Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 5 March 2026
RSS523 vulnerabilities published on 5 March 2026
Severity:
AncoraThemes Chronicle Theme Allows Attackers to Access Local Files
CVE-2026-27337
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Chronicle - Life...
Ekoterra Theme Can Load Malicious Files from Anywhere
CVE-2026-27335
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Ekoterra - NonPr...
Au Pair Agency Theme Allows Data to be Used to Hack the Site
CVE-2026-27098
Deserialization of Untrusted Data vulnerability in axiomthemes Au Pair Agency - Babysitting & Nanny Theme au-pair-agency allows Object Injection.This ...
Amelia Booking Privilege Escalation Vulnerability
CVE-2026-24963
Incorrect Privilege Assignment vulnerability in ameliabooking Amelia ameliabooking allows Privilege Escalation.This issue affects Amelia: from n/a thr...
Podlove Web Player allows malicious code injection
CVE-2026-24385
Deserialization of Untrusted Data vulnerability in gerritvanaaken Podlove Web Player podlove-web-player allows Object Injection.This issue affects Pod...
Fuelthemes PHP File Inclusion Can Allow Hackers to Read Local Files
CVE-2026-23801
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes The Issue theissue...
CGA-vc5g-x3vg-q749
CGA-vc5g-x3vg-q749
CGA-vc5g-x3vg-q749
CGA-fqpw-fjwp-5777
CGA-fqpw-fjwp-5777
CGA-fqpw-fjwp-5777
CGA-jqvx-j542-ch33
CGA-jqvx-j542-ch33
CGA-jqvx-j542-ch33
dnp3times: Malicious Code Exfiltrates Sensitive Files
GHSA-xhw7-jhmp-j62j
The `dnp3times` crate attempted to exfiltrate `.env` files to a server that was in turn impersonating the legitimate `timeapi.io` service. It was loos...
Linux F2FS Filesystem May Corrupt Data with Swapfile
UBUNTU-CVE-2026-23233
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported...
PostgreSQL updates fix critical security problems
ALSA-2026:3887
PostgreSQL is an advanced Object-Relational database management system (DBMS). The base postgresql package contains the client programs that you'll ne...
Delve Update Fixes Multiple Security Risks
ALSA-2026:3864
Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should...
Linux Kernel: Unreliable File System Mounting with Incompatible Block Size
UBUNTU-CVE-2026-23238
In the Linux kernel, the following vulnerability has been resolved: romfs: check sb_set_blocksize() return value romfs_fill_super() ignores the return...
Linux Kernel: Filesystem Downtime Risk Due to Deadlock
UBUNTU-CVE-2026-23232
In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fs_enable_checkpoint()" This reverts ...
Git LFS update fixes three security risks
ALSA-2026:3928
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing t...
PostgreSQL Database Security Update: Avoid Code Execution
ALSA-2026:3896
PostgreSQL is an advanced object-relational database management system (DBMS).
Security Fix(es):
* postgresql: PostgreSQL missing validation o...
Linux Kernel: Potential Data Corruption in Netfilter Feature
UBUNTU-CVE-2026-23231
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchai...
Linux Kernel: Missing Checks in Classmate Laptop Driver Cause Crashes
UBUNTU-CVE-2026-23237
In the Linux kernel, the following vulnerability has been resolved: platform/x86: classmate-laptop: Add missing NULL pointer checks In a few places in...
Linux Kernel f2fs Write Operation Can Cause Data Loss
UBUNTU-CVE-2026-23234
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fs_write_end_io() As syzbot reported an use-after-free...