Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
3.5 LOW
CVE-2026-33426 — Discourse users can edit or synonymize hidden tags they can't see

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, users with tag-editing permissions could edit and create synonyms for tags hidden in rest…

discourse | Remote | Authorization
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
6.9 MEDIUM
CVE-2026-33425 — Discourse has inferable private group membership or existence via exclude_groups parameter

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, unauthenticated users can determine whether a specific user is a member of a private grou…

discourse | Remote | Information Disclosure
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
5.9 MEDIUM
CVE-2026-33424 — PM access granted through invites after access revocation

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an attacker can grant access to a private message topic through invites even after they l…

discourse | Authorization
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
4.3 MEDIUM
CVE-2026-33238 — AVideo has a Path Traversal in listFiles.json.php that Enables Server Filesystem Enumerat…

WWBN AVideo is an open source video platform. Prior to version 26.0, the `listFiles.json.php` endpoint accepts a `path` POST parameter and passes it directly to `glob()` without restricting the path …

avideo | Remote | Path Traversal
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
5.5 MEDIUM
CVE-2026-33237 — AVideo has SSRF in Scheduler Plugin via callbackURL Missing `isSSRFSafeURL()` Validation

WWBN AVideo is an open source video platform. Prior to version 26.0, the Scheduler plugin's `run()` function in `plugin/Scheduler/Scheduler.php` calls `url_get_contents()` with an admin-configurable …

avideo | Remote | Server-Side Request Forgery
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
7.5 HIGH
CVE-2026-32666 — Automated Logic WebCTRL Premium Server Authentication Bypass by Spoofing

WebCTRL systems that communicate over BACnet inherit the protocol's lack of network layer authentication. WebCTRL does not implement additional validation of BACnet traffic so an attacker with netw…

Remote | Authentication
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
6.4 MEDIUM
CVE-2026-2430 — Autoptimize <= 3.1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Lazy…

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the lazy-loading image processing in all versions up to, and including, 3.1.14. This is due to the use of an over…

Remote | Cross-Site Scripting
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
6.4 MEDIUM
CVE-2026-2352 — Autoptimize <= 3.1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'ao_…

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ao_post_preload' meta value in all versions up to, and including, 3.1.14. This is due to insufficient input …

Remote | Cross-Site Scripting
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
7.7 HIGH
CVE-2026-25086 — Automated Logic WebCTRL Premium Server Multiple Binds to the Same Port

Under certain conditions, an attacker could bind to the same port used by WebCTRL. This could allow the attacker to craft and send malicious packets and impersonate the WebCTRL service without requ…

| Denial of Service
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
9.1 CRITICAL
CVE-2026-24060 — Automated Logic WebCTRL Premium Server Cleartext Transmission of Sensitive Information

Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Posi…

Remote | Information Disclosure
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
7.5 HIGH
CVE-2026-4508 — PbootCMS Member Login MemberController.php checkUsername sql injection

A vulnerability was identified in PbootCMS up to 3.2.12. The impacted element is the function checkUsername of the file apps/home/controller/MemberController.php of the component Member Login. The ma…

pbootcms | Remote | Injection
Mar 20, 2026 Mar 20, 2026
Mar 20, 2026
Mar 20, 2026
6.5 MEDIUM
CVE-2026-3864 — CSI Driver for NFS path traversal via subDir may delete unintended directories on the NFS…

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolum…

Remote | Path Traversal
Mar 20, 2026 Mar 21, 2026
Mar 20, 2026
Mar 21, 2026
7.5 HIGH
CVE-2026-33476 — SiYuan has an Unauthenticated Arbitrary File Read via Path Traversal

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the Siyuan kernel exposes an unauthenticated file-serving endpoint under `/appearance/*filepath.` Due to improper path saniti…

siyuan | Remote | Path Traversal
Mar 20, 2026 Mar 20, 2026
Mar 20, 2026
Mar 20, 2026
1.3 LOW
CVE-2026-33423 — Discourse staff can modify any user's group notification level

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, staff can modify any user's group notification level. Versions 2026.3.0-latest.1, 2026.2.…

discourse | Remote | Authorization
Mar 20, 2026 Mar 20, 2026
Mar 20, 2026
Mar 20, 2026
3.5 LOW
CVE-2026-33422 — Discourse exposes ip_address of flagged user

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the `ip_address` of a flagged user is exposed to any user who can access the review queu…

discourse | Remote | Information Disclosure
Mar 20, 2026 Mar 20, 2026
Mar 20, 2026
Mar 20, 2026
5.4 MEDIUM
CVE-2026-33411 — Discourse's solved topic stream has potential stored XSS in topic title

Discourse is an open-source discussion platform. Versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 have a potential stored XSS in topic titles for the solved posts stream. Versions 2026.3.0…

discourse | Remote | Cross-Site Scripting
Mar 20, 2026 Mar 20, 2026
Mar 20, 2026
Mar 20, 2026
5.1 MEDIUM
CVE-2026-33291 — Discourse user can create Zendesk tickets even when it does not have access to topic

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This af…

discourse | Remote | Authorization
Mar 20, 2026 Mar 20, 2026
Mar 20, 2026
Mar 20, 2026
5.4 MEDIUM
CVE-2026-33251 — Discourse has a Hidden Solved topics permission bypass

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an authorization bypass vulnerability in hidden Solved topics may allow unauthorized user…

discourse | Remote | Authorization
Mar 20, 2026 Mar 20, 2026
Mar 20, 2026
Mar 20, 2026
8.2 HIGH
CVE-2026-33243 — barebox: FIT Signature Verification Bypass Vulnerability

barebox is a bootloader. In barebox from version 2016.03.0 to before version 2025.09.3 and from version 2025.10.0 to before version 2026.03.1, when creating a FIT, mkimage(1) sets the hashed-nodes pr…

| Misconfiguration
Mar 20, 2026 Mar 20, 2026
Mar 20, 2026
Mar 20, 2026
8.1 HIGH
CVE-2026-33236 — NLTK has a Downloader Path Traversal Vulnerability (AFO) - Arbitrary File Overwrite

NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, the…

nltk | Remote | Path Traversal
Mar 20, 2026 Mar 20, 2026
Mar 20, 2026
Mar 20, 2026
Showing 20 of 5464 Results