Total CVEs

141,292

Critical Severity

3,799

High Severity

13,738

Last 7 Days

1,667
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 9,021 - 9,040 of 13,828 CVEs
CVE-2026-32119 MEDIUM - 4.4

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, DOM-based stored XSS in the jQuery SearchHighlight plugin (`library/js/SearchHighlight.js`) allows an authenticated user with encounter form write access to inject arbitrary Jav...

Vendor: openemr
Product: openemr
Published: Mar 19, 2026
Source: NVD
CVE-2026-25928 MEDIUM - 6.5

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, the DICOM zip/export feature uses a user-supplied destination or path component when creating the zip file, without sanitizing path traversal sequences (e.g. `../`). An attacker...

Vendor: openemr
Product: openemr
Published: Mar 19, 2026
Source: NVD
CVE-2026-25744 MEDIUM - 6.5

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, the encounter vitals API accepts an `id` in the request body and treats it as an UPDATE. There is no verification that the vital belongs to the current patient or encounter. An ...

Vendor: openemr
Product: openemr
Published: Mar 19, 2026
Source: NVD
CVE-2026-4267 MEDIUM - 6.1

The Query Monitor – The developer tools panel for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the β€˜$_SERVER['REQUEST_URI']’ parameter in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping. This makes i...

Vendor: composer
Product: johnbillion/query-monitor
Published: Mar 19, 2026
Source: GitHub
CVE-2026-33349 MEDIUM - 5.9

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. From version 4.0.0-beta.3 to before version 5.5.7, the DocTypeReader in fast-xml-parser uses JavaScript truthy checks to evaluate maxEntityCount and maxEntitySize configuration limits. When a devel...

Vendor: npm
Product: fast-xml-parser
Published: Mar 19, 2026
Source: GitHub

league/commonmark is a PHP Markdown parser. From version 2.3.0 to before version 2.8.2, the DomainFilteringAdapter in the Embed extension is vulnerable to an allowlist bypass due to a missing hostname boundary assertion in the domain-matching regex. An attacker-controlled domain like youtube.com.evi...

Vendor: composer
Product: league/commonmark
Published: Mar 19, 2026
Source: GitHub
CVE-2026-33332 MEDIUM - 5.3

NiceGUI is a Python-based UI framework. Prior to version 3.9.0, NiceGUI's app.add_media_file() and app.add_media_files() media routes accept a user-controlled query parameter that influences how files are read during streaming. The parameter is passed to the range-response implementation withou...

Vendor: pip
Product: nicegui
Published: Mar 19, 2026
Source: GitHub
CVE-2026-33326 MEDIUM - 4.3

Keystone is a content management system for Node.js. Prior to version 6.5.2, {field}.isFilterable access control can be bypassed in findMany queries by passing a cursor. This can be used to confirm the existence of records by protected field values. The fix for CVE-2025-46720 (field-level isFilterab...

Vendor: npm
Product: @keystone-6/core
Published: Mar 19, 2026
Source: GitHub
CVE-2026-33323 MEDIUM - 5.3

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.51 and 9.6.0-alpha.40, the Pages route and legacy PublicAPI route for resending email verification links return distinguishable responses depending on whether the provided us...

Vendor: npm
Product: parse-server
Published: Mar 19, 2026
Source: GitHub
CVE-2026-26940 MEDIUM - 6.5

Improper Validation of Specified Quantity in Input (CWE-1284) in the Timelion visualization plugin in Kibana can lead Denial of Service via Excessive Allocation (CAPEC-130). The vulnerability allows an authenticated user to send a specially crafted Timelion expression that overwrites internal series...

Vendor: Elastic
Product: Kibana
Published: Mar 19, 2026
Source: NVD
CVE-2026-26939 MEDIUM - 6.5

Missing Authorization (CWE-862) in Kibana’s server-side Detection Rule Management can lead to Unauthorized Endpoint Response Action Configuration (host isolation, process termination, and process suspension) via CAPEC-1 (Accessing Functionality Not Properly Constrained by ACLs). This requires an aut...

Vendor: Elastic
Product: Kibana
Published: Mar 19, 2026
Source: NVD
CVE-2026-26933 MEDIUM - 5.7

Improper Validation of Array Index (CWE-129) in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger out-of-...

Vendor: Elastic
Product: Packetbeat
Published: Mar 19, 2026
Source: NVD
CVE-2025-67115 MEDIUM - 6.5

A path traversal vulnerability in /ftl/web/setup.cgi in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote authenticated users to read arbitrary files from the filesystem via crafted values in the log_type parameter to /logsave.htm.

Published: Mar 19, 2026
Source: NVD
CVE-2026-33314 MEDIUM - 6.5

pyLoad is a free and open-source download manager written in Python. Prior to version 0.5.0b3.dev97, a Host Header Spoofing vulnerability in the @local_check decorator allows unauthenticated external attackers to bypass local-only restrictions. This grants access to the Click'N'Load API en...

Vendor: pip
Product: pyload-ng
Published: Mar 19, 2026
Source: GitHub
CVE-2026-33306 MEDIUM - 7.5

bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt() password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...

Vendor: rubygems
Product: bcrypt
Published: Mar 19, 2026
Source: GitHub
CVE-2026-33311 MEDIUM - 4.7

DiceBear is an avatar library for designers and developers. Starting in version 5.0.0 and prior to versions 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1, SVG attribute values derived from user-supplied options (`backgroundColor`, `fontFamily`, `textColor`) were not XML-escaped before interpolation into SVG...

Vendor: npm
Product: @dicebear/core
Published: Mar 19, 2026
Source: GitHub
CVE-2026-33283 MEDIUM - 6.5

Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing malformed UL NAS Transport NAS messages without a Request Type. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected subscribe...

Vendor: go
Product: github.com/ellanetworks/core
Published: Mar 19, 2026
Source: GitHub
CVE-2026-33281 MEDIUM - 6.5

Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing NGAP messages with invalid PDU Session IDs outside of 1-15. An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected subscribers....

Vendor: go
Product: github.com/ellanetworks/core
Published: Mar 19, 2026
Source: GitHub
CVE-2026-32889 MEDIUM - 6.5

tinytag is a Python library for reading audio file metadata. Version 2.2.0 allows an attacker who can supply MP3 files for parsing to trigger a non-terminating loop while the library parses an ID3v2 SYLT (synchronized lyrics) frame. In server-side deployments that automatically parse attacker-suppli...

Vendor: pip
Product: tinytag
Published: Mar 19, 2026
Source: GitHub
CVE-2026-33297 MEDIUM - 9.1

WWBN AVideo is an open source video platform. Prior to version 26.0, the `setPassword.json.php` endpoint in the CustomizeUser plugin allows administrators to set a channel password for any user. Due to a logic error in how the submitted password value is processed, any password containing non-numeri...

Vendor: composer
Product: wwbn/avideo
Published: Mar 19, 2026
Source: GitHub