🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-33634 | High | 8.8 |
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy…
|
⚡ Exploit | Mar 23, 2026 |
| CVE-2026-4565 | High | 8.8 |
A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetN…
|
— | Mar 23, 2026 |
| CVE-2026-4566 | High | 8.8 |
A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/for…
|
— | Mar 23, 2026 |
| CVE-2026-23480 | High | 8.8 |
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is a privilege escalation vulnerability.…
|
✅ Patch | Mar 23, 2026 |
| CVE-2026-33513 | High | 8.6 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, an unauthenticated API endpoint (`AP…
|
⚡ Exploit | Mar 23, 2026 |
| CVE-2026-33480 | High | 8.6 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `isSSRFSafeURL()` function in AV…
|
⚡ Exploit ✅ Patch | Mar 23, 2026 |
| CVE-2026-32845 | High | 8.4 |
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate() function when validating …
|
— | Mar 23, 2026 |
| CVE-2026-33651 | High | 8.1 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `remindMe.json.php` endpoint pas…
|
⚡ Exploit ✅ Patch | Mar 23, 2026 |
| CVE-2026-33649 | High | 8.1 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `plugin/Permissions/setPermissio…
|
⚡ Exploit | Mar 23, 2026 |
| CVE-2026-4645 | High | 7.5 |
A flaw was found in the `github.com/antchfx/xpath` component. A remote attacker could exploit this vulnerability by subm…
|
— | Mar 23, 2026 |
| CVE-2026-32969 | High | 7.5 |
An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint’s a…
|
— | Mar 23, 2026 |
| CVE-2026-23482 | High | 7.5 |
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the file server endpoint does not perform perm…
|
✅ Patch | Mar 23, 2026 |
| CVE-2026-2580 | High | 7.5 |
The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnera…
|
— | Mar 23, 2026 |
| CVE-2026-4306 | High | 7.5 |
The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, …
|
— | Mar 23, 2026 |
| CVE-2026-33488 | High | 7.4 |
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `createKeys()` function in the L…
|
⚡ Exploit ✅ Patch | Mar 23, 2026 |
| CVE-2026-4581 | High | 7.3 |
A weakness has been identified in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /…
|
— | Mar 23, 2026 |
| CVE-2026-4612 | High | 7.3 |
A vulnerability has been found in itsourcecode Free Hotel Reservation System 1.0. This affects an unknown part of the fi…
|
— | Mar 23, 2026 |
| CVE-2026-4594 | High | 7.3 |
A vulnerability has been found in erupts erupt up to 1.13.3. Affected by this issue is the function geneEruptHqlOrderBy …
|
— | Mar 23, 2026 |
| CVE-2026-4562 | High | 7.3 |
A security flaw has been discovered in MacCMS 2025.1000.4052. This affects an unknown part of the file application/api/c…
|
— | Mar 23, 2026 |
| CVE-2026-4579 | High | 7.3 |
A vulnerability was identified in code-projects Simple Laundry System 1.0. This affects an unknown function of the file …
|
— | Mar 23, 2026 |