CVE ID :CVE-2026-5214 Published : March 31, 2026, 10:16 p.m. | 2 hours, 20 minutes ago Description :A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326,…
CVE-2026-34605 – SiYuan: Reflected XSS via SVG namespace prefix bypass in SanitizeSVG ( getDynamicIcon, unauthenticated )
CVE ID :CVE-2026-34605 Published : March 31, 2026, 10:16 p.m. | 2 hours, 20 minutes ago Description :SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function…
CVE-2026-34585 – SiYuan: Stored XSS in imported .sy.zip content leads to arbitrary command execution
CVE ID :CVE-2026-34585 Published : March 31, 2026, 10:16 p.m. | 2 hours, 20 minutes ago Description :SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute…
CVE-2026-34449 – SiYuan: Cross-Origin RCE via Permissive CORS Policy and JavaScript Snippet Injection
CVE ID :CVE-2026-34449 Published : March 31, 2026, 10:16 p.m. | 2 hours, 20 minutes ago Description :SiYuan is a personal knowledge management system. Prior to version 3.6.2, a malicious website can achieve Remote…
CVE-2026-34448 – SiYuan: Stored XSS in Attribute View gallery/kanban cover rendering allows arbitrary command execution in the desktop client
CVE ID :CVE-2026-34448 Published : March 31, 2026, 10:16 p.m. | 2 hours, 20 minutes ago Description :SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a…
CVE-2026-5156 – Tenda CH22 Parameter QuickIndex formQuickIndex stack-based overflow
CVE ID :CVE-2026-5156 Published : March 31, 2026, 12:16 a.m. | 20 minutes ago Description :A vulnerability was determined in Tenda CH22 1.0.0.1. This impacts the function formQuickIndex of the file /goform/QuickIndex of…
CVE-2026-5155 – Tenda CH22 Parameter AdvSetWan fromAdvSetWan stack-based overflow
CVE ID :CVE-2026-5155 Published : March 30, 2026, 11:17 p.m. | 1 hour, 19 minutes ago Description :A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function fromAdvSetWan of the file /goform/AdvSetWan…
CVE-2026-5154 – Tenda CH22 Parameter setcfm fromSetCfm stack-based overflow
CVE ID :CVE-2026-5154 Published : March 30, 2026, 11:17 p.m. | 1 hour, 19 minutes ago Description :A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of…
CVE-2026-5130 – Debugger & Troubleshooter <= 1.3.2 – Unauthenticated Privilege Escalation to Administrator via Cookie Manipulation
CVE ID :CVE-2026-5130 Published : March 30, 2026, 11:17 p.m. | 1 hour, 19 minutes ago Description :The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to…
CVE-2026-4257 – Contact Form by Supsystic <= 1.7.36 – Unauthenticated Server-Side Template Injection via Prefill Functionality
CVE ID :CVE-2026-4257 Published : March 30, 2026, 10:16 p.m. | 2 hours, 20 minutes ago Description :The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection (SSTI) leading to…