CVE ID :CVE-2026-24060 Published : March 20, 2026, 11:19 p.m. | 57 minutes ago Description :Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted,…
CVE-2026-33243 – barebox: FIT Signature Verification Bypass Vulnerability
CVE ID :CVE-2026-33243 Published : March 20, 2026, 11:16 p.m. | 59 minutes ago Description :barebox is a bootloader. In barebox from version 2016.03.0 to before version 2025.09.3 and from version 2025.10.0 to…
CVE-2026-33236 – NLTK has a Downloader Path Traversal Vulnerability (AFO) – Arbitrary File Overwrite
CVE ID :CVE-2026-33236 Published : March 20, 2026, 11:16 p.m. | 59 minutes ago Description :NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research…
CVE-2026-33228 – flatted: Prototype Pollution via parse()
CVE ID :CVE-2026-33228 Published : March 20, 2026, 11:16 p.m. | 59 minutes ago Description :flatted is a circular JSON parser. Prior to version 3.4.2, the parse() function in flatted can use attacker-controlled…
CVE-2026-33226 – Budibase Unrestricted Server-Side Request Forgery (SSRF) via REST Datasource Query Preview
CVE ID :CVE-2026-33226 Published : March 20, 2026, 11:16 p.m. | 59 minutes ago Description :Budibase is a low code platform for creating internal tools, workflows, and admin panels. In versions from 3.30.6…
CVE-2026-22733 – Authentication Bypass under Actuator CloudFoundry endpoints
CVE ID :CVE-2026-22733 Published : March 19, 2026, 11:29 p.m. | 46 minutes ago Description :Spring Boot applications with Actuator can be vulnerable to an “Authentication Bypass” vulnerability when an application endpoint that…
CVE-2026-32721 – LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal
CVE ID :CVE-2026-32721 Published : March 19, 2026, 11:16 p.m. | 58 minutes ago Description :LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability…
CVE-2026-29103 – SuiteCRM Vulnerable to Remote Code Execution via Module Loader Package Scanner Bypass
CVE ID :CVE-2026-29103 Published : March 19, 2026, 11:16 p.m. | 58 minutes ago Description :SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. A Critical Remote Code Execution (RCE) vulnerability…
CVE-2026-29099 – SuiteCRM has Authenticated Blind SQL Injection in OutboundEmail Legacy Functionality.
CVE ID :CVE-2026-29099 Published : March 19, 2026, 11:16 p.m. | 58 minutes ago Description :SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, the…
CVE-2026-29096 – SuiteCRM vulnerable to Authenticated SQL Injection via unsanitized field_function in Report Fields
CVE ID :CVE-2026-29096 Published : March 19, 2026, 11:16 p.m. | 58 minutes ago Description :SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, when…