Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.5 HIGH
CVE-2026-4623 — DefaultFuction Jeson-Customer-Relationship-Management-System API Module System.php server…

A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00. This affects an unknown function of the file…

Remote | Server-Side Request Forgery
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
6.8 MEDIUM
CVE-2026-33308 — mod_gnutls missing key purpose check in client certificate verification

Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension…

mod_gnutls | Remote | Authentication
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
6.5 MEDIUM
CVE-2026-3079 — LearnDash LMS <= 5.0.3 - Authenticated (Contributor+) SQL Injection via 'filters[orderby_…

The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filters[orderby_order]' parameter in the 'learndash_propanel_template' AJAX action in all versions up t…

learndash | Remote | Injection
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
7.5 HIGH
CVE-2026-33307 — mod_gnutils has stack-based buffer overflow caused by a long client certificate chain

Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a …

mod_gnutls | Remote | Memory Corruption
Mar 24, 2026 Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
Showing 20 of 6444 Results