Latest CVE Feed
CVE Intelligence
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Score
Vulnerability
Published
9.3
CRITICAL
CVE-2026-33992
— pyLoad: Server-Side Request Forgery via Download Link Submission Enables Cloud Metadata E…
pyLoad is a free and open-source download manager written in Python. Prior to version 0.5.0b3.dev97, PyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request F…
Mar 27, 2026
Mar 31, 2026
Mar 27, 2026
Mar 31, 2026
8.8
HIGH
CVE-2026-33991
— WeGIA has SQL Injection in deletar_tag.php
WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the file `html/socio/sistema/deletar_tag.php` uses `extract($_REQUEST)` on line 14 and directly concatenates the `$id_tag` …
Mar 27, 2026
Mar 31, 2026
Mar 27, 2026
Mar 31, 2026
5.3
MEDIUM
CVE-2026-33936
— python-ecdsa: Denial of Service via improper DER length validation in crafted private keys
The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signatu…
Mar 27, 2026
Apr 01, 2026
Mar 27, 2026
Apr 01, 2026