Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 6 March 2026
RSS3241 vulnerabilities published on 6 March 2026
Severity:
Mongoose Web Server 6.9 Can Be Crashed by Malicious Connections
CVE-2018-25193
Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket c...
8.7
Musicco 2.0.0 allows unauthenticated access to sensitive directories
CVE-2018-25181
Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the pare...
8.7
Easyndexer 1.0 allows unauthorized access to sensitive system files
CVE-2018-25178
Easyndexer 1.0 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the...
8.7
Malformed Data on AMPPS 2.7 Can Crash the Service
CVE-2018-25169
AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP p...
8.7
EverSync 0.5 Allows Unauthenticated Access to Sensitive Files
CVE-2018-25164
EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them dire...
8.7
WooCommerce Plugin Allows Unauthenticated Users to Create Admin Accounts
CVE-2026-3589
The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to mak...
7.5
Git LFS on Red Hat Systems May Allow Remote Code Execution
RHSA-2026:3932
7.5
Git LFS on Red Hat Systems: Unauthorized File Access Risk
RHSA-2026:3931
7.5
Git LFS on Red Hat Systems: Remote Code Execution Risk
RHSA-2026:3930
7.5
Git LFS on Red Hat Systems Can Allow Remote Code Execution
RHSA-2026:3928
7.5
Git LFS on Red Hat Systems May Allow Unauthorized Data Access
RHSA-2026:3929
7.5
Red Hat's osbuild-composer software has a security update available
RHSA-2026:3898
7.5
Grafana: Unauthenticated Data Exposure via SQL Injection
RHSA-2026:3880
7.5
Grafana: Unauthenticated Access to Sensitive Data Possible
RHSA-2026:3879
7.5
Red Hat Delve update fixes security flaw in data upload feature
RHSA-2026:3864
7.5
Grafana on Red Hat Systems: Critical Update Needed
RHSA-2026:3854
7.5
Red Hat Delve Security Update Allows Unauthorized Data Access
RHSA-2026:3843
7.5
Red Hat Image Builder: Unauthorized File Access on Server
RHSA-2026:3839
7.5
Grafana: Unauthenticated access to sensitive data
RHSA-2026:3838
7.5
Grafana: Unauthorized Access to Dashboard Data
RHSA-2026:3835
7.5
Grafana: Unauthenticated Code Execution via User Input
RHSA-2026:3833
7.5
Vulnerability in Grafana Can Allow Remote Code Execution
RHSA-2026:3831
7.5
Red Hat go-rpm-macros Package Allows Malicious Code Execution
RHSA-2026:3814
7.5
Jackson Data Processor: Unrestricted JSON Parsing Causes Crash
CVE-2026-29062
GHSA-6v53-7c9g-w56r
jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. From version 3.0.0 to...
8.7
PJSIP library parses RTP data incorrectly, potentially causing a crash
CVE-2026-29068
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability w...
8.7