CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/03/17 4:9 a.m.•4 views

CVE-2026-3312

A flaw was found in Pagure's rendering engine for reStructuredText RST files. An authenticated user can exploit an unrestricted .. include:: directive within RST files to read arbitrary internal files from the server hosting Pagure. This information disclosure vulnerability allows unauthorized...

7.7CVSS5.8AI score

Exploits0References3

OSV•added 2026/03/15 5:56 a.m.•2 views

OESA-2026-1598 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

5.9CVSS4.7AI score0.00725EPSS

Exploits0References5

EUVD•added 2026/03/13 9:31 p.m.•7 views

EUVD-2026-11905

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

EUVD•added 2026/03/13 9:31 p.m.•4 views

EUVD-2026-11917

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemetechMount Boldman boldman allows PHP Local File Inclusion.This issue affects Boldman: from n/a through = 7.7...

7.5CVSS5.8AI score0.00381EPSS

EUVD•added 2026/03/13 9:31 p.m.•4 views

EUVD-2026-11903

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly greenly allows PHP Local File Inclusion.This issue affects Greenly: from n/a through = 8.1...

EUVD•added 2026/03/13 9:31 p.m.•3 views

EUVD-2026-11889

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magepeopleteam WpBookingly service-booking-manager allows PHP Local File Inclusion.This issue affects WpBookingly: from n/a through = 1.2.9...

EUVD•added 2026/03/13 9:31 p.m.•1 views

EUVD-2026-11864

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through 2.0.7...

NVD•added 2026/03/13 7:55 p.m.•4 views

CVE-2026-32426

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themelexus Medilazar Core medilazar-core allows PHP Local File Inclusion.This issue affects Medilazar Core: from n/a through 1.4.7...

7.5CVSS0.00381EPSS

NVD•added 2026/03/13 7:54 p.m.•4 views

CVE-2026-32400

7.5CVSS0.00381EPSS

NVD•added 2026/03/13 7:54 p.m.•3 views

CVE-2026-32369

7.5CVSS0.00381EPSS

ATTACKERKB•added 2026/03/13 11:42 a.m.•4 views

CVE-2026-32426

CVE•added 2026/03/13 11:42 a.m.•8 views

CVE-2026-32426

The CVE-2026-32426 entry describes a Local File Inclusion (LFI) vulnerability in the WordPress plugin Medilazar Core (themelexus) prior to version 1.4.7 . The root cause is improper control of the filename for include/require in PHP, effectively enabling LFI. Affected software: Medilazar Core

7.5CVSS5.8AI score0.00381EPSS

Cvelist•added 2026/03/13 11:42 a.m.•24 views

CVE-2026-32401 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows PHP Local File Inclusion.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.9...

7.2CVSS0.00398EPSS

ATTACKERKB•added 2026/03/13 11:42 a.m.•3 views

CVE-2026-32401

5.8AI score0.00398EPSS