🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-4632 | High | 7.3 |
A weakness has been identified in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of …
|
— | Mar 24, 2026 |
| CVE-2026-4625 | High | 7.3 |
A flaw has been found in SourceCodester Online Admission System 1.0. This affects an unknown function of the file /progr…
|
— | Mar 24, 2026 |
| CVE-2026-4623 | High | 7.3 |
A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c…
|
— | Mar 24, 2026 |
| CVE-2026-4624 | High | 7.3 |
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown …
|
— | Mar 24, 2026 |
| CVE-2026-4613 | High | 7.3 |
A vulnerability was found in SourceCodester E-Commerce Site 1.0. This vulnerability affects unknown code of the file /pr…
|
— | Mar 24, 2026 |
| CVE-2026-33157 | High | 7.2 |
Craft CMS is a content management system (CMS). From version 5.6.0 to before version 5.9.13, a Remote Code Execution (RC…
|
⚡ Exploit ✅ Patch | Mar 24, 2026 |
| CVE-2026-4627 | High | 7.2 |
A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handler_update_system_tim…
|
— | Mar 24, 2026 |
| CVE-2026-33539 | High | 7.2 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…
|
✅ Patch | Mar 24, 2026 |
| CVE-2019-25638 | High | 7.1 |
Meeplace Business Review Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute…
|
— | Mar 24, 2026 |
| CVE-2026-33502 | Critical | 9.3 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, an unauthenticated server-side reque…
|
⚡ Exploit ✅ Patch | Mar 23, 2026 |
| CVE-2025-60949 | Critical | 9.1 |
Census CSWeb 8.0.1 allows "app/config" to be reachable via HTTP in some deployments. A remote, unauthenticated attacker …
|
✅ Patch | Mar 23, 2026 |
| CVE-2026-33634 | High | 8.8 |
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy…
|
⚡ Exploit | Mar 23, 2026 |
| CVE-2026-23480 | High | 8.8 |
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is a privilege escalation vulnerability.…
|
✅ Patch | Mar 23, 2026 |
| CVE-2026-4565 | High | 8.8 |
A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetN…
|
— | Mar 23, 2026 |
| CVE-2026-4566 | High | 8.8 |
A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/for…
|
— | Mar 23, 2026 |
| CVE-2026-33046 | High | 8.8 |
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In vers…
|
✅ Patch | Mar 23, 2026 |
| CVE-2026-33480 | High | 8.6 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `isSSRFSafeURL()` function in AV…
|
⚡ Exploit ✅ Patch | Mar 23, 2026 |
| CVE-2026-33513 | High | 8.6 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, an unauthenticated API endpoint (`AP…
|
⚡ Exploit | Mar 23, 2026 |
| CVE-2026-32845 | High | 8.4 |
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate() function when validating …
|
— | Mar 23, 2026 |
| CVE-2026-33649 | High | 8.1 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `plugin/Permissions/setPermissio…
|
⚡ Exploit | Mar 23, 2026 |