found in Support Board v3.7.7. This vulnerability allows a…
|
— | Mar 25, 2026 |
| CVE-2026-1015 | Medium | 5.4 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This ma…
|
— | Mar 25, 2026 |
| CVE-2026-1561 | Medium | 5.4 |
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnera…
|
— | Mar 25, 2026 |
| CVE-2026-20108 | Medium | 5.4 |
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, rem…
|
— | Mar 25, 2026 |
| CVE-2025-14912 | Medium | 5.4 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This ma…
|
— | Mar 25, 2026 |
| CVE-2026-20114 | Medium | 5.4 |
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, …
|
— | Mar 25, 2026 |