Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
4.0 MEDIUM
CVE-2026-34553 — iccDEV: DoS in CIccCLUT::Iterate() & CIccMBB::Describe()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a defect in LUT dump/iteration logic affecting CIccCLUT::Iterate() and …

iccdev
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34552 — iccDEV: UB at IccTagLut.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior (UB) issue in IccTagLut.cpp where the code perfor…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34551 — iccDEV: NPD in CIccTagLut16::Write()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a null-pointer dereference (NPD) in CIccTagLut16::Write() can be triggered when …

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34550 — iccDEV: UB at IccIO.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior (UB) condition in IccProfLib/IccIO.cpp caused by …

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34549 — iccDEV: UB at IccUtil.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior (UB) condition in IccUtil.cpp triggered by a craf…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34548 — iccDEV: UB at IccUtilXml.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior (UB) condition in the XML conversion tooling path…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34547 — iccDEV: UB at IccUtil.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, an Undefined Behavior (UB) condition in IccUtil.cpp can be triggered by a crafte…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34546 — iccDEV: UB at TiffImg.h

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted TIFF input can trigger Undefined Behavior (UB) due to division by zero…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.4 MEDIUM
CVE-2026-2480 — WP Shortcodes Plugin — Shortcodes Ultimate <= 7.4.10 - Authenticated (Contributor+) Store…

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'max_width' attribute of the `su_box` shortcode in all versions up to, and inc…

shortcodes_ultimate | Remote | Cross-Site Scripting
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
5.3 MEDIUM
CVE-2026-5215 — D-Link DNS-1550-04 network_mgr.cgi cgi_get_ipv6 access control

A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-72…

dns-320_firmware dnr-322l_firmware dns-320l_firmware dns-120_firmware dnr-202l_firmware dns-315l_firmware +14 more | Authentication
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
9.0 HIGH
CVE-2026-5214 — D-Link DNS-1550-04 account_mgr.cgi cgi_addgroup_get_group_quota_minsize stack-based overf…

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, …

dns-320_firmware dnr-322l_firmware dns-320l_firmware dns-120_firmware dnr-202l_firmware dns-315l_firmware +14 more | Remote | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
8.6 HIGH
CVE-2026-34605 — SiYuan: Reflected XSS via SVG namespace prefix bypass in SanitizeSVG ( getDynamicIcon, un…

SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynam…

siyuan | Remote | Cross-Site Scripting
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
8.6 HIGH
CVE-2026-34585 — SiYuan: Stored XSS in imported .sy.zip content leads to arbitrary command execution

SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute values to bypass server-side attribute escaping when an HTML entity is mixed w…

siyuan | Cross-Site Scripting
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34542 — iccDEV: SBO in CIccCalculatorFunc::Apply()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow (SBO) in CIccCalculato…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34541 — iccDEV: UB in CIccCombinedConnectionConditions::CIccCombinedConnectionConditions()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) via a null-pointer mem…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34540 — iccDEV: HBO in icMemDump()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow (HBO) in icMemDump() wh…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34539 — iccDEV: HBO in CTiffImg::WriteLine()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile and TIFF input can trigger a heap-buffer-overflow (HBO) in…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34537 — iccDEV: UB in CIccOpDefEnvVar::Exec()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) in CIccOpDefEnvVar::Ex…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34536 — iccDEV: SO in SIccCalcOp::ArgsUsed()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack overflow (SO) in SIccCalcOp::ArgsUsed(…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
6.2 MEDIUM
CVE-2026-34535 — iccDEV: SEGV in CIccTagArray::Cleanup()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault (SEGV) in CIccTagArray::C…

iccdev | Memory Corruption
Mar 31, 2026 Mar 31, 2026
Mar 31, 2026
Mar 31, 2026
Showing 20 of 6268 Results