CVE ID :CVE-2026-32301 Published : March 12, 2026, 9:19 p.m. | 1 hour, 56 minutes ago Description :Centrifugo is an open-source scalable real-time messaging server. Prior to 6.7.0, Centrifugo is vulnerable to Server-Side Request…
CVE-2026-3611 – Honeywell IQ4x BMS Controller Missing authentication for critical function
CVE ID :CVE-2026-3611 Published : March 12, 2026, 9:16 p.m. | 1 hour, 59 minutes ago Description :The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default configuration….
CVE-2026-32136 – AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass
CVE ID :CVE-2026-32136 Published : March 11, 2026, 10:16 p.m. | 59 minutes ago Description :AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.73, an unauthenticated remote attacker…
CVE-2026-27591 – Winter: Privilege escalation by authenticated backend users
CVE ID :CVE-2026-27591 Published : March 11, 2026, 10:16 p.m. | 59 minutes ago Description :Winter is a free, open-source content management system (CMS) based on the Laravel PHP framework. Prior to 1.0.477,…
CVE-2026-32127 – SQL Injection Vulnerability in ajax graphs library (OpenEMR)
CVE ID :CVE-2026-32127 Published : March 11, 2026, 9:16 p.m. | 1 hour, 59 minutes ago Description :OpenEMR is a free and open source electronic health records and medical practice management application. Prior to…
CVE-2026-32110 – SiYuan has a Full-Read SSRF via /api/network/forwardProxy
CVE ID :CVE-2026-32110 Published : March 11, 2026, 9:16 p.m. | 1 hour, 59 minutes ago Description :SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to…
CVE-2026-0940 – Lenovo ThinkPad BIOS Initialization Vulnerability
CVE ID :CVE-2026-0940 Published : March 11, 2026, 9:16 p.m. | 1 hour, 59 minutes ago Description :A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a…
CVE-2026-21333 – Illustrator | Untrusted Search Path (CWE-426)
CVE ID :CVE-2026-21333 Published : March 10, 2026, 11:16 p.m. | 1 hour, 58 minutes ago Description :Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow…
CVE-2025-20105 – Intel Reference Platforms UEFI Firmware SMM Module Privilege Escalation Vulnerability
CVE ID :CVE-2025-20105 Published : March 10, 2026, 10:49 p.m. | 25 minutes ago Description :Improper input validation in some UEFI firmware SMM module for the Intel(R) reference platforms may allow an escalation…
CVE-2025-20064 – Intel UEFI FlashUcAcmSmm Privilege Escalation Vulnerability
CVE ID :CVE-2025-20064 Published : March 10, 2026, 10:49 p.m. | 25 minutes ago Description :Improper input validation in the UEFI FlashUcAcmSmm module for some Intel(R) reference platforms may allow an escalation of…