Critical vulnerabilities, curated daily for security professionals
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Friday's disclosures center on cloud and collaboration infrastructure, with critical flaws in Azure DevOps, Microsoft Teams, Apache Cassandra, and Kubernetes affecting widely deployed enterprise environments. Critical CVE volume rose 82% to 20 from 11 the prior day, while high-priority issues held steady at 100. Notable entries include CVE-2026-33587 (CVSS 10) impacting Docker container isolation, CVE-2026-42826 (CVSS 10) in Azure DevOps, and CVE-2026-33109 (CVSS 9.9) in Apache Cassandra. Remote code execution, container escape, and secret exposure dominate the attack patterns, with cloud-native and DevOps toolchains carrying the heaviest exposure. No vendor patches are currently available across this set, requiring teams to rely on configuration hardening, network segmentation, and compensating controls until fixes ship.
Immediate action: Prioritize inventory and exposure assessment for Azure DevOps, Microsoft Teams, Apache Cassandra, Kubernetes, and Docker environments, alongside the actively exploited Palo Alto, Ivanti EPMM, and ConnectWise ScreenConnect deployments. With no patches yet available for the new critical CVEs, apply network segmentation, restrict administrative access, and enable enhanced logging on affected systems while monitoring vendor advisories for fix releases.
Unauthenticated RCE in Palo Alto PAN-OS firewalls
A buffer overflow in the User-ID Authentication Portal lets an unauthenticated network attacker execute arbitrary code as root on PA-Series and VM-Series firewalls. Palo Alto Networks confirms limited exploitation in the wild against portals reachable from untrusted IP space.
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.
Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability - Active in CISA KEV catalog.
ConnectWise ScreenConnect Path Traversal Vulnerability - Active in CISA KEV catalog.
Microsoft Windows Protection Mechanism Failure Vulnerability - Active in CISA KEV catalog.
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability - Active in CISA KEV catalog.
FreeScout contains a flaw in the user-setup endpoint where invite hashes do not expire, allowing unauthenticated attackers to perform permanent account takeovers.
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute arbitrary code.
Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.
Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component
A Server-Side Template Injection (SSTI) vulnerability in Open Notebook v1.8.3 allows authenticated users to execute arbitrary Python code and OS commands within the Docker container.
An exposure of sensitive information in Azure DevOps allows an unauthenticated attacker to disclose data over a network.
Improper authorization in Microsoft Teams permits an authorized attacker to perform unauthorized information disclosure over a network.
A command injection vulnerability in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network.
A missing authorization gap in Argo CD allows read-only users to extract plaintext Kubernetes Secret data via the ServerSideDiff endpoint.
A command injection vulnerability in Electerm allows attackers to execute arbitrary code by supplying a malicious release name.
A command injection vulnerability exists in electerm prior to version 3.3.8, where remote version strings are unsafely passed to system commands.
A vulnerability in Electerm's terminal hyperlink handler allows arbitrary code execution or local file access when a user clicks a malicious link.
A path traversal vulnerability in the SCP middleware of the Wish SSH server allows unauthorized file access and modification.
Origin Validation Error vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Liderahenk: from 2.0.1 before 2.0.2.
CI4MS contains a stored DOM-based XSS vulnerability in the backup module that can be leveraged for full account takeover.
Yarbo firmware v2.3.9 contains hardcoded administrative credentials that cannot be changed, leading to trivial unauthorized management access.
The embedded MQTT broker in Yarbo firmware v2.3.9 allows anonymous connections and lacks ACLs, enabling unauthorized control of the device.
A Cross-Site Request Forgery (CSRF) vulnerability in DivvyDrive versions 4.8.2.9 through 4.8.3.1 allows unauthorized actions to be performed on behalf of authenticated users.
URL redirection to untrusted site ('open redirect') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Parameter Injection. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2.
Spring Cloud Config allows directory traversal via specially crafted URLs, enabling unauthorized access to arbitrary files.
A Use-After-Free (UAF) vulnerability in the PresentationAPI of Google Chrome allows for potential arbitrary code execution via a specially crafted web page.
A Use-After-Free vulnerability in the Chromoting component of Google Chrome for Linux allows for potential arbitrary code execution.
A Use-After-Free vulnerability in the ANGLE graphics engine of Google Chrome on Mac allows for potential arbitrary code execution.
A Use-After-Free vulnerability in the SVG implementation of Google Chrome allows for potential arbitrary code execution.
Use after free in DOM in Google Chrome prior to 148
Use after free in Passwords in Google Chrome prior to 148
Use after free in WebRTC in Google Chrome on Windows prior to 148
Use after free in CSS in Google Chrome prior to 148
Use after free in V8 in Google Chrome prior to 148
Use after free in Blink in Google Chrome prior to 148
Use after free in WebAudio in Google Chrome prior to 148
Use after free in ReadingMode in Google Chrome prior to 148
Use after free in WebRTC in Google Chrome prior to 148
Use after free in UI in Google Chrome prior to 148
Use after free in Audio in Google Chrome on Mac prior to 148
Use after free in WebRTC in Google Chrome prior to 148
Heap buffer overflow in ANGLE in Google Chrome prior to 148
Use after free in Aura in Google Chrome on Windows prior to 148
Use after free in Fullscreen in Google Chrome on Windows prior to 148
Use after free in GPU in Google Chrome prior to 148
Use after free in Aura in Google Chrome prior to 148
Use after free in Skia in Google Chrome prior to 148
Use after free in ServiceWorker in Google Chrome prior to 148
Use after free in Navigation in Google Chrome prior to 148
Use after free in TopChrome in Google Chrome prior to 148
Use after free in DevTools in Google Chrome prior to 148
Use after free in GPU in Google Chrome prior to 148
Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148
Integer overflow in Blink in Google Chrome prior to 148
Out of bounds read and write in V8 in Google Chrome prior to 148
Out of bounds memory access in V8 in Google Chrome prior to 148
Integer overflow in ANGLE in Google Chrome on Mac,Windows prior to 148
Type Confusion in Runtime in Google Chrome prior to 148
Insufficient validation of untrusted input in Cookies in Google Chrome prior to 148
Out of bounds write in WebRTC in Google Chrome prior to 148
Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148
Integer overflow in Dawn in Google Chrome on Windows prior to 148
Type Confusion in WebRTC in Google Chrome prior to 148
Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148
Out of bounds read in AdFilter in Google Chrome prior to 148
Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148
YesWiki is a wiki system written in PHP
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network
Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network
Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148
Type Confusion in Accessibility in Google Chrome on Windows prior to 148
Insufficient data validation in InterestGroups in Google Chrome prior to 148
Out of bounds write in Skia in Google Chrome prior to 148
Inappropriate implementation in ServiceWorker in Google Chrome prior to 148
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 148
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network
Inappropriate implementation in Companion in Google Chrome on Mac prior to 148
Out of bounds read in Codecs in Google Chrome prior to 148
Insufficient policy enforcement in DevTools in Google Chrome prior to 148
Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network
Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 148
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an affected device
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to Deserialization of Untrusted Data in versions up to, and including, 4
The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7
The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unscheduled_original_file_deletion function in all versions up to, and including, 4
Vvveb before version 1
Vvveb before version 1
Vvveb before version 1
Lack of user input validation in the file upload functionality of Open Notebook v1
A heap buffer overflow in the MongoDB C Driver's Cyrus SASL integration allows for potential arbitrary code execution before authentication.
GitPython is a python library used to interact with Git repositories
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client
Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28
GitPython is a python library used to interact with Git repositories
An Improper Certificate Validation in Ivanti EPMM before versions 12
An Improper Access Control vulnerability in Ivanti EPMM before versions 12
A vulnerability was found in Tenda CX12L 16
zrok is software for sharing web services, files, and network resources
Daptin is a GraphQL/JSON-API headless CMS
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer
HCL BigFix Service Management (SX) is affected by a Broken Access Control vulnerability leading to privilege escalation
HCL BigFix RunBookAI is affected by a command smuggling vulnerability due to unvalidated command input.
gopls by default communicates via pipe
NanoClaw version 1
OpenClaw before 2026
OpenClaw before 2026
OpenClaw before 2026
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry
Math
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Gosoft Software Industry and Trade Ltd
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information Technologies Inc
Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in DivvyDrive Information Technologies Inc
OpenLearnX is an open-source, decentralized learning and assessment platform
A vulnerability has been found in Totolink X5000R 9
RELATE is a web-based courseware package
OpenClaw before 2026
Inngest is a platform for running event-driven and scheduled background functions with queueing, retries, and step orchestration
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations
Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc
Dagster is an orchestration platform for the development, production, and observation of data assets
Admidio is an open-source user management solution
Admidio is an open-source user management solution
OpenClaw before 2026
OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28
Budibase is an open-source low-code platform