Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 10 March 2026
RSS658 vulnerabilities published on 10 March 2026
Severity:
LimeSurvey: Hackers could steal database secrets
CVE-2025-56421
GHSA-rccq-2fxq-7x3h
SQL Injection vulnerability in LimeSurvey before v.6.15.4+250710 allows a remote attacker to obtain sensitive information from the database....
7.5
Liderahenk Software Allows Hackers to Run Unauthorized Code
CVE-2026-2339
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code In...
7.5
Azure IoT Explorer allows attackers to spoof network requests
CVE-2026-26121
Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a network....
7.5
Windows GDI+ Allows Unauthorized Access to Sensitive Information
CVE-2026-25181
Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network....
7.5
Windows MapUrlToZone vulnerability allows network attacks
CVE-2026-23674
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network....
7.5
Azure IoT Explorer allows unauthorized network information disclosure
CVE-2026-23664
Improper restriction of communication channel to intended endpoints in Azure IoT Explorer allows an unauthorized attacker to disclose information over...
7.5
Azure IoT Explorer: Critical Information Disclosure via Missing Authentication
CVE-2026-23662
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network....
7.5
Azure IoT Explorer Sends Sensitive Data Unencrypted Over the Internet
CVE-2026-23661
Cleartext transmission of sensitive information in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network....
7.5
PostgreSQL and Admin Credentials Exposed When SOCKS Proxy is Enabled
CVE-2025-13957
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enab...
7.5
The Events Calendar plugin for WordPress allows attackers to read sensitive files
CVE-2026-3585
The The Events Calendar plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.15.17 via the 'ajax_create_import...
7.5
Git LFS on Red Hat Linux: Unauthorized Code Execution Risk
RHSA-2026:4166
7.5
Git LFS (Large File Storage) on Red Hat Systems Allows Unauthorized File Access
RHSA-2026:4164
7.5
Firefox browser update fixes several security risks
RHSA-2026:4152
7.5
OpenSSL Vulnerability in Python's pyasn1 Library
RHSA-2026:4147
7.5
Python PyASN1 Vulnerability: Data Exposure
RHSA-2026:4148
7.5
Python's pyasn1 Software Exposes Sensitive Data
RHSA-2026:4146
7.5
Python PyASN.1 Library Vulnerability: Data Exposure
RHSA-2026:4145
7.5
Python PyASN.1 Data Format Parsing Error
RHSA-2026:4144
7.5
Red Hat Python Library Vulnerability: Unauthorized Code Execution
RHSA-2026:4143
7.5
Python pyasn1 Library Has a Security Issue
RHSA-2026:4142
7.5
Python PyASN1 Library Security Update Needed for Some Systems
RHSA-2026:4141
7.5
Python PyASN.1 Library on Red Hat Systems Exposes Sensitive Data
RHSA-2026:4140
7.5
Python PyASN.1 Library Allows Code Execution
RHSA-2026:4139
7.5
PyASN1 in Red Hat Python Package Updated to Fix Security Issue
RHSA-2026:4138
7.5
Red Hat Thunderbird: Unpatched Security Flaw Exposes User Data
RHSA-2026:4022
7.5