CVE Vulnerabilities - 4 March 2026

CPython legacy .pyc file loading bypasses security checks

CVE-2026-2297 PSF-2026-9

The import hook in CPython that handles legacy *.pyc files (SourcelessFileLoader) is incorrectly handled in FileLoader (a base class) and so does not ...

5.7

Dell Device Management Agent (DDMA) versions before 26.02 can be crashed by a local attacker

CVE-2026-22760

Dell Device Management Agent (DDMA), versions prior to 26.02, contain an Improper Check for Unusual or Exceptional Conditions vulnerability. A low pri...

5.5

Vaultwarden Partial Update API Allows Unauthorized Access to Another User's Data

CVE-2026-27898 GHSA-w9f8-m526-h7fh

## Summary In the test environment, it was confirmed that an authenticated regular user can specify another user’s `cipher_id` and call: ``` PUT /ap...

5.4

Hono Cookie Injection Risk via Unvalidated Domain and Path

CVE-2026-29086 GHSA-5pq2-9x2x-5p6w

## Summary The `setCookie()` utility did not validate semicolons (`;`), carriage returns (`\r`), or newline characters (`\n`) in the `domain` and `pa...

5.4

Wi-Fi Encryption Handling Flaw Allows Data Tampering

CVE-2026-23601

A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticate...

5.4

Checkmk passwords can be deleted by unauthorized users

CVE-2026-3103

A logic error in the remove_password() function in Checkmk GmbH's Checkmk versions <2.4.0p23, <2.3.0p43, and 2.2.0 (EOL) allows a low-privileged user ...

5.3

Alerted Nodes Dashboard allows malicious users to inject HTML code

CVE-2025-40894

A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper validation on an input parameter. ...

2.1

Alerted Nodes Dashboard allows attackers to inject malicious HTML

CVE-2025-40894

A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper validation on an input parameter. ...

5.4

Enable Media Replace plugin: Unauthorized file tampering by attackers with Author access

CVE-2026-2732

The Enable Media Replace plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'RemoveBac...

5.4

NanoMQ MQTT Broker Crashes with Malicious Traffic

CVE-2026-22040

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency pu...

5.3

Craft CMS allows anyone to send activation emails to any user

CVE-2026-29069 GHSA-234q-vvw3-mrfq

The `actionSendActivationEmail()` endpoint is accessible to unauthenticated users and does not require a permission check for pending users. An attack...

7.8

cpp-httplib Exposes Internal Error Messages to Any Client

CVE-2026-28434

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and t...

5.3

OpenClaw BlueBubbles Plugin: Unrestricted DMs with Unset Allowlist

GHSA-jwf4-8wf4-jf2m

### Summary BlueBubbles is an optional OpenClaw channel plugin. A configuration-sensitive access-control mismatch allowed DM senders to be treated as ...

5.3

OpenClaw's image tool can steal sensitive outside-project data

GHSA-q6qf-4p5j-r25g

### Summary In OpenClaw, the sandboxed `image` tool did not honor `tools.fs.workspaceOnly=true` for mounted paths resolved by the sandbox FS bridge. T...

5.3

OpenClaw allows unauthorized access in some chat settings

GHSA-f6h3-846h-2r8w

### Summary In certain elevated-mode configurations, `tools.elevated.allowFrom` accepted broader identity signals than intended. The fix tightens matc...

5.3

Cisco Firewall Software: Malicious Input Crashes Device

CVE-2026-20106

A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance (ASA) Softwa...

5.3

ClamAV: Malicious HTML file can crash the scanner

CVE-2026-20031

A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service...

5.3

Cisco ASA Firewall Software Allows Unauthorized SSH Access

CVE-2026-20009

A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Applia...

5.3

SEPPmail Secure Email Gateway: Email Signature Spoofing

CVE-2026-2748

SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowi...

7.8

SEPPmail Secure Email Gateway - PGP Signature Verification Failure

CVE-2026-2746

SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable to detect f...

6.9

SEPPmail Secure Email Gateway PGP Signature Spoofing Risk

CVE-2026-27445

SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signatur...

6.9

WPBookit plugin for WordPress exposes customer data without permission

CVE-2026-1980

The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'get_customer_list' route ...

5.3

Firefox: Malicious Sites Can Disable Compression

GHSA-6w86-wgwq-rgq8

### Summary An unsanitized qpack index can lead to an integer overflow, panicing in debug mode, accessing the wrong or no dynamic table entry in rele...

5.1

Cisco Secure FMC Software: SQL Injection via Authenticated Request

CVE-2026-20003

A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affe...

4.9

SonicOS Firewall Can Crash After Receiving Malicious Certificate

CVE-2026-3439

A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall....

4.9