CVE-2026-28537 - Microsoft Windows Double Free Vulnerability
CVE ID : CVE-2026-28537
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28537
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28538 - Apache Certificate Management Path Traversal Vulnerability
CVE ID : CVE-2026-28538
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28538
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28539 - Apache Certificate Management Module Information Disclosure Vulnerability
CVE ID : CVE-2026-28539
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28539
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28540 - Qualcomm Bluetooth Out-of-Bounds Character Read Vulnerability
CVE ID : CVE-2026-28540
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Out-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28540
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Out-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28541 - "Qualcomm Cellular Data Permission Control Vulnerability"
CVE ID : CVE-2026-28541
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Permission control vulnerability in the cellular_data module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28541
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Permission control vulnerability in the cellular_data module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28543 - Cisco Maintenance and Diagnostics Module Race Condition Vulnerability
CVE ID : CVE-2026-28543
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28543
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28544 - Adobe Printing Module Race Condition Vulnerability
CVE ID : CVE-2026-28544
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28544
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28545 - "HP Printing Module Race Condition Vulnerability"
CVE ID : CVE-2026-28545
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28545
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28550 - Cisco Security Control Module Race Condition Vulnerability
CVE ID : CVE-2026-28550
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28550
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28552 - Huawei IMS Out-of-Bounds Write Vulnerability
CVE ID : CVE-2026-28552
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28552
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2893 - Page and Post Clone <= 6.3 - Authenticated (Contributor+) SQL Injection via 'meta_key' Parameter
CVE ID : CVE-2026-2893
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : The Page and Post Clone plugin for WordPress is vulnerable to SQL Injection via the 'meta_key' parameter in the content_clone() function in all versions up to, and including, 6.3. This is due to insufficient escaping on the user-supplied meta_key value and insufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The injection is second-order: the malicious payload is stored as a post meta key and executed when the post is cloned.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2893
Published : March 5, 2026, 8:15 a.m. | 1 hour, 48 minutes ago
Description : The Page and Post Clone plugin for WordPress is vulnerable to SQL Injection via the 'meta_key' parameter in the content_clone() function in all versions up to, and including, 6.3. This is due to insufficient escaping on the user-supplied meta_key value and insufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The injection is second-order: the malicious payload is stored as a post meta key and executed when the post is cloned.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28542 - Apache System Service Framework Privilege Escalation
CVE ID : CVE-2026-28542
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28542
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28546 - Cisco ASA Buffer Overflow
CVE ID : CVE-2026-28546
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Buffer overflow vulnerability in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28546
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Buffer overflow vulnerability in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28547 - Cisco Scanning Module Pointer Uninitialized Access Vulnerability
CVE ID : CVE-2026-28547
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Vulnerability of uninitialized pointer access in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28547
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Vulnerability of uninitialized pointer access in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28548 - Apache Email Confidentiality Bypass
CVE ID : CVE-2026-28548
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Vulnerability of improper verification in the email application. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28548
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Vulnerability of improper verification in the email application. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28549 - Apache Permission Service Race Condition
CVE ID : CVE-2026-28549
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Race condition vulnerability in the permission management service. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28549
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Race condition vulnerability in the permission management service. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28551 - Cisco Device Security Management Module Race Condition Vulnerability
CVE ID : CVE-2026-28551
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Race condition vulnerability in the device security management module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28551
Published : March 5, 2026, 9:16 a.m. | 48 minutes ago
Description : Race condition vulnerability in the device security management module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-21628 - Extension - astroidframe.work - Unauthenticated Remote Code Execution in Astroid Framework 2.0.0 - 3.3.10 for Joomla
CVE ID : CVE-2026-21628
Published : March 5, 2026, 9:24 a.m. | 39 minutes ago
Description : A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-21628
Published : March 5, 2026, 9:24 a.m. | 39 minutes ago
Description : A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11143 - Jetty URI Parser Differential Parsing Vulnerability
CVE ID : CVE-2025-11143
Published : March 5, 2026, 9:26 a.m. | 37 minutes ago
Description : The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response. At the very least, differential parsing may divulge implementation details.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11143
Published : March 5, 2026, 9:26 a.m. | 37 minutes ago
Description : The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response. At the very least, differential parsing may divulge implementation details.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1605 - Eclipse Jetty JDK Inflater Memory Leak
CVE ID : CVE-2026-1605
Published : March 5, 2026, 10:15 a.m. | 1 hour, 50 minutes ago
Description : In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed. This happens because the JDK Inflater is allocated for decompressing the request, but it is not released because the release mechanism is tied to the compressed response. In this case, since the response is not compressed, the release mechanism does not trigger, causing the leak.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-1605
Published : March 5, 2026, 10:15 a.m. | 1 hour, 50 minutes ago
Description : In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed. This happens because the JDK Inflater is allocated for decompressing the request, but it is not released because the release mechanism is tied to the compressed response. In this case, since the response is not compressed, the release mechanism does not trigger, causing the leak.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-3236 - Octopus Server API Key Lifetime Extension Vulnerability
CVE ID : CVE-2026-3236
Published : March 5, 2026, 11:15 a.m. | 50 minutes ago
Description : In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token.
Severity: 2.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-3236
Published : March 5, 2026, 11:15 a.m. | 50 minutes ago
Description : In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token.
Severity: 2.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...