Critical vulnerabilities, curated daily for security professionals
đ¯ SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
đ
Today's Security Brief
Monday's vulnerability disclosures affect a broad range of enterprise and consumer products, with Ivanti Endpoint Manager, Broadcom VMware Aria Operations, and multiple Apple platforms among the most notable targets. The day's dataset includes 40 high-priority CVEs (CVSS 7.0-8.9), unchanged from the prior day, with no new critical-severity disclosures. Actively exploited vulnerabilities include CVE-2026-1603 in Ivanti EPM, CVE-2026-22719 in VMware Aria Operations, and CVE-2026-25108 in Soliton FileZen, all carrying CVSS 9.5 scores. Attack patterns span remote code execution, authentication bypass, and memory corruption flaws, with Qualcomm chipset vulnerabilities (CVE-2026-21385) extending the threat surface to mobile and embedded devices. Patch availability currently stands at 0%, requiring organizations to prioritize compensating controls and network segmentation until vendor fixes are released.
Ivanti Endpoint Manager (CVE-2026-1603) and VMware Aria Operations (CVE-2026-22719) both face actively exploited CVSS 9.5 vulnerabilities requiring immediate attention
No new critical-severity CVEs disclosed, unchanged from the prior day
40 high-priority CVEs (CVSS 7.0-8.9) identified, consistent with the previous day's volume
Attack patterns include remote code execution in n8n workflow automation (CVE-2025-68613), authentication bypass in Rockwell industrial products (CVE-2021-22681), and memory corruption in Apple iOS/iPadOS (CVE-2023-41974)
Patch availability at 0% across all disclosed vulnerabilities â compensating controls and network isolation are essential
13 vulnerabilities confirmed under active exploitation, including legacy flaws in Hikvision (CVE-2017-7921) and Omnissa Workspace ONE (CVE-2021-22054)
Immediate action: Prioritize network segmentation and access restrictions for Ivanti EPM, VMware Aria Operations, and Soliton FileZen deployments, as all three face active exploitation with no patches currently available. Review exposure of Qualcomm-based mobile devices and Apple platforms, and monitor vendor advisories closely for forthcoming security updates.
đĄ Tip: Swipe CVE cards left to â star, right to â remove
Section Navigation
â ī¸
CISA Known Exploited Vulnerabilities
â ī¸ CISA KEVURGENT
CVE-2026-25108
9.5đ
Soliton Systems K.KFileZen
â° Federal Deadline:March 16, 2026(2 days remaining)
FileZen is affected by a high-severity OS command injection vulnerability that allows a threat actor to execute arbitrary commands on the underlying operating system.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2021-22054
9.5đ Late Disclosure
OmnissaWorkspace One UEM
â° Federal Deadline:March 22, 2026(8 days remaining)
Omnissa Workspace ONE Server-Side Request Forgery - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2026-1603
9.5
Ivanti Endpoint Manager (EPM)
â° Federal Deadline:March 22, 2026(8 days remaining)
Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2026-22719
9.5đ
BroadcomVMware Aria Operations
â° Federal Deadline:March 23, 2026(9 days remaining)
VMware Aria Operations contains a command injection vulnerability that could allow an attacker to execute arbitrary commands on the affected system.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2026-21385
9.5đ
QualcommMultiple Chipsets
â° Federal Deadline:March 23, 2026(9 days remaining)
A memory corruption vulnerability exists in memory allocation processes when handling specific alignments, potentially leading to arbitrary code execution or system instability.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-68613
9.5đ
n8nn8n
â° Federal Deadline:March 24, 2026(10 days remaining)
n8n Improper Control of Dynamically-Managed Code Resources Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2017-7921
9.5đ Late Disclosure
HikvisionMultiple Products
â° Federal Deadline:March 25, 2026(11 days remaining)
Hikvision Multiple Products Improper Authentication Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2021-22681
9.5đ Late Disclosure
RockwellMultiple Products
â° Federal Deadline:March 25, 2026(11 days remaining)
Rockwell Multiple Products Insufficient Protected Credentials Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2023-43000
9.5đ Late Disclosure
AppleMultiple Products
â° Federal Deadline:March 25, 2026(11 days remaining)
Apple Multiple products Use-After-Free Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2021-30952
9.5đ Late Disclosure
AppleMultiple Products
â° Federal Deadline:March 25, 2026(11 days remaining)
Apple Multiple Products Integer Overflow or Wraparound Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2023-41974
9.5đ Late Disclosure
AppleiOS and iPadOS
â° Federal Deadline:March 25, 2026(11 days remaining)
Apple iOS and iPadOS Use-After-Free Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸
High Priority Updates
â ī¸ CISA KEV
CVE-2026-3909
8.8đ
GoogleChrome prior
â° Federal Deadline:March 26, 2026(12 days remaining)
Google Chrome versions prior to 146 contain an out-of-bounds write vulnerability in the Skia graphics engine, which is currently being exploited in the wild.
CVSS Base8.8
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2026-3910
8.8đ
GoogleChrome prior
â° Federal Deadline:March 26, 2026(12 days remaining)
Google Chrome versions prior to 146 feature an inappropriate implementation in the V8 JavaScript engine that is currently being exploited in the wild to achieve code execution.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-32426
7.5
HPProgram
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themelexus Medilazar Core medilazar-core allows PHP Local File Inclusion
CVSS Base7.5
â
CRSSelect profile
CVE-2026-32400
7.5
HPProgram
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemetechMount Boldman boldman allows PHP Local File Inclusion
CVSS Base7.5
â
CRSSelect profile
CVE-2026-2890
7.5đ
WordPressis vulnerable
The Formidable Forms plugin for WordPress is vulnerable to a payment integrity bypass, allowing for potential financial manipulation in forms.
CVSS Base7.5
â
CRSSelect profile
CVE-2026-32319
7.5đ
EllaElla Core (5G Core)
Ella Core, a 5G core for private networks, contains a security vulnerability that could impact the availability or integrity of private cellular communications.
CVSS Base7.5
â
CRSSelect profile
CVE-2026-3045
7.5đ
WordPressis vulnerable
The Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data due to a failure in access control.
CVSS Base7.5
â
CRSSelect profile
CVE-2026-22182
7.5
HPendpoint with
wpDiscuz before 7
CVSS Base7.5
â
CRSSelect profile
CVE-2026-31944
7.6đ
AtlassianLibreChat
LibreChat, an open-source ChatGPT clone, contains a vulnerability that could allow for unauthorized access to application features or user data.
CVSS Base7.6
â
CRSSelect profile
CVE-2025-13777
8.3
ABB AWINAWIN GW100
Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev
CVSS Base8.3
â
CRSSelect profile
CVE-2025-71263
7.4
sizeEdition
In UNIX Fourth Research Edition (v4), the su command is vulnerable to a buffer overflow due to the 'password' variable having a fixed size of 100 bytes
CVSS Base7.4
â
CRSSelect profile
CVE-2026-32597
7.5đ
PyJWTPyJWT
PyJWT, a Python implementation of JSON Web Token, contains a vulnerability that could compromise token integrity or verification processes.
CVSS Base7.5
â
CRSSelect profile
CVE-2025-13779
8.3
ABB AWINAWIN GW100
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev
CVSS Base8.3
â
CRSSelect profile
CVE-2026-31917
8.5đ
weDevs WP ERP erpWP ERP (WordPress Plugin)
The weDevs WP ERP plugin for WordPress is vulnerable to SQL Injection, which could allow attackers to extract or modify database information.
CVSS Base8.5
â
CRSSelect profile
CVE-2026-31922
8.5đ
Ays Pro Fox LMSFox LMS (WordPress Plugin)
The Ays Pro Fox LMS plugin for WordPress is vulnerable to Blind SQL Injection, allowing attackers to exfiltrate data from the database through inference.
The Collapsing Categories plugin for WordPress is vulnerable to Blind SQL Injection, which could lead to unauthorized database access and information disclosure.
CVSS Base8.5
â
CRSSelect profile
CVE-2026-32368
8.5đ
delphiknight Geo toGeo to Lat
The Geo to Lat (geo-to-lat) software contains a Blind SQL Injection vulnerability due to improper neutralization of special elements within SQL commands.
CVSS Base8.5
â
CRSSelect profile
CVE-2026-32399
8.5đ
David Lingren MediaMedia Library Assistant
A Blind SQL Injection vulnerability exists in David Lingren Media Library Assistant (media-library-assistant) due to improper neutralization of special elements in SQL commands.
CVSS Base8.5
â
CRSSelect profile
CVE-2026-32422
8.5đ
levelfourdevelopmentWP EasyCart
The levelfourdevelopment WP EasyCart (wp-easycart) software is vulnerable to Blind SQL Injection through improper neutralization of special elements used in SQL commands.
CVSS Base8.5
â
CRSSelect profile
CVE-2026-32433
8.5đ
codepeople CP ContactCP Contact Form with Paypal
The CP Contact Form with Paypal (cp-contact-form-with-paypal) software is susceptible to Blind SQL Injection due to improper neutralization of special elements in SQL commands.
CVSS Base8.5
â
CRSSelect profile
CVE-2026-32459
8.5đ
flycart UpsellWPUpsellWP
The UpsellWP (checkout-upsell-and-order-bumps) software contains a Blind SQL Injection vulnerability caused by improper neutralization of special elements within SQL commands.
CVSS Base8.5
â
CRSSelect profile
CVE-2026-32414
7.2
ILLID Advanced WooMultiple Products
Improper Control of Generation of Code ('Code Injection') vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Remote Code Inclusion
CVSS Base7.2
â
CRSSelect profile
CVE-2026-32358
7.6
wpdevelop BookingMultiple Products
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevelop Booking Calendar booking allows Blind SQL Injection
CVSS Base7.6
â
CRSSelect profile
CVE-2026-32418
7.6
Jordy Meow MeowMultiple Products
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordy Meow Meow Gallery meow-gallery allows Blind SQL Injection
CVSS Base7.6
â
CRSSelect profile
CVE-2026-32458
7.6
RealMag777Multiple Products
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 WOLF bulk-editor allows Blind SQL Injection
CVSS Base7.6
â
CRSSelect profile
CVE-2026-25817
8.8
firmwareMultiple Products
HMS Networks Ewon Flexy with firmware before 15
CVSS Base8.8
â
CRSSelect profile
CVE-2026-22193
8.1
wpDiscuzMultiple Products
wpDiscuz before 7
CVSS Base8.1
â
CRSSelect profile
CVE-2026-22202
8.1
wpDiscuzMultiple Products
wpDiscuz before 7
CVSS Base8.1
â
CRSSelect profile
CVE-2026-32302
8.1đ
OpenClawOpenClaw
The OpenClaw personal AI assistant is vulnerable to a security flaw that could allow for unauthorized interactions or data exposure.
CVSS Base8.1
â
CRSSelect profile
CVE-2026-0954
7.8
InforMultiple Products
There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted DSB file in Digilent DASYLab
CVSS Base7.8
â
CRSSelect profile
CVE-2026-0955
7.8
InforMultiple Products
There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab
CVSS Base7.8
â
CRSSelect profile
CVE-2026-0956
7.8
InforMultiple Products
There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab
CVSS Base7.8
â
CRSSelect profile
CVE-2026-0957
7.8
InforMultiple Products
There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYLab
CVSS Base7.8
â
CRSSelect profile
CVE-2026-32308
7.6đ
OneUptimeOneUptime
OneUptime, an observability and monitoring platform, contains a vulnerability that could allow attackers to interfere with service monitoring or access sensitive configuration data.
CVSS Base7.6
â
CRSSelect profile
CVE-2026-25819
7.5
firmwareMultiple Products
HMS Networks Ewon Flexy with firmware before 15
CVSS Base7.5
â
CRSSelect profile
CVE-2026-31882
7.5
workflowMultiple Products
Dagu is a workflow engine with a built-in Web user interface
CVSS Base7.5
â
CRSSelect profile
CVE-2026-31899
7.5đ
CairoSVGCairoSVG
CairoSVG, a Python-based SVG to PDF/PNG converter, is vulnerable to a flaw that may lead to unauthorized file access or resource exhaustion during graphics processing.
CVSS Base7.5
â
CRSSelect profile
CVE-2026-4111
7.5
ArchMultiple Products
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path
CVSS Base7.5
â
CRSSelect profile
CVE-2026-25076
7.3
versionsMultiple Products
Anchore Enterprise versions before 5
CVSS Base7.3
â
CRSSelect profile
CVE-2026-3873
7.2
AvantraMultiple Products
Use of Hard-coded Credentials vulnerability in Avantra allows Accessing
Functionality Not Properly Constrained by ACLs