Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
0.0 NA
CVE-2026-33396 — OneUptime has sandbox escape in Synthetic Monitor Playwright runtime allows project membe…

OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.35, a low-privileged authenticated user (ProjectMember) can achieve remote command execution on the Probe cont…

| Injection
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
0.0 NA
CVE-2026-33413 — etcd: Authorization bypasses in multiple APIs

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call …

| Authentication
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
0.0 NA
CVE-2026-2389 — Complianz – GDPR/CCPA Cookie Consent <= 7.4.4.2 - Authenticated (Contributor+) Stored Cro…

The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 7.4.4.2. This is due to the `revert_divs_to_summary` f…

| Cross-Site Scripting
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
0.0 NA
CVE-2026-1032 — Conditional Menus <= 1.2.6 - Cross-Site Request Forgery to Menu Options Update

The Conditional Menus plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.6. This is due to missing nonce validation on the 'save_options' funct…

| Cross-Site Request Forgery
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
0.0 NA
CVE-2026-2231 — Fluent Booking <= 2.0.01 - Unauthenticated Stored Cross-Site Scripting via Multiple Param…

The Fluent Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 2.0.01 due to insufficient input sanitization and ou…

| Cross-Site Scripting
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
0.0 NA
CVE-2026-2511 — JS Help Desk – AI-Powered Support & Ticketing System <= 3.0.4 - Unauthenticated SQL Injec…

The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the `multiformid` parameter in the `storeTickets()` function in all versions up to, an…

| Injection
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
8.6 HIGH
CVE-2019-25650 — River Past CamDo 3.7.6 Structured Exception Handler Buffer Overflow

River Past CamDo 3.7.6 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_en…

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
6.8 MEDIUM
CVE-2019-25649 — River Past Audio Converter 7.7.16 Local Buffer Overflow DoS

River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allows local attackers to crash the application by supplying an oversized input stri…

| Denial of Service
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
6.9 MEDIUM
CVE-2019-25648 — MyVideoConverter Pro 3.14 Denial of Service Buffer Overflow

MyVideoConverter Pro 3.14 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string to the registration code input field. A…

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
8.6 HIGH
CVE-2018-25219 — PassFab Excel Password Recovery 8.3.1 SEH Buffer Overflow

PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in …

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
8.6 HIGH
CVE-2018-25218 — PassFab RAR Password Recovery 9.3.2 SEH Buffer Overflow

PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload.…

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
8.6 HIGH
CVE-2018-25217 — PDF Explorer 1.5.66.2 Structured Exception Handler Local Code Execution

PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attack…

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
6.9 MEDIUM
CVE-2018-25216 — AnyBurn 4.3 Denial of Service Local Buffer Overflow

AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can pas…

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
6.8 MEDIUM
CVE-2018-25215 — Excel Password Recovery Professional 8.2.0.0 Local Buffer Overflow DoS

Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long string to the 'E-Mail a…

| Denial of Service
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
6.9 MEDIUM
CVE-2018-25214 — MegaPing Local Buffer Overflow Denial of Service

MegaPing contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload to the Destination Address List field in the Finger func…

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
8.6 HIGH
CVE-2018-25213 — Nsauditor 3.0.28.0 Local SEH Buffer Overflow

Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. At…

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
8.6 HIGH
CVE-2018-25212 — Boxoft wav-wma Converter 1.0 Local Buffer Overflow SEH

Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers…

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
8.5 HIGH
CVE-2018-25211 — Allok Video Splitter 3.1.1217 Buffer Overflow via License Name

Allok Video Splitter 3.1.1217 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service or execute arbitrary code by supplying an oversized string in the Licen…

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
0.0 NA
CVE-2026-33343 — etcd: Nested etcd transactions bypass RBAC authorization checks

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use n…

| Authorization
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
6.1 MEDIUM
CVE-2026-4887 — Gimp: gimp:memory disclosure and denial of service via specially crafted pcx image

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially craft…

| Memory Corruption
Mar 26, 2026 Mar 26, 2026
Mar 26, 2026
Mar 26, 2026
Showing 20 of 6003 Results