CVE-2026-27982 - Django-Allauth Open Redirect Vulnerability
CVE ID : CVE-2026-27982
Published : March 5, 2026, 5:31 a.m. | 32 minutes ago
Description : An open redirect vulnerability exists in django-allauth versions prior to 65.14.1 when SAML IdP initiated SSO is enabled (it is disabled by default), which may allow an attacker to redirect users to an arbitrary external website via a crafted URL.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-27982
Published : March 5, 2026, 5:31 a.m. | 32 minutes ago
Description : An open redirect vulnerability exists in django-allauth versions prior to 65.14.1 when SAML IdP initiated SSO is enabled (it is disabled by default), which may allow an attacker to redirect users to an arbitrary external website via a crafted URL.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-30777 - EC-CUBE MFA Bypass Vulnerability
CVE ID : CVE-2026-30777
Published : March 5, 2026, 5:31 a.m. | 32 minutes ago
Description : EC-CUBE provided by EC-CUBE CO.,LTD. contains a multi-factor authentication (MFA) bypass vulnerability. An attacker who has obtained a valid administrator ID and password may be able to bypass two-factor authentication and gain unauthorized access to the administrative page.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-30777
Published : March 5, 2026, 5:31 a.m. | 32 minutes ago
Description : EC-CUBE provided by EC-CUBE CO.,LTD. contains a multi-factor authentication (MFA) bypass vulnerability. An attacker who has obtained a valid administrator ID and password may be able to bypass two-factor authentication and gain unauthorized access to the administrative page.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-23767 - Epson ESC/POS Printer Unauthenticated Network Command Injection Vulnerability
CVE ID : CVE-2026-23767
Published : March 5, 2026, 5:34 a.m. | 29 minutes ago
Description : ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-23767
Published : March 5, 2026, 5:34 a.m. | 29 minutes ago
Description : ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-29052 - HumHub Calendar Module: Stored XSS in Event Types
CVE ID : CVE-2026-29052
Published : March 5, 2026, 5:48 a.m. | 15 minutes ago
Description : The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting (XSS) vulnerability in the Event Types of the HumHub Calendar module impacts users viewing events created by an administrative account. This issue has been patched in version 1.8.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-29052
Published : March 5, 2026, 5:48 a.m. | 15 minutes ago
Description : The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting (XSS) vulnerability in the Event Types of the HumHub Calendar module impacts users viewing events created by an administrative account. This issue has been patched in version 1.8.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-29053 - Ghost Vulnerable to Remote Code Execution via Malicious Themes
CVE ID : CVE-2026-29053
Published : March 5, 2026, 5:51 a.m. | 12 minutes ago
Description : Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, specifically crafted malicious themes can execute arbitrary code on the server running Ghost. This issue has been patched in version 6.19.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-29053
Published : March 5, 2026, 5:51 a.m. | 12 minutes ago
Description : Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, specifically crafted malicious themes can execute arbitrary code on the server running Ghost. This issue has been patched in version 6.19.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-25702 - nftables disabled due to incorrect kernel backport
CVE ID : CVE-2026-25702
Published : March 5, 2026, 7:16 a.m. | 2 hours, 48 minutes ago
Description : A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before 9c294edb7085fb91650bc12233495a8974c5ff2d.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-25702
Published : March 5, 2026, 7:16 a.m. | 2 hours, 48 minutes ago
Description : A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before 9c294edb7085fb91650bc12233495a8974c5ff2d.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28536 - Cisco Device Authentication Bypass Vulnerability
CVE ID : CVE-2026-28536
Published : March 5, 2026, 7:16 a.m. | 2 hours, 48 minutes ago
Description : Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28536
Published : March 5, 2026, 7:16 a.m. | 2 hours, 48 minutes ago
Description : Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2743 - SEPPmail User Web Interface Arbitrary File Write to RCE
CVE ID : CVE-2026-2743
Published : March 5, 2026, 7:16 a.m. | 2 hours, 48 minutes ago
Description : Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2743
Published : March 5, 2026, 7:16 a.m. | 2 hours, 48 minutes ago
Description : Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-66319 - Citrix Resource Scheduling Module Permission Bypass Vulnerability
CVE ID : CVE-2025-66319
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Permission control vulnerability in the resource scheduling module. Impact: Successful exploitation of this vulnerability may affect service integrity.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-66319
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Permission control vulnerability in the resource scheduling module. Impact: Successful exploitation of this vulnerability may affect service integrity.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1321 - Membership Plugin – Restrict Content <= 3.2.20 - Unauthenticated Privilege Escalation via 'rcp_level'
CVE ID : CVE-2026-1321
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the `rcp_setup_registration_init()` function accepting any membership level ID via the `rcp_level` POST parameter without validating that the level is active or that payment is required. Combined with the `add_user_role()` method which assigns the WordPress role configured on the membership level without status checks, this makes it possible for unauthenticated attackers to register with any membership level, including inactive levels that grant privileged WordPress roles such as Administrator, or paid levels that charge a sign-up fee. The vulnerability was partially patched in version 3.2.18.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-1321
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the `rcp_setup_registration_init()` function accepting any membership level ID via the `rcp_level` POST parameter without validating that the level is active or that payment is required. Combined with the `add_user_role()` method which assigns the WordPress role configured on the membership level without status checks, this makes it possible for unauthenticated attackers to register with any membership level, including inactive levels that grant privileged WordPress roles such as Administrator, or paid levels that charge a sign-up fee. The vulnerability was partially patched in version 3.2.18.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-21786 - HCL Sametime for iOS is affected by sensitive information disclosure
CVE ID : CVE-2026-21786
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : HCL Sametime for iOS is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URLs.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-21786
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : HCL Sametime for iOS is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URLs.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28537 - Microsoft Windows Double Free Vulnerability
CVE ID : CVE-2026-28537
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28537
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28538 - Apache Certificate Management Path Traversal Vulnerability
CVE ID : CVE-2026-28538
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28538
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28539 - Apache Certificate Management Module Information Disclosure Vulnerability
CVE ID : CVE-2026-28539
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28539
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28540 - Qualcomm Bluetooth Out-of-Bounds Character Read Vulnerability
CVE ID : CVE-2026-28540
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Out-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28540
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Out-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28541 - "Qualcomm Cellular Data Permission Control Vulnerability"
CVE ID : CVE-2026-28541
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Permission control vulnerability in the cellular_data module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28541
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Permission control vulnerability in the cellular_data module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28543 - Cisco Maintenance and Diagnostics Module Race Condition Vulnerability
CVE ID : CVE-2026-28543
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28543
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28544 - Adobe Printing Module Race Condition Vulnerability
CVE ID : CVE-2026-28544
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28544
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28545 - "HP Printing Module Race Condition Vulnerability"
CVE ID : CVE-2026-28545
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28545
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28550 - Cisco Security Control Module Race Condition Vulnerability
CVE ID : CVE-2026-28550
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28550
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28552 - Huawei IMS Out-of-Bounds Write Vulnerability
CVE ID : CVE-2026-28552
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28552
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...