Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.5 HIGH
CVE-2026-3395 — MaxSite CMS MarkItUp Preview AJAX Endpoint preview-ajax.php eval code injection

A flaw has been found in MaxSite CMS up to 109.1. This impacts the function eval of the file application/maxsite/admin/plugins/editor_markitup/preview-ajax.php of the component MarkItUp Preview AJAX …

Remote | Injection
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3394 — jarikomppa soloud WAV File soloud_wav.cpp loadwav memory corruption

A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloud_wav.cpp of the component WAV File Parser. Perfo…

| Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3393 — jarikomppa soloud Audio File soloud_wav.cpp loadflac heap-based overflow

A security vulnerability has been detected in jarikomppa soloud up to 20200207. The impacted element is the function SoLoud::Wav::loadflac of the file src/audiosource/wav/soloud_wav.cpp of the compon…

| Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3392 — FascinatedBox lily lily_emitter.c eval_tree null pointer dereference

A weakness has been identified in FascinatedBox lily up to 2.3. The affected element is the function eval_tree of the file src/lily_emitter.c. This manipulation causes null pointer dereference. The a…

| Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3391 — FascinatedBox lily lily_emitter.c clear_storages out-of-bounds

A security flaw has been discovered in FascinatedBox lily up to 2.3. Impacted is the function clear_storages of the file src/lily_emitter.c. The manipulation results in out-of-bounds read. The attack…

| Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3390 — FascinatedBox lily Error Reporting lily_build_error.c patch_line_end out-of-bounds

A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patch_line_end of the file src/lily_build_error.c of the component Error Reporting. The manipulation le…

| Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3389 — Squirrel sqstdrex.cpp sqstd_rex_newnode null pointer dereference

A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstd_rex_newnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer…

| Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3388 — Squirrel sqcompiler.cpp UnaryOP recursion

A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. Performing a manipulation results in uncontrolle…

| Denial of Service
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3387 — wren-lang wren wren_compiler.c getByteCountForArguments null pointer dereference

A vulnerability has been found in wren-lang wren up to 0.4.0. Affected by this issue is the function getByteCountForArguments of the file src/vm/wren_compiler.c. Such manipulation leads to null point…

| Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3386 — wren-lang wren wren_compiler.c emitOp out-of-bounds

A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wren_compiler.c. This manipulation causes out-of-bounds read. It is possi…

wren | Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3385 — wren-lang wren wren_compiler.c resolveLocal recursion

A vulnerability was detected in wren-lang wren up to 0.4.0. Affected is the function resolveLocal of the file src/vm/wren_compiler.c. The manipulation results in uncontrolled recursion. Attacking loc…

wren | Denial of Service
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3384 — ChaiScript chaiscript_eval.hpp Function_Push_Pop recursion

A security vulnerability has been detected in ChaiScript up to 6.1.0. This impacts the function chaiscript::eval::AST_Node_Impl::eval/chaiscript::eval::Function_Push_Pop of the file include/chaiscrip…

chaiscript | Denial of Service
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3383 — ChaiScript boxed_number.hpp go divide by zero

A weakness has been identified in ChaiScript up to 6.1.0. This affects the function chaiscript::Boxed_Number::go of the file include/chaiscript/dispatchkit/boxed_number.hpp. Executing a manipulation …

chaiscript | Denial of Service
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
4.8 MEDIUM
CVE-2026-3382 — ChaiScript boxed_number.hpp get_as memory corruption

A security flaw has been discovered in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::Boxed_Number::get_as of the file include/chaiscript/dispatchkit/boxed_number.hpp. Perfo…

chaiscript | Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
9.0 HIGH
CVE-2026-3380 — Tenda F453 L7Im frmL7ImForm buffer overflow

A vulnerability was found in Tenda F453 1.0.0.3. This issue affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page results in buffer overflow. The attack may…

f453_firmware | Remote | Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
9.0 HIGH
CVE-2026-3379 — Tenda F453 SetIpBind fromSetIpBind buffer overflow

A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to buffer overfl…

f453_firmware | Remote | Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
9.0 HIGH
CVE-2026-3378 — Tenda F453 qossetting fromqossetting buffer overflow

A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The att…

f453_firmware | Remote | Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
9.0 HIGH
CVE-2026-3377 — Tenda F453 SafeUrlFilter fromSafeUrlFilter buffer overflow

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Performing a manipulation of the argument page results …

f453_firmware | Remote | Memory Corruption
Mar 01, 2026 Mar 01, 2026
Mar 01, 2026
Mar 01, 2026
9.0 HIGH
CVE-2026-3376 — Tenda F453 SafeMacFilter fromSafeMacFilter buffer overflow

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument…

f453_firmware | Remote | Memory Corruption
Feb 28, 2026 Feb 28, 2026
Feb 28, 2026
Feb 28, 2026
8.2 HIGH
CVE-2026-28562 — wpForo Forum 2.4.14 SQL Injection via Topics ORDER BY Parameter

wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers…

wpforo_forum | Remote | Injection
Feb 28, 2026 Feb 28, 2026
Feb 28, 2026
Feb 28, 2026
Showing 20 of 4764 Results