8.6 CVE-2026-32857
Firecrawl version 2.8.0 and prior contain a server-side request forgery (SSRF) protection bypass vulnerability...

More
2026-03-27T17:16:29.177

4.3 CVE-2026-33477
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations....

More
2026-03-26T19:17:04.017

5.3 CVE-2026-33481
Syft is a a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container...

More
2026-03-26T18:16:29.733

6.8 CVE-2026-33486
Roadiz is a polymorphic content management system based on a node system that can handle many types...

More
2026-03-26T18:16:29.903

7.5 CVE-2026-33487
goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the `validateSignature`...

More
2026-03-26T18:16:30.070

3.7 CVE-2026-33490
H3 is a minimal H(TTP) framework. In versions 2.0.0-0 through 2.0.1-rc.16, the `mount()` method in h3...

More
2026-03-26T19:17:04.207

10 CVE-2026-33494
ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes...

More
2026-03-26T18:16:30.400

6.5 CVE-2026-33495
ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes...

More
2026-03-26T18:16:30.560

8.1 CVE-2026-33496
ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes...

More
2026-03-26T18:16:30.730

7.2 CVE-2026-33503
Ory Kratos is an identity, user management and authentication system for cloud services. Prior to version...

More
2026-03-26T18:16:30.897

7.2 CVE-2026-33504
Ory Hydra is an OAuth 2.0 Server and OpenID Connect Provider. Prior to version 26.2.0, the listOAuth2Clients,...

More
2026-03-26T18:16:31.060

4.8 CVE-2026-33732
srvx is a universal server based on web standards. Prior to version 0.11.13, a pathname parsing discrepancy...

More
2026-03-26T18:16:31.430

CVE-2026-26213
thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command...

More
2026-03-26T19:16:38.787

CVE-2026-28503
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists....

More
2026-03-26T19:16:57.113

5.3 CVE-2026-29055
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists....

More
2026-03-26T19:16:58.810

CVE-2026-29969
A cross-site scripting (XSS) vulnerability in the wff_cols_pref.css.aspx endpoint of staffwiki v7.0.1.19219...

More
2026-03-26T19:16:59.600

CVE-2026-30457
An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute...

More
2026-03-26T19:16:59.900

CVE-2026-30458
An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens...

More
2026-03-26T19:17:00.050

CVE-2026-30463
Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnerability via the /controllers/Login.php...

More
2026-03-26T19:17:00.183

6.5 CVE-2026-33148
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists....

More
2026-03-26T19:17:02.763

8.1 CVE-2026-33149
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists....

More
2026-03-26T19:17:02.967