CVE ID :CVE-2025-15031 Published : March 18, 2026, 11:17 p.m. | 56 minutes ago Description :A vulnerability in MLflow’s pyfunc extraction process allows for arbitrary file writes due to improper handling of tar…
CVE-2026-33163 – Parse Server leaks protected fields via LiveQuery afterEvent trigger
CVE ID :CVE-2026-33163 Published : March 18, 2026, 10:16 p.m. | 1 hour, 57 minutes ago Description :Parse Server is an open source backend that can be deployed to any infrastructure that can run…
CVE-2026-21994 – Vulnerability in the Oracle Edge Cloud Infrastruct
CVE ID :CVE-2026-21994 Published : March 17, 2026, 11:16 p.m. | 54 minutes ago Description :Vulnerability in the Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit product of Oracle Open Source Projects (component:…
CVE-2026-32841 – Edimax GS-5008PL <= 1.00.54 Global Authentication State Across All Clients
CVE ID :CVE-2026-32841 Published : March 17, 2026, 10:16 p.m. | 1 hour, 55 minutes ago Description :Edimax GS-5008PL firmware version 1.00.54 and prior contain an authentication bypass vulnerability that allows unauthenticated attackers to…
CVE-2026-4295 – Arbitrary code execution via crafted project files in Kiro IDE
CVE ID :CVE-2026-4295 Published : March 17, 2026, 8:16 p.m. | 3 hours, 55 minutes ago Description :Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a…
CVE-2026-4064 – PowerShell Universal gRPC Authorization Bypass
CVE ID :CVE-2026-4064 Published : March 17, 2026, 8:16 p.m. | 3 hours, 55 minutes ago Description :Missing authorization checks on multiple gRPC service endpoints in PowerShell Universal before 2026.1.4 allows an authenticated user…
CVE-2026-32981 – Ray Dashboard <= 2.8.0 Path Traversal Leading to Local File Disclosure
CVE ID :CVE-2026-32981 Published : March 17, 2026, 8:16 p.m. | 3 hours, 55 minutes ago Description :A path traversal vulnerability was identified in Ray Dashboard (default port 8265) in Ray versions prior to…
CVE-2026-29522 – ZwickRoell Test Data Management < 3.0.8 Path Traversal LFI
CVE ID :CVE-2026-29522 Published : March 16, 2026, 9:16 p.m. | 2 hours, 52 minutes ago Description :ZwickRoell Test Data Management versions prior to 3.0.8 contain a local file inclusion (LFI) vulnerability in the /server/node_upgrade_srv.js…
CVE-2026-32267 – Craft CMS Vulnerable to Privilege Escalation/Bypass through UsersController->actionImpersonateWithToken()
CVE ID :CVE-2026-32267 Published : March 16, 2026, 8:16 p.m. | 3 hours, 52 minutes ago Description :Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.6 and from…
CVE-2026-32264 – Craft CMS vulnerable to behavior injection RCE ElementIndexesController and FieldsController
CVE ID :CVE-2026-32264 Published : March 16, 2026, 8:16 p.m. | 3 hours, 52 minutes ago Description :Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.5 and from…