Total
9615 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-28682 | 2026-03-06 | N/A | 6.4 MEDIUM | ||
|
Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, the upload status SSE implementation on /uploadStatus publishes global upload state to any authenticated listener and includes file_id values that are not scoped to the requesting user. This issue has been patched in version 2.2.3.
|
|||||
| CVE-2026-28675 | 2026-03-06 | N/A | 5.3 MEDIUM | ||
|
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, some endpoints returned raw exception strings to clients. Additionally, login token material was exposed in UI/rendered responses and token rotation output. This issue has been patched in version 1.6.3-alpha.
|
|||||
| CVE-2026-0025 | 1 Google | 1 Android | 2026-03-06 | N/A | 8.4 HIGH |
|
In hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2026-0005 | 1 Google | 1 Android | 2026-03-06 | N/A | 6.2 MEDIUM |
|
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and impact is app-dependent with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2025-48642 | 1 Google | 1 Android | 2026-03-06 | N/A | 5.5 MEDIUM |
|
In jump_to_payload of payload.rs, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2025-48635 | 1 Google | 1 Android | 2026-03-06 | N/A | 7.7 HIGH |
|
In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2026-2589 | 2026-03-06 | N/A | 5.3 MEDIUM | ||
|
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to extract sensitive data including the configured OpenAI, Claude, Google Maps, Gemini, DeepSeek, and Cloudflare Turnstile API keys.
|
|||||
| CVE-2026-28434 | 1 Yhirose | 1 Cpp-httplib | 2026-03-05 | N/A | 5.3 MEDIUM |
|
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the application has not registered a custom exception handler via set_exception_handler(), the library catches the exception and writes its message directly into the HTTP response as a header named EXCEPTION_WHAT. This header is sent to whoever made the request, with no authentication check and no special configuration required to trigger it. The be ...
Show More |
|||||
| CVE-2026-28492 | 2026-03-05 | N/A | N/A | ||
|
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.0, when a user creates a public share link for a directory, the withHashFile middleware in http/public.go uses filepath.Dir(link.Path) to compute the BasePathFs root. This sets the filesystem root to the parent directory instead of the shared directory itself, allowing anyone with the share link to browse and download files from ...
Show More |
|||||
| CVE-2025-68467 | 2026-03-05 | N/A | 3.4 LOW | ||
|
Dark Reader is an accessibility browser extension that makes web pages colors dark. The dynamic dark mode feature of the extension works by analyzing the colors of web pages found in CSS style sheet files. In order to analyze cross-origin style sheets (stored on websites different from the original web page), Dark Reader requests such files via a background worker, ensuring the request is performed with no credentials and that the content type of the response is a CSS file. Prior to Dark Reader ...
Show More |
|||||
| CVE-2025-64427 | 1 Zimaspace | 1 Zimaos | 2026-03-05 | N/A | 7.1 HIGH |
|
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or restriction of target URLs, an authenticated local user can craft requests that target internal IP addresses (e.g., 127.0.0.1, localhost, or private network ranges). This allows the attacker to interact with internal HTTP/HTTPS services that are not intended to be exposed externally or to local users. No known patch is publicly available.
|
|||||
| CVE-2026-2747 | 1 Seppmail | 1 Seppmail | 2026-03-05 | N/A | 7.5 HIGH |
|
SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor.
|
|||||
| CVE-2026-28415 | 1 Gradio Project | 1 Gradio | 2026-03-05 | N/A | 4.3 MEDIUM |
|
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton). Starting in version 6.6.0, the _target_url parameter is sanitized to only use the path, quer ...
Show More |
|||||
| CVE-2026-2975 | 1 Fastapiadmin | 1 Fastapiadmin | 2026-03-05 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A security flaw has been discovered in FastApiAdmin up to 2.2.0. Affected by this vulnerability is the function reset_api_docs of the file /backend/app/plugin/init_app.py of the component Custom Documentation Endpoint. The manipulation results in information disclosure. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.
|
|||||
| CVE-2026-2976 | 1 Fastapiadmin | 1 Fastapiadmin | 2026-03-05 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A weakness has been identified in FastApiAdmin up to 2.2.0. Affected by this issue is the function download_controller of the file /backend/app/api/v1/module_common/file/controller.py of the component Download Endpoint. This manipulation of the argument file_path causes information disclosure. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.
|
|||||
| CVE-2026-25146 | 1 Open-emr | 1 Openemr | 2026-03-04 | N/A | 9.6 CRITICAL |
|
OpenEMR is a free and open source electronic health records and medical practice management application. From 5.0.2 to before 8.0.0, there are (at least) two paths where the gateway_api_key secret value is rendered to the client in plaintext. These secret keys being leaked could result in arbitrary money movement or broad account takeover of payment gateway APIs. This vulnerability is fixed in 8.0.0.
|
|||||
| CVE-2026-20133 | 1 Cisco | 1 Catalyst Sd-wan Manager | 2026-03-04 | N/A | 6.5 MEDIUM |
|
A vulnerability in Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to view sensitive information on an affected system.
This vulnerability is due to insufficient file system access restrictions. An attacker could exploit this vulnerability by accessing the API of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.
|
|||||
| CVE-2025-66623 | 1 Linuxfoundation | 1 Strimzi | 2026-03-04 | N/A | 7.4 HIGH |
|
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 and prior to 0.49.1, in some situations, Strimzi creates an incorrect Kubernetes Role which grants the Apache Kafka Connect and Apache Kafka MirrorMaker 2 operands the GET access to all Kubernetes Secrets that exist in the given Kubernetes namespace. The issue is fixed in Strimzi 0.49.1.
|
|||||
| CVE-2026-2025 | 2026-03-04 | N/A | 7.5 HIGH | ||
|
The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog
|
|||||
| CVE-2026-1980 | 2026-03-04 | N/A | 5.3 MEDIUM | ||
|
The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'get_customer_list' route in all versions up to, and including, 1.0.8. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including names, emails, phone numbers, dates of birth, and gender.
|
|||||
| CVE-2026-3058 | 2026-03-04 | N/A | 4.3 MEDIUM | ||
|
The Seraphinite Accelerator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.28.14 via the `seraph_accel_api` AJAX action with `fn=GetData`. This is due to the `OnAdminApi_GetData()` function not performing any capability checks. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive operational data including cache status, scheduled task information, and external database state ...
Show More |
|||||
| CVE-2026-28559 | 1 Gvectors | 1 Wpforo Forum | 2026-03-04 | N/A | 5.3 MEDIUM |
|
wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers request the RSS feed without a forum ID parameter, bypassing the privacy and status WHERE clauses that are only applied when a specific forum ID is present in the query.
|
|||||
| CVE-2026-27452 | 1 Jonathanwilbur | 1 Asn1-ts | 2026-03-03 | N/A | 5.3 MEDIUM |
|
ASN.1 TypeScript ESM library, including codecs for Basic Encoding Rules (BER) and Distinguished Encoding Rules (DER). In versions 11.0.5 and below, in some cases, decoding an INTEGER could leak the underlying ArrayBuffer. This issue is expected to be fixed in version 11.0.6.
|
|||||
| CVE-2026-21928 | 1 Oracle | 1 Solaris | 2026-03-03 | N/A | 5.3 MEDIUM |
|
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
|
|||||
| CVE-2025-37165 | 2026-03-02 | N/A | 7.5 HIGH | ||
|
A vulnerability in the router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor could gain knowledge of internal network configuration details through inspecting impacted packets.
|
|||||
| CVE-2026-27162 | 1 Discourse | 1 Discourse | 2026-03-02 | N/A | 4.9 MEDIUM |
|
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, `posts_nearby` was checking topic access but then returning all posts regardless of type, including whispers that should only be visible to whisperers. Use `Post.secured(guardian)` to properly filter post types based on user permissions. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the issue. No known workarounds are available.
|
|||||
| CVE-2026-23597 | 1 Hpe | 1 Aruba Networking Private 5g Core | 2026-03-02 | N/A | 6.5 MEDIUM |
|
Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to access details such as user accounts, roles, and system configuration, as well as to gain insight into internal services and workflows, increasing the risk of unauthorized access and elevated privileges when combined with other vulnerabilities.
|
|||||
| CVE-2024-26480 | 1 Statping-ng | 1 Statping-ng | 2026-02-28 | N/A | 7.5 HIGH |
|
An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the admin parameter.
|
|||||
| CVE-2026-28213 | 1 Evershop | 1 Evershop | 2026-02-28 | N/A | 9.8 CRITICAL |
|
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated account. Version 2.1.1 fixes the issue.
|
|||||
| CVE-2026-27611 | 1 Gtsteffaniak | 1 Filebrowser Quantum | 2026-02-27 | N/A | 6.5 MEDIUM |
|
FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This happens because the API returns a direct download link in the details of the share, which is accessible to anyone with JUST THE SHARE LINK, even without the password. Versions 1.1.3-stable and 1.2.6-beta fix the issue.
|
|||||
| CVE-2026-28276 | 1 Morelitea | 1 Initiative | 2026-02-27 | N/A | 7.5 HIGH |
|
Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentication or authorization checks. Any uploaded file can be accessed directly via its URL by unauthenticated users (e.g., in an incognito browser session), leading to potential disclosure of sensitive documents. The problem was patched in v0.32.2, and the patch was ...
Show More |
|||||
| CVE-2025-60344 | 2026-02-27 | N/A | 8.6 HIGH | ||
|
A path traversal (directory traversal) vulnerability in D-Link DSR series routers allows unauthenticated remote attackers to manipulate input parameters used for file or directory path resolution (e.g., via sequences such as “../”). Successful exploitation may allow access to files outside of the intended directory, potentially exposing sensitive system or configuration files. The issue results from insufficient validation or sanitization of user-supplied input. Affected Products include: DSR-15 ...
Show More |
|||||
| CVE-2026-27457 | 1 Weblate | 1 Weblate | 2026-02-27 | N/A | 4.3 MEDIUM |
|
Weblate is a web based localization tool. Prior to version 5.16.1, the REST API's `AddonViewSet` (`weblate/api/views.py`, line 2831) uses `queryset = Addon.objects.all()` without overriding `get_queryset()` to scope results by user permissions. This allows any authenticated user (or anonymous users if `REQUIRE_LOGIN` is not set) to list and retrieve ALL addons across all projects and components via `GET /api/addons/` and `GET /api/addons/{id}/`. Version 5.16.1 fixes the issue.
|
|||||
| CVE-2026-21722 | 1 Grafana | 1 Grafana | 2026-02-27 | N/A | 5.3 MEDIUM |
|
Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange.
This did not leak any annotations that would not otherwise be visible on the public dashboard.
|
|||||
| CVE-2026-24487 | 1 Open-emr | 1 Openemr | 2026-02-27 | N/A | 6.5 MEDIUM |
|
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the FHIR CareTeam resource endpoint allows patient-scoped FHIR tokens to access care team data for all patients instead of being restricted to only the authenticated patient's data. This could potentially lead to unauthorized disclosure of Protected Health Information (PHI), including patient-provider relationships and care team ...
Show More |
|||||
| CVE-2026-2244 | 2026-02-27 | N/A | N/A | ||
|
A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script.
All instances after January 30th, 2026 have been patched to protect from this vulnerability. No user action is required for this.
|
|||||
| CVE-2026-24498 | 2026-02-27 | N/A | N/A | ||
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. IpTIME AX6000M allows Authentication Bypass.This issue affects ipTIME T5008: through 15.26.8; ipTIME AX2004M: through 15.26.8; ipTIME AX3000Q: through 15.26.8; ipTIME AX6000M: through 15.26.8.
|
|||||
| CVE-2025-9572 | 2026-02-27 | N/A | 5.0 MEDIUM | ||
|
n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass.
|
|||||
| CVE-2025-9907 | 2026-02-27 | N/A | 6.7 MEDIUM | ||
|
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure headers via the test_headers field when an event stream is in test mode. The possible outcome includes leakage of internal infrastructure details, accidental disclosure of user or system credentials, privilege escalation if high-value tokens are exposed, and persistent sensitive data exposure to al ...
Show More |
|||||
| CVE-2025-9908 | 2026-02-27 | N/A | 6.7 MEDIUM | ||
|
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructure headers (such as X-Trusted-Proxy and X-Envoy-*) and event stream URLs via crafted requests and job templates. By exfiltrating these headers, an attacker could spoof trusted requests, escalate privileges, or perform malicious event injection.
|
|||||