CVE Vulnerabilities - 24 March 2026

An attacker can potentially execute code on your website by submitting a specially crafted value to a custom pricing field. This could allow them to access or modify sensitive data. Update to the late...

A security issue in Tekton Pipelines git resolver allows an attacker with permission to create tasks or pipelines to read any file on the resolver pod's filesystem, which could lead to sensitive infor...

An attacker can exploit a security weakness in Graphiti's API to run any function on a database, potentially causing harm. This affects any Graphiti application that allows untrusted users to create, ...

A bug in Google Chrome's FedCM feature can be exploited by a malicious website to run unauthorized code on your computer. This could potentially allow hackers to steal sensitive information or take co...

A security issue in older versions of Google Chrome can allow a hacker to create a malicious website that corrupts data on your computer. This can happen if you visit the website. You should update to...

A security weakness in Google Chrome's WebGPU feature allows a malicious website to execute unauthorized code on a user's device. This could potentially lead to data theft or other malicious activitie...

A security issue in older versions of Google Chrome could allow a malicious website to access sensitive information by manipulating audio content. This could potentially lead to data theft or other se...

An issue in older versions of Google Chrome allowed a malicious website to potentially break out of the browser's security sandbox. This could allow an attacker to access sensitive information or inst...

Google Chrome versions before 146.0.7680.165 have a weakness that could allow an attacker to access sensitive information by tricking a user into visiting a malicious webpage. This means that a hacker...

A security issue in Google Chrome allows malicious websites to cause a browser crash. This can happen when you visit a specially crafted web page. To stay safe, make sure to update Google Chrome to th...

An issue in Google Chrome's WebAudio feature could allow a malicious website to crash the browser or potentially steal sensitive information. This vulnerability affects versions of Chrome prior to 146...

The Jupiter X Core plugin for WordPress has a security issue that lets attackers with a subscriber-level account or higher upload malicious files. This could lead to code being run on the server or ma...

Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations (`form_data()` method and `Extractible` macro) do not enforce payload size limits before reading reque...

Some Spring Cloud users may accidentally access files outside of the intended directory. This can happen when using the Config Server with the native file system backend. To fix this, update to Spring...

The Contest Gallery plugin for WordPress has a security flaw that lets an attacker take control of any admin account without a password. This happens when a user with a special email address can trick...

A bug in a specific software that runs large language models allows an attacker to trick it into using too much memory, potentially letting them run malicious code. This can happen if the software pro...

A bug in older versions of the Apache HTTPD TLS module Mod_gnutls can cause a server to crash when verifying client certificates. This happens when a client sends a long certificate chain. The bug has...

A specially crafted message to Ella Core can cause it to crash, disrupting services for all connected users. This can happen without any login or authentication. To fix this, the developers have made ...

Older versions of Freeciv game crash if sent fake data over the internet. This can let an attacker shut down public game servers, or crash the game on a player's computer. Upgrade to the latest versio...

Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated ex...

The SourceCodester Online Library Management System may allow an attacker to inject malicious SQL code, potentially exposing sensitive data or allowing unauthorized access to the system. This can happ...

A security issue in the DefaultFuction Customer Relationship Management System could allow hackers to trick the system into making unauthorized requests on the server. This could be done remotely, wit...

A security weakness in SourceCodester Patients Waiting Area Queue Management System 1.0 allows unauthorized access to patient data. This could happen when a malicious person uses a remote attack, pote...

A security issue exists in SourceCodester Online Catering Reservation 1.0, specifically in the /search.php file. An attacker could manipulate data sent to this file, potentially allowing them to acces...

A security issue in SourceCodester E-Commerce Site 1.0 could allow an attacker to see sensitive information they shouldn't have access to. This is because the software doesn't properly check user inpu...