Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 4 March 2026
RSS241 vulnerabilities published on 4 March 2026
Severity:
IDC SFX Series Web Interface Allows Unauthorized Code Execution
CVE-2026-28772
A Reflected Cross-Site Scripting (XSS) vulnerability in the /IDC_Logging/index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series ...
5.1
IDC SFX Series Web Interface allows malicious scripts to run in victim's browser
CVE-2026-28771
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the /index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series Super...
5.1
Cisco Firewall Software allows attackers to run unauthorized system commands
CVE-2026-20016
A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, lo...
6.0
Cisco Secure FTD Software CLI Allows Local Attackers to Run Commands as Root
CVE-2026-20063
A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying o...
6.0
Cisco FMC Software Allows Local Attackers to Run Commands as Root
CVE-2026-20044
A vulnerability in the lockdown mechanism of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, local attacker to pe...
6.0
Cisco Secure FTD Software allows local attackers to execute arbitrary commands
CVE-2026-20017
A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying o...
6.0
Cisco ASA and FTD Software: Malicious Lua Code Injection Possible
CVE-2026-20008
A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure F...
6.0
OpenDeck Fails to Securely Serve Software Files
CVE-2026-28427
OpenDeck is Linux software for your Elgato Stream Deck. Prior to 2.8.1, the service listening on port 57118 serves static files for installed plugins ...
5.9
Vaultwarden: Hacker Can Bypass 2-Step Verification for Some Actions
GHSA-v6pg-v89r-w8wr
CVE-2026-27801
### Summary
Vaultwarden v1.34.3 and prior are susceptible to a 2FA bypass when performing protected actions. An attacker who gains authenticated acce...
6.0
Cisco Firewall Software Allows Malicious File Creation by Authorized Users
CVE-2026-20018
A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD)...
5.9
Cisco Firewall: Unauthenticated Access Control Bypass via Memory Exhaustion
CVE-2026-20073
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allo...
5.8
Cisco Products: Remote Restart of Snort 3 Detection Engine
CVE-2026-20068
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause ...
5.8
Cisco Products: Unauthenticated Restart of Snort 3 Detection Engine
CVE-2026-20067
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause ...
5.8
Cisco Products: Snort 3 Restart Vulnerability via Malicious HTTP Packets
CVE-2026-20066
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause ...
5.8
Cisco Products: Snort 3 Restart by Malicious Packets May Disrupt Network
CVE-2026-20065
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause ...
5.8
Cisco Products: Malicious VBA Data Can Crash Snort 3 Detection Engine
CVE-2026-20058
Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the S...
5.8
Cisco Products: Malicious Data Can Crash the Snort 3 Detection Engine
CVE-2026-20057
Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications (VBA) feature which could allow an unauthenticate...
5.8
Cisco Products Can Crash with Malformed VBA Data
CVE-2026-20054
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the S...
5.8
Cisco Products Can Crash When Processing Malicious Microsoft Files
CVE-2026-20053
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the S...
5.8
Cisco Secure Firewall FTD Software can crash due to malicious SSL packets
CVE-2026-20052
A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow ...
5.8
Cisco Firewalls: Unauthenticated Attack Can Crash the Device
CVE-2026-20015
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attack...
5.8
Cisco Firewall ASA and FTD Devices Can Crash from Malicious IKEv2 Packets
CVE-2026-20013
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attack...
5.8
Cisco FTD Software: Unauthenticated Remote Attack Traffic Bypass
CVE-2026-20007
A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticate...
5.8
Cisco FTD Software May Crash if Sent a Malicious TLS Packet
CVE-2026-20006
A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could all...
5.8
Snort 3 Detection Engine: Restart by Malicious SSL Packets
CVE-2026-20005
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause ...
5.8