Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 9 March 2026
RSS257 vulnerabilities published on 9 March 2026
Severity:
MINI-8x79-qvh4-cv9j
MINI-8x79-qvh4-cv9j
Apache HTTP Server Cross-Site Scripting in URL Handling
MINI-xwmq-8jwf-4crh
WordPress Plugin 'WP Statistics' Allows Unauthenticated SQL Injection
MINI-25h7-p45r-94c8
Linux Kernel: Unprivileged User Can Cause Memory Exhaustion
CVE-2024-14027
In the Linux kernel, the following vulnerability has been resolved:
fs/xattr: missing fdput() in fremovexattr error path
In the Linux kernel, the fr...
Linux Kernel: File Reference Leak in File System Function
DEBIAN-CVE-2024-14027
In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput() in fremovexattr error path In the Linux kernel, the fr...
Adobe Illustrator CS6 Data Disclosure Vulnerability
MINI-42w2-w4g3-h99g
YARA Crashes on Malicious Files, Possibly Allowing Attackers to Crash or Take Control
USN-8080-1
Kamil Frankowicz discovered that a number of YARA's functions
generated memory exceptions when processing specially crafted
rules or files. A remote a...
Apache HTTP Server Can Expose Sensitive Information
MINI-whq5-c289-8gqq
WordPress Plugin 'WP User Frontend' Allows Unauthorized Account Access
MINI-r869-5chc-65rf
ImageMagick update fixes multiple security risks in image processing
SUSE-SU-2026:0854-1
This update for ImageMagick fixes the following issues:
- CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversio...
ImageMagick update fixes multiple security risks
SUSE-SU-2026:0853-1
This update for ImageMagick fixes the following issues:
- CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression (bsc#1258743)...
ImageMagick Security Update Fixes Multiple Critical Issues
This update for ImageMagick fixes the following issues:
- CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression (bsc#1258743)...
ImageMagick update fixes multiple security risks
SUSE-SU-2026:0852-1
This update for ImageMagick fixes the following issues:
- CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression (bsc#1258743)...
ImageMagick Update Fixes Multiple Security Risks
SUSE-SU-2026:0851-1
This update for ImageMagick fixes the following issues:
- CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression (bsc#1258743)...
GNU Binutils readelf crashes when processing malformed binary data
DEBIAN-CVE-2025-69648
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data...
GNU Binutils readelf can crash when processing certain files
DEBIAN-CVE-2025-69647
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A log...
WordPress Plugin WP Super Cache Can Cause Data Exposure
CGA-pm9f-r9cc-8qwv
CGA-pm9f-r9cc-8qwv
Multer for Root: Unauthenticated File Uploads Possible
ROOT-APP-NPM-CVE-2026-3520
Root has patched CVE-2026-3520 in the @rootio/multer package for Root:npm. Multiple fixed versions available....
Multer File Upload Data Exposure in Root.io Package
ROOT-APP-NPM-CVE-2026-2359
Root has patched CVE-2026-2359 in the @rootio/multer package for Root:npm. Multiple fixed versions available....
Firewall Rule Processing Engine Crashes with Malicious Packets
CVE-2025-14769
In some cases, the `tcp-setmss` handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can...
Router Advertisements Can Execute Shell Commands on Linux Systems
CVE-2025-14558
The rtsol(8) and rtsold(8) programs do not validate the domain search list options provided in router advertisement messages; the option body is passe...
Multer Package Allows Unauthenticated File Uploads
ROOT-APP-NPM-CVE-2026-3304
Root has patched CVE-2026-3304 in the @rootio/multer package for Root:npm. Multiple fixed versions available....
rootio-Markdown: Unauthorized data access through malicious markdown formatting
ROOT-APP-PYPI-CVE-2025-69534
Root has patched CVE-2025-69534 in the rootio-Markdown package for Root:PyPI. Multiple fixed versions available....
WordPress Plugin File Inclusion Allows Remote Code Execution