Total CVEs

141,249

Critical Severity

3,795

High Severity

13,708

Last 7 Days

2,216
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 8,201 - 8,220 of 13,819 CVEs
CVE-2026-33721 MEDIUM - 5.3

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD (Styled Layer Descriptor) parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with more...

Vendor: MapServer
Product: MapServer
Published: Mar 27, 2026
Source: NVD
CVE-2026-29070 MEDIUM - 5.4

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an access control check is missing when deleting a file from a knowledge base. The only check being done is that the user has write access to the knowledge base (or is admin), b...

Vendor: open-webui
Product: open-webui
Published: Mar 27, 2026
Source: NVD
CVE-2026-28786 MEDIUM - 4.3

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a `FileNotFoundError` whose message — including the...

Vendor: open-webui
Product: open-webui
Published: Mar 27, 2026
Source: NVD
CVE-2026-33743 MEDIUM - 6.5

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a...

Vendor: lxc
Product: incus
Published: Mar 26, 2026
Source: NVD
CVE-2026-33711 MEDIUM - 7.8

Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable pa...

Vendor: lxc
Product: incus
Published: Mar 26, 2026
Source: NVD
CVE-2026-33916 MEDIUM - 4.7

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, `resolvePartial()` in the Handlebars runtime resolves partial names via a plain property lookup on `options.partials` without guarding against prototype-chain traversal. When `Object.proto...

Vendor: npm
Product: handlebars
Published: Mar 26, 2026
Source: GitHub
CVE-2026-4900 MEDIUM - 5.3

A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file /dbfood/localhost.sql. This manipulation causes files or directories accessible. The attack can be initiated remotely. The exploit has been made available to the public and could...

Published: Mar 26, 2026
Source: NVD
CVE-2026-4898 MEDIUM - 4.3

A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /dbfood/contact.php. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploi...

Published: Mar 26, 2026
Source: NVD
CVE-2026-4346 MEDIUM - 6.8

The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the seri...

Vendor: tp-link
Product: tl-wr850n_firmware
Published: Mar 26, 2026
Source: NVD
CVE-2026-33653 MEDIUM - 4.6

Ulloady is a file uploader script with multi-file upload support. A Stored Cross-Site Scripting (XSS) vulnerability exists in versions prior to 3.1.2 due to improper sanitization of filenames during the file upload process. An attacker can upload a file with a malicious filename containing JavaScrip...

Vendor: farisc0de
Product: Uploady
Published: Mar 26, 2026
Source: NVD
CVE-2026-1556 MEDIUM - 6.5

Information disclosure in the file URI processing of File (Field) Paths in Drupal File (Field) Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hook_node_insert() consumers (for example, email atta...

Vendor: deciphered
Product: filefield_paths
Published: Mar 26, 2026
Source: NVD
CVE-2026-0748 MEDIUM - 4.3

In the Drupal 7 Internationalization (i18n) module, the i18n_node submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its autocomplete widget. This bypasses intende...

Vendor: internationalization_project
Product: internationalization
Published: Mar 26, 2026
Source: NVD
CVE-2026-33907 MEDIUM - 6.5

Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connect...

Vendor: go
Product: github.com/ellanetworks/core
Published: Mar 26, 2026
Source: GitHub
CVE-2026-33904 MEDIUM - 6.5

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a den...

Vendor: go
Product: github.com/ellanetworks/core
Published: Mar 26, 2026
Source: GitHub
CVE-2026-33903 MEDIUM - 6.5

Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing a specially crafted NGAP LocationReport message. An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected subscribers. Version 1....

Vendor: go
Product: github.com/ellanetworks/core
Published: Mar 26, 2026
Source: GitHub
CVE-2026-4393 MEDIUM - 4.3

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Automated Logout allows Cross Site Request Forgery.This issue affects Automated Logout: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.2.

Vendor: ajk
Product: automated_logout
Published: Mar 26, 2026
Source: NVD
CVE-2026-3532 MEDIUM - 4.2

Improper Handling of Case Sensitivity vulnerability in Drupal OpenID Connect / OAuth client allows Privilege Escalation.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0.

Vendor: bojanz
Product: openid_connect_\/_oauth_client
Published: Mar 26, 2026
Source: NVD
CVE-2026-3531 MEDIUM - 6.5

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal OpenID Connect / OAuth client allows Authentication Bypass.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0.

Vendor: bojanz
Product: openid_connect_\/_oauth_client
Published: Mar 26, 2026
Source: NVD
CVE-2026-3530 MEDIUM - 4.3

Server-Side Request Forgery (SSRF) vulnerability in Drupal OpenID Connect / OAuth client allows Server Side Request Forgery.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0.

Vendor: bojanz
Product: openid_connect_\/_oauth_client
Published: Mar 26, 2026
Source: NVD
CVE-2026-3529 MEDIUM - 6.1

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Google Analytics GA4 allows Cross-Site Scripting (XSS).This issue affects Google Analytics GA4: from 0.0.0 before 1.1.14.

Vendor: sujanshrestha
Product: google_analytics_ga4
Published: Mar 26, 2026
Source: NVD