Latest CVE Feed
CVE Intelligence
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Score
Vulnerability
Published
6.8
MEDIUM
CVE-2026-33308
— mod_gnutls missing key purpose check in client certificate verification
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension…
Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
6.5
MEDIUM
CVE-2026-3079
— LearnDash LMS <= 5.0.3 - Authenticated (Contributor+) SQL Injection via 'filters[orderby_…
The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filters[orderby_order]' parameter in the 'learndash_propanel_template' AJAX action in all versions up t…
Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
7.5
HIGH
CVE-2026-33307
— mod_gnutils has stack-based buffer overflow caused by a long client certificate chain
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a …
Mar 24, 2026
Mar 24, 2026
Mar 24, 2026
Mar 24, 2026