🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-4662 | High | 7.5 |
The JetEngine plugin for WordPress is vulnerable to SQL Injection via the `listing_load_more` AJAX action in all version…
|
— | Mar 24, 2026 |
| CVE-2026-32854 | High | 7.5 |
LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the…
|
⚡ Exploit ✅ Patch | Mar 24, 2026 |
| CVE-2026-4686 | High | 7.5 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR…
|
— | Mar 24, 2026 |
| CVE-2026-33306 | High | 7.5 |
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt() password hashing algorithm. Prior to version 3.1.22, an integer o…
|
✅ Patch | Mar 24, 2026 |
| CVE-2026-33176 | High | 7.5 |
Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to v…
|
✅ Patch | Mar 24, 2026 |
| CVE-2026-33174 | High | 7.5 |
Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, a…
|
✅ Patch | Mar 24, 2026 |
| CVE-2026-33241 | High | 7.5 |
Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations (`form_data()` method …
|
⚡ Exploit ✅ Patch | Mar 24, 2026 |
| CVE-2026-4706 | High | 7.5 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR…
|
— | Mar 24, 2026 |
| CVE-2026-4694 | High | 7.5 |
Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability affects Firefox < 149, Fir…
|
— | Mar 24, 2026 |
| CVE-2026-4714 | High | 7.5 |
Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.…
|
— | Mar 24, 2026 |
| CVE-2026-4727 | High | 7.5 |
Denial-of-service in the Libraries component in NSS. This vulnerability affects Firefox < 149 and Thunderbird < 149.
|
— | Mar 24, 2026 |
| CVE-2026-4697 | High | 7.5 |
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefo…
|
— | Mar 24, 2026 |
| CVE-2026-4709 | High | 7.5 |
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR <…
|
— | Mar 24, 2026 |
| CVE-2026-4713 | High | 7.5 |
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, …
|
— | Mar 24, 2026 |
| CVE-2026-4726 | High | 7.5 |
Denial-of-service in the XML component. This vulnerability affects Firefox < 149 and Thunderbird < 149.
|
— | Mar 24, 2026 |
| CVE-2026-4640 | High | 7.5 |
Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated re…
|
— | Mar 24, 2026 |
| CVE-2026-4704 | High | 7.5 |
Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thu…
|
— | Mar 24, 2026 |
| CVE-2026-4712 | High | 7.5 |
Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Th…
|
— | Mar 24, 2026 |
| CVE-2026-4708 | High | 7.5 |
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, …
|
— | Mar 24, 2026 |
| CVE-2026-27651 | High | 7.5 |
When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause …
|
— | Mar 24, 2026 |