Critical vulnerabilities, curated daily for security professionals
π― SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
π
Today's Security Brief
Yesterday's disclosures include two maximum-severity vulnerabilities in MLflow (CVE-2025-15379, CVSS 10.0) and Arch steam-trader (CVE-2026-5128, CVSS 10.0), alongside critical remote code execution flaws in WordPress, Nginx UI, and SciTokens. The disclosure volume includes 14 critical CVEsβdouble the prior day's count of 7βand 68 high-priority vulnerabilities, up 11% from 61. Actively exploited vulnerabilities affect Citrix NetScaler (CVE-2026-3055), Zimbra Collaboration Suite (CVE-2025-66376), Craft CMS (CVE-2025-32432), and three Apple product lines, with 9 KEV entries confirmed. Attack patterns center on remote code execution and authentication bypass across web frameworks, CMS platforms, and developer tooling. No patches are currently available for the disclosed vulnerabilities, making compensating controls and network-level mitigations essential in the interim.
Two CVSS 10.0 vulnerabilities disclosed in MLflow (CVE-2025-15379) and Arch steam-trader (CVE-2026-5128) require immediate risk assessment
Critical CVE count doubled from 7 to 14 compared to the prior day, a 100% increase
68 high-priority vulnerabilities disclosed, up 11% from 61 the previous day
RCE and authentication bypass flaws dominate disclosures across WordPress, Nginx UI, SciTokens, and multiple CMS frameworks
Patch availability stands at 0%βno vendor fixes are currently released for these disclosures
9 actively exploited vulnerabilities confirmed, affecting Citrix NetScaler, Zimbra, Apple products, Craft CMS, Laravel Livewire, and Langflow
Immediate action: Prioritize risk assessment for environments running MLflow, WordPress, Nginx UI, Citrix NetScaler, Zimbra, and Apple products, as these carry the highest severity scores and confirmed exploitation activity. With patch availability at 0%, implement compensating controls including network segmentation, WAF rules, and access restrictions for affected services until vendor fixes are released.
π‘ Tip: Swipe CVE cards left to β star, right to β remove
Section Navigation
β οΈ
CISA Known Exploited Vulnerabilities
β οΈ CISA KEVURGENT
CVE-2025-66376
9.5
SynacorZimbra Collaboration Suite (ZCS)
β° Federal Deadline:March 31, 2026(1 days remaining)
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2026-3055
9.5
CitrixNetScaler
β° Federal Deadline:April 1, 2026(2 days remaining)
Citrix NetScaler Out-of-Bounds Read Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2025-32432
9.5
Craft CMSCraft CMS
β° Federal Deadline:April 2, 2026(3 days remaining)
Craft CMS Code Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2025-54068
9.5
LaravelLivewire
β° Federal Deadline:April 2, 2026(3 days remaining)
Laravel Livewire Code Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2025-43510
9.5
AppleMultiple Products
β° Federal Deadline:April 2, 2026(3 days remaining)
Apple Multiple Products Improper Locking Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2025-43520
9.5
AppleMultiple Products
β° Federal Deadline:April 2, 2026(3 days remaining)
Apple Multiple Products Classic Buffer Overflow Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2025-31277
9.5
AppleMultiple Products
β° Federal Deadline:April 2, 2026(3 days remaining)
Apple Multiple Products Buffer Overflow Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-33017
9.5
LangflowLangflow
β° Federal Deadline:April 7, 2026(8 days remaining)
Langflow Code Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-33634
9.5
AquasecurityTrivy
β° Federal Deadline:April 8, 2026(9 days remaining)
Aquasecurity Trivy Embedded Malicious Code Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
π¨
Critical Vulnerabilities
CVE-2026-4257
9.8π
WordPressis vulnerable
The Contact Form by Supsystic plugin for WordPress is vulnerable to unauthenticated Remote Code Execution via Server-Side Template Injection in the Twig template engine.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-3300
9.8π
WordPressis vulnerable
Everest Forms Pro is vulnerable to unauthenticated Remote Code Execution via PHP Code Injection in its Calculation Addon, allowing attackers to execute code through unsanitized form fields.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-32714
9.8π
SciTokensSciTokens (Python library)
SciTokens is vulnerable to SQL Injection in its KeyCache class due to the unsafe use of Python's str.format() for query construction, allowing attackers to execute arbitrary SQL commands.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-30562
9.3π
HPfile via
SourceCodester Sales and Inventory System 1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) via the 'msg' parameter in add_stock.php due to insufficient input sanitization.
CVSS Base9.3
β
CRSSelect profile
CVE-2026-21861
9.1π
the corebaserCMS
baserCMS contains an OS command injection vulnerability in its core update functionality, allowing authenticated administrators to execute arbitrary commands on the server.
CVSS Base9.1
β
CRSSelect profile
CVE-2026-33032
9.8π
NginxUI is
Nginx UI versions 2.3.5 and prior are vulnerable to an authentication bypass on the /mcp_message endpoint, allowing unauthenticated attackers to take full control of the Nginx service.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-34557
9.1π
ArchCI4MS (CMS skeleton)
CI4MS is vulnerable to stored Cross-Site Scripting (XSS) in its group and role management functionality, allowing attackers to execute malicious scripts in administrative views.
CVSS Base9.1
β
CRSSelect profile
CVE-2026-34558
9.1π
ArchCI4MS (CMS skeleton)
CI4MS is vulnerable to Stored DOM-Based Cross-Site Scripting in its Methods Management functionality, allowing for script execution in administrative and global navigation components.
CVSS Base9.1
β
CRSSelect profile
CVE-2025-15379
10π
MLflowMLflow
A command injection vulnerability in MLflow's model serving container initialization allows attackers to execute arbitrary commands by supplying malicious model artifacts with unsanitized dependencies.
CVSS Base10
β
CRSSelect profile
CVE-2026-5128
10π
Archsteam-trader
ArthurFiorette steam-trader 2.1.1 is vulnerable to unauthenticated sensitive information exposure, leaking Steam account credentials and 2FA secrets via API and logs.
CVSS Base10
β
CRSSelect profile
CVE-2026-31946
9.8π
OpenOlatOpenOlat (e-learning platform)
OpenOlat fails to verify JWT signatures in its OpenID Connect implicit flow implementation, allowing attackers to bypass authentication by providing forged, unverified tokens.
CVSS Base9.8
β
CRSSelect profile
CVE-2025-15036
9.6π
ArchMLflow
A path traversal vulnerability in MLflow's archive extraction function allows attackers to overwrite arbitrary files and escape sandboxed directories via malicious tar archives.
CVSS Base9.6
β
CRSSelect profile
CVE-2026-34714
9.2π
VimVim
Vim is vulnerable to arbitrary code execution when opening a crafted file due to a %{expr} injection flaw in the tabpanel component.
CVSS Base9.2
β
CRSSelect profile
CVE-2026-30877
9.1π
the updatebaserCMS
baserCMS contains an OS command injection vulnerability within its update functionality. Authenticated administrators can exploit this flaw to execute arbitrary commands with server-level privileges.
CVSS Base9.1
β
CRSSelect profile
β οΈ
High Priority Updates
CVE-2026-4020
7.5
WordPressis vulnerable
The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2
CVSS Base7.5
β
CRSSelect profile
CVE-2026-3991
7.8
SymantecData Loss
Symantec Data Loss Prevention Windows Endpoint, prior to 25
CVSS Base7.8
β
CRSSelect profile
CVE-2026-33030
8.8
webUI is
Nginx UI is a web user interface for the Nginx web server
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5130
8.8
WordPresswas vulnerable
The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to and including 1
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3124
7.5π
WordPressis vulnerable
The Download Monitor plugin for WordPress is vulnerable to an Insecure Direct Object Reference (IDOR) flaw. This allows unauthorized access to restricted files in versions up to 5.x.
CVSS Base7.5
β
CRSSelect profile
CVE-2019-25654
7.5π Late Disclosure
SFTPMultiple Products
Core FTP/SFTP Server 1
CVSS Base7.5
β
CRSSelect profile
CVE-2026-5150
7.3
HPof the
A security vulnerability has been detected in code-projects Accounting System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2026-30940
7.2
HPfile in
baserCMS is a website development framework
CVSS Base7.2
β
CRSSelect profile
CVE-2026-28228
8.8
Tomcatprocess
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication
CVSS Base8.8
β
CRSSelect profile
CVE-2026-29925
7.7
HPMultiple Products
Invoice Ninja v5
CVSS Base7.7
β
CRSSelect profile
CVE-2026-5179
7.3
HPMultiple Products
A vulnerability was detected in SourceCodester Simple Doctors Appointment System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2026-5180
7.3
HPMultiple Products
A flaw has been found in SourceCodester Simple Doctors Appointment System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2026-4416
7.8
GigabyteControl Center
The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability
CVSS Base7.8
β
CRSSelect profile
CVE-2026-5045
8.8
TendaFH1201
A vulnerability was detected in Tenda FH1201 1
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5046
8.8
TendaFH1201
A flaw has been found in Tenda FH1201 1
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5152
8.8
TendaCH22
A vulnerability was detected in Tenda CH22 1
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5154
8.8
TendaCH22
A vulnerability has been found in Tenda CH22 1
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5155
8.8
TendaCH22
A vulnerability was found in Tenda CH22 1
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5156
8.8
TendaCH22
A vulnerability was determined in Tenda CH22 1
CVSS Base8.8
β
CRSSelect profile
CVE-2026-29872
8.2
GitHubMCP Agent
A cross-session information disclosure vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-19)
CVSS Base8.2
β
CRSSelect profile
CVE-2026-34042
8.2
GitHubactions
act is a project which allows for local running of github actions
CVSS Base8.2
β
CRSSelect profile
CVE-2026-2370
8.1
versionshas remediated
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14
CVSS Base8.1
β
CRSSelect profile
CVE-2026-4415
8.1
GigabyteControl Center
Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability
CVSS Base8.1
β
CRSSelect profile
CVE-2026-32980
7.5
OpenClawwebhook request
OpenClaw before 2026
CVSS Base7.5
β
CRSSelect profile
CVE-2026-34472
7.1
ZTEZXHN H188A
Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6
CVSS Base7.1
β
CRSSelect profile
CVE-2026-2328
7.5
InforMultiple Products
An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information
CVSS Base7.5
β
CRSSelect profile
CVE-2026-3945
7.5
HTTP chunkedMultiple Products
An integer overflow vulnerability in the HTTP chunked transfer encoding parser in tinyproxy up to and including version 1
CVSS Base7.5
β
CRSSelect profile
CVE-2026-33984
7.5π
FreeRDPFreeRDP
FreeRDP, an open-source Remote Desktop Protocol implementation, contains a security vulnerability. This flaw could potentially allow remote attackers to compromise RDP sessions or execute unauthorized actions.
CVSS Base7.5
β
CRSSelect profile
CVE-2026-33986
7.5π
FreeRDPFreeRDP
FreeRDP is affected by a security vulnerability that could lead to unauthorized access or data compromise. This issue resides within the protocol implementation and affects various versions of the software.
CVSS Base7.5
β
CRSSelect profile
CVE-2026-33982
7.1
UnknownMultiple Products
FreeRDP is a free implementation of the Remote Desktop Protocol
CVSS Base7.1
β
CRSSelect profile
CVE-2026-33987
7.1
UnknownMultiple Products
FreeRDP is a free implementation of the Remote Desktop Protocol
CVSS Base7.1
β
CRSSelect profile
CVE-2026-29953
7.4
SchemaHeroMultiple Products
SQL Injection vulnerability in SchemaHero 0
CVSS Base7.4
β
CRSSelect profile
CVE-2026-33643
7.4
SchemaHeroMultiple Products
SQL Injection vulnerability in SchemaHero 0
CVSS Base7.4
β
CRSSelect profile
CVE-2026-5042
8.8π
BelkinF9K1122
A security flaw has been discovered in the Belkin F9K1122 router, potentially allowing for unauthorized access or system interference.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5043
8.8π
BelkinF9K1122
A security weakness has been identified in the Belkin F9K1122 router that could be exploited to compromise the device's security posture.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-32914
8.8
OpenClawMultiple Products
OpenClaw before 2026
CVSS Base8.8
β
CRSSelect profile
CVE-2026-32915
8.8
OpenClawMultiple Products
OpenClaw before 2026
CVSS Base8.8
β
CRSSelect profile
CVE-2026-33573
8.8
OpenClawMultiple Products
OpenClaw before 2026
CVSS Base8.8
β
CRSSelect profile
CVE-2026-5044
8.8π
BelkinF9K1122
A security vulnerability has been detected in the Belkin F9K1122 router, potentially enabling attackers to gain unauthorized access or disrupt services.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-34005
8.8π
XiongmaiSofia on DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P)
A critical vulnerability exists in the Sofia component of Xiongmai DVR/NVR devices. This flaw allows attackers to potentially compromise the surveillance system's integrity and availability.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-4946
8.8
priorMultiple Products
Ghidra versions prior to 12
CVSS Base8.8
β
CRSSelect profile
CVE-2026-34040
8.8
UnknownMultiple Products
Moby is an open source container framework
CVSS Base8.8
β
CRSSelect profile
CVE-2025-32957
8.7
ArchMultiple Products
baserCMS is a website development framework
CVSS Base8.7
β
CRSSelect profile
CVE-2026-32974
8.6
OpenClawMultiple Products
OpenClaw before 2026
CVSS Base8.6
β
CRSSelect profile
CVE-2026-32918
8.4
OpenClawMultiple Products
OpenClaw before 2026
CVSS Base8.4
β
CRSSelect profile
CVE-2026-33572
8.4
OpenClawMultiple Products
OpenClaw before 2026
CVSS Base8.4
β
CRSSelect profile
CVE-2026-0562
8.3
parisneoMultiple Products
A critical security vulnerability in parisneo/lollms versions up to 2
CVSS Base8.3
β
CRSSelect profile
CVE-2026-32877
8.2
UnknownMultiple Products
Botan is a C++ cryptography library
CVSS Base8.2
β
CRSSelect profile
CVE-2026-32716
8.1
UnknownMultiple Products
SciTokens is a reference library for generating and using SciTokens
CVSS Base8.1
β
CRSSelect profile
CVE-2026-32727
8.1
UnknownMultiple Products
SciTokens is a reference library for generating and using SciTokens
CVSS Base8.1
β
CRSSelect profile
CVE-2026-32978
8
OpenClawMultiple Products
OpenClaw before 2026
CVSS Base8
β
CRSSelect profile
CVE-2026-3502
7.8
TrueConfMultiple Products
TrueConf Client downloads application update code and applies it without performing verification
CVSS Base7.8
β
CRSSelect profile
CVE-2026-34054
7.8
packageMultiple Products
vcpkg is a free and open-source C/C++ package manager
CVSS Base7.8
β
CRSSelect profile
CVE-2026-29954
7.6
UnknownMultiple Products
In KubePlus 4
CVSS Base7.6
β
CRSSelect profile
CVE-2026-29924
7.6
GravMultiple Products
Grav CMS v1
CVSS Base7.6
β
CRSSelect profile
CVE-2026-33575
7.5
OpenClawMultiple Products
OpenClaw before 2026
CVSS Base7.5
β
CRSSelect profile
CVE-2026-0558
7.5
includingMultiple Products
A vulnerability in parisneo/lollms, up to and including version 2
CVSS Base7.5
β
CRSSelect profile
CVE-2026-0560
7.5
priorMultiple Products
A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2
CVSS Base7.5
β
CRSSelect profile
CVE-2026-30077
7.5
UnknownMultiple Products
OpenAirInterface V2
CVSS Base7.5
β
CRSSelect profile
CVE-2026-4046
7.5π
IBMC Library (glibc)
A vulnerability exists in the iconv() function of the GNU C Library (glibc) version 2. This flaw can lead to unexpected behavior or potential security bypasses during character set conversion.
CVSS Base7.5
β
CRSSelect profile
CVE-2026-21710
7.5
UnknownMultiple Products
A flaw in Node
CVSS Base7.5
β
CRSSelect profile
CVE-2026-34070
7.5
UnknownMultiple Products
LangChain is a framework for building agents and LLM-powered applications
CVSS Base7.5
β
CRSSelect profile
CVE-2026-32979
7.3
OpenClawMultiple Products
OpenClaw before 2026
CVSS Base7.3
β
CRSSelect profile
CVE-2026-5147
7.3
UnknownMultiple Products
A security flaw has been discovered in YunaiV yudao-cloud up to 2026
CVSS Base7.3
β
CRSSelect profile
CVE-2026-5176
7.3
TotolinkMultiple Products
A security flaw has been discovered in Totolink A3300R 17
CVSS Base7.3
β
CRSSelect profile
CVE-2026-5182
7.3
RecordMultiple Products
A vulnerability was found in SourceCodester Teacher Record System 1