CVE Vulnerabilities - 24 March 2026

A security issue was found in a Go library that helps with HTTP communication. If not properly configured, an attacker could send unauthorized requests to a server, potentially triggering unwanted act...

A security issue in older versions of Apache HTTPD's Mod_gnutls module allowed attackers to use a valid client certificate for the wrong purpose. This has been fixed in version 0.13.0. If you're using...

An attacker with Contributor-level access and above can access sensitive information in the LearnDash LMS plugin for WordPress. This happens when they use a specific parameter in a special request. To...

Ella Core is vulnerable to a crash when receiving specially crafted NAS messages. This can cause service disruption for all connected subscribers. To fix, software updates that add a security check fo...

Ella Core may crash if it receives a specially crafted NGAP message with an invalid PDU Session ID. This could cause a service disruption for connected subscribers. To protect against this, update Ell...

The itsourcecode software has a weakness in how it handles input from users. This makes it possible for hackers to inject malicious code into the system, potentially allowing them to access sensitive ...

Dasel's YAML parser can be exploited with an overly large YAML file, causing it to consume all available CPU and memory, freezing or crashing the system. This is due to a flaw in the way the parser ha...

The User Registration & Membership plugin for WordPress has a security flaw that lets attackers with some access levels modify site rules, potentially exposing sensitive content or blocking legitimate...

A bug in the JRuby bcrypt implementation can make password hashes much weaker when using the cost setting of 31, allowing attackers to easily guess passwords. Affected applications should update to th...

A security update is available for WPGraphQL versions prior to 2.10.0. An authenticated user with limited privileges can approve their own comments, bypassing moderation workflows. Update to version 2...

A security flaw in Bolo-Blog 2.6.4 allows hackers to inject malicious code into the system by manipulating article titles. This could let them access sensitive data or take control of your site. Updat...

A security issue exists in the WP GDPR Compliance plugin for WordPress. This could allow an attacker to view sensitive user data without permission. Affected sites should update to the latest version ...

The L1TP Listener Service on Windows systems has a remote code execution vulnerability. This means that an attacker could potentially run malicious code on a vulnerable system without needing a passwo...

Adobe Reader for Android has a weakness that allows hackers to run unauthorized code on your device. If exploited, this could lead to unauthorized access to your personal data, including sensitive inf...