CVE ID :CVE-2026-4529 Published : March 21, 2026, 11:16 p.m. | 59 minutes ago Description :A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler….
CVE-2026-3629 – Import and export users and customers <= 1.29.7 – Privilege Escalation to Administrator via save_extra_user_profile_fields
CVE ID :CVE-2026-3629 Published : March 21, 2026, 11:16 p.m. | 59 minutes ago Description :The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions…
CVE-2019-25581 – i-doit CMDB 1.12 SQL Injection via objGroupID Parameter
CVE ID :CVE-2019-25581 Published : March 21, 2026, 4:16 p.m. | 8 hours ago Description :i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by…
CVE-2019-25580 – ownDMS 4.7 SQL Injection via pdfstream.php imagestream.php
CVE ID :CVE-2019-25580 Published : March 21, 2026, 4:16 p.m. | 8 hours ago Description :ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting…
CVE-2019-25579 – phpTransformer 2016.9 Directory Traversal via jQueryFileUpload
CVE ID :CVE-2019-25579 Published : March 21, 2026, 4:16 p.m. | 8 hours ago Description :phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the…
CVE-2026-24060 – Automated Logic WebCTRL Premium Server Cleartext Transmission of Sensitive Information
CVE ID :CVE-2026-24060 Published : March 20, 2026, 11:19 p.m. | 57 minutes ago Description :Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted,…
CVE-2026-33243 – barebox: FIT Signature Verification Bypass Vulnerability
CVE ID :CVE-2026-33243 Published : March 20, 2026, 11:16 p.m. | 59 minutes ago Description :barebox is a bootloader. In barebox from version 2016.03.0 to before version 2025.09.3 and from version 2025.10.0 to…
CVE-2026-33236 – NLTK has a Downloader Path Traversal Vulnerability (AFO) – Arbitrary File Overwrite
CVE ID :CVE-2026-33236 Published : March 20, 2026, 11:16 p.m. | 59 minutes ago Description :NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research…
CVE-2026-33228 – flatted: Prototype Pollution via parse()
CVE ID :CVE-2026-33228 Published : March 20, 2026, 11:16 p.m. | 59 minutes ago Description :flatted is a circular JSON parser. Prior to version 3.4.2, the parse() function in flatted can use attacker-controlled…
CVE-2026-33226 – Budibase Unrestricted Server-Side Request Forgery (SSRF) via REST Datasource Query Preview
CVE ID :CVE-2026-33226 Published : March 20, 2026, 11:16 p.m. | 59 minutes ago Description :Budibase is a low code platform for creating internal tools, workflows, and admin panels. In versions from 3.30.6…