Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.5 HIGH
CVE-2026-33242 — Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass

Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated e…

salvo | Remote | Path Traversal
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
8.7 HIGH
CVE-2026-33241 — Salvo Affected by Denial of Service via Unbounded Memory Allocation in Form Data Parsing

Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations (`form_data()` method and `Extractible` macro) do not enforce payload size limits before reading requ…

salvo | Remote | Denial of Service
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
9.6 CRITICAL
CVE-2026-33211 — Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from…

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines…

tekton_pipelines | Remote | Path Traversal
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
6.6 MEDIUM
CVE-2026-33202 — Rails Active Storage has possible glob injection in its DiskService

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#delete_prefixed` passes blob keys dir…

Remote | Path Traversal
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
8.0 HIGH
CVE-2026-33195 — Rails Active Storage has possible Path Traversal in DiskService

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#path_for` does not validate that the …

Remote | Path Traversal
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
6.6 MEDIUM
CVE-2026-33176 — Rails Active Support has a possible DoS vulnerability in its number helpers

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Support number helpers accept str…

Remote | Denial of Service
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
6.6 MEDIUM
CVE-2026-33174 — Rails Active Storage has a possible DoS vulnerability when in proxy mode via Range reques…

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when serving files through Active Storage's proxy delivery mode, th…

Remote | Denial of Service
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
5.3 MEDIUM
CVE-2026-33173 — Rails Active Storage has possible content type bypass via metadata in direct uploads

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, `DirectUploadsController` accepts arbitrary metadata from the clien…

Remote | Misconfiguration
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
5.3 MEDIUM
CVE-2026-33170 — Rails Active Support has a possible XSS vulnerability in SafeBuffer#%

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, `SafeBuffer#%` does not propagate the `@…

Remote | Cross-Site Scripting
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
6.9 MEDIUM
CVE-2026-33169 — Rails Active Support has a possible ReDoS vulnerability in number_to_delimited

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. `NumberToDelimitedConverter` uses a lookahead-based regular expression with `gsub!` to in…

Remote | Denial of Service
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
7.5 HIGH
CVE-2026-4306 — WP Job Portal <= 2.4.8 - Unauthenticated SQL Injection via 'radius' Parameter

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied paramete…

Remote | Injection
Mar 23, 2026 Mar 23, 2026
Mar 23, 2026
Mar 23, 2026
4.3 MEDIUM
CVE-2026-4066 — Smart Custom Fields <= 5.0.6 - Missing Authorization to Authenticated (Contributor+) Sens…

The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relational_posts_search() function in all versions up to, and includ…

Remote | Authorization
Mar 23, 2026 Mar 23, 2026
Mar 23, 2026
Mar 23, 2026
4.3 MEDIUM
CVE-2026-3225 — LearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Qu…

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the delete_question_answer() function o…

Remote | Authorization
Mar 23, 2026 Mar 23, 2026
Mar 23, 2026
Mar 23, 2026
2.3 LOW
CVE-2026-33168 — Rails has a possible XSS vulnerability in its Action View tag helpers

Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in…

Remote | Cross-Site Scripting
Mar 23, 2026 Mar 23, 2026
Mar 23, 2026
Mar 23, 2026
1.3 LOW
CVE-2026-33167 — Rails has a possible XSS vulnerability in its Action Pack debug exceptions

Action Pack is a Rubygem for building web applications on the Rails framework. In versions on the 8.1 branch prior to 8.1.2.1, the debug exceptions page does not properly escape exception messages. A…

Remote | Cross-Site Scripting
Mar 23, 2026 Mar 23, 2026
Mar 23, 2026
Mar 23, 2026
7.7 HIGH
CVE-2026-33046 — Indico discloses local files resulting in Remote Code Execution through LaTeX injection

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX synta…

Remote | Injection
Mar 23, 2026 Mar 23, 2026
Mar 23, 2026
Mar 23, 2026
6.5 MEDIUM
CVE-2026-2412 — Quiz and Survey Master (QSM) <= 10.3.5 - Authenticated (Contributor+) SQL Injection via '…

The Quiz and Survey Master (QSM) plugin for WordPress is vulnerable to SQL Injection via the 'merged_question' parameter in all versions up to, and including, 10.3.5. This is due to insufficient sani…

Remote | Injection
Mar 23, 2026 Mar 23, 2026
Mar 23, 2026
Mar 23, 2026
9.3 CRITICAL
CVE-2026-4681 — Critical Remote Code Execution vulnerability reported in Windchill

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue …

Remote | Injection
Mar 23, 2026 Mar 23, 2026
Mar 23, 2026
Mar 23, 2026
7.5 HIGH
CVE-2026-4612 — itsourcecode Free Hotel Reservation System Parameter index.php sql injection

A vulnerability has been found in itsourcecode Free Hotel Reservation System 1.0. This affects an unknown part of the file /hotel/admin/mod_users/index.php?view=edit&id=8 of the component Parameter H…

Remote | Injection
Mar 23, 2026 Mar 23, 2026
Mar 23, 2026
Mar 23, 2026
8.6 HIGH
CVE-2026-4611 — TOTOLINK X6000R shttpd setLanCfg privilege escalation

A flaw has been found in TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826. Affected by this issue is the function setLanCfg of the file /usr/sbin/shttpd. Executing a manipulation of the …

Remote | Injection
Mar 23, 2026 Mar 23, 2026
Mar 23, 2026
Mar 23, 2026
Showing 20 of 5356 Results