Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6111 matches found

Circl
Circladded 2026/03/24 1:5 p.m.2 views

CVE-2019-25628

creationtimestamp| type| source ---|---|--- 2026-03-24 13:05:27+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mhsnb3ljx72y 2026-03-24 13:49:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhspptsrc42p...

9.8CVSS5.8AI score0.00077EPSS
Exploits0References2
Veracode
Veracodeadded 2026/03/24 10:6 a.m.4 views

Remote Code Execution (RCE)

tinacms is vulnerable to remote code execution. The vulnerability is due to improper handling of markdown content using the gray-matter package, which allows an attacker to execute arbitrary code by injecting malicious content into processed markdown files such as blog posts...

8.8CVSS6.4AI score0.00069EPSS
Exploits1References3Affected Software3
Circl
Circladded 2026/03/24 7:16 a.m.1 views

CVE-2026-4755

creationtimestamp| type| source ---|---|--- 2026-03-24 07:16:44+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhrzrjfvsk27 2026-03-24 07:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116282977621312105 2026-03-24 07:30:30+00:00| seen|...

9.8CVSS5.8AI score0.00127EPSS
Exploits0References7
Circl
Circladded 2026/03/24 6:23 a.m.0 views

CVE-2026-4753

creationtimestamp| type| source ---|---|--- 2026-03-24 06:23:45+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhrwsrriex2c 2026-03-24 07:33:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhs2osrnei2n...

9.1CVSS5.8AI score0.00064EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/24 12:30 a.m.3 views

EUVD-2026-14618

The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relationalpostssearch function in all versions up to, and including, 5.0.6. This makes it possible for authenticated attackers, with Contributor-level access and abov...

4.3CVSS5.8AI score0.00014EPSS
Exploits0References6
Circl
Circladded 2026/03/24 12:9 a.m.1 views

CVE-2026-4021

creationtimestamp| type| source ---|---|--- 2026-03-24 00:09:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhrbw2jt5724 2026-03-24 00:19:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhrchlqftr2e...

8.1CVSS5.8AI score0.00286EPSS
Exploits0References2
Circl
Circladded 2026/03/24 12:5 a.m.2 views

CVE-2026-3533

creationtimestamp| type| source ---|---|--- 2026-03-24 00:05:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhrbo36xep2p 2026-03-24 00:23:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhrcp2nvyn2s...

8.8CVSS5.8AI score0.00329EPSS
Exploits0References2
CNVD
CNVDadded 2026/03/24 12:0 a.m.2 views

Unspecified vulnerability in Discourse (CNVD-2026-17481)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a security vulnerability due to an overly broad authorization check on the deleted post index endpoint, which can ...

7.1CVSS5.8AI score0.00021EPSS
Exploits0
CNVD
CNVDadded 2026/03/24 12:0 a.m.2 views

Discourse Information Disclosure Vulnerability (CNVD-2026-17477)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that stems from the /private-posts endpoint not applying post type...

6.5CVSS5.7AI score0.0002EPSS
Exploits0
NVD
NVDadded 2026/03/23 11:17 p.m.1 views

CVE-2026-4066

The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relationalpostssearch function in all versions up to, and including, 5.0.6. This makes it possible for authenticated attackers, with Contributor-level access and abov...

4.3CVSS0.00014EPSS
Exploits0References5
Circl
Circladded 2026/03/23 10:44 p.m.1 views

CVE-2025-60947

creationtimestamp| type| source ---|---|--- 2026-03-23 22:44:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhr55hi7rl27 2026-03-23 23:19:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhr73jy6su2i 2026-03-24 01:32:09+00:00| seen|...

8.8CVSS5.8AI score0.00365EPSS
Exploits0References4
Circl
Circladded 2026/03/23 10:43 p.m.1 views

CVE-2026-32300

creationtimestamp| type| source ---|---|--- 2026-03-23 22:43:19+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhr53h7zwd27 2026-03-23 23:04:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhr6bxm56l2g 2026-03-24 23:00:14+00:00| seen|...

8.1CVSS5.3AI score0.00016EPSS
Exploits0References3
Circl
Circladded 2026/03/23 10:30 p.m.2 views

CVE-2026-32277

creationtimestamp| type| source ---|---|--- 2026-03-23 22:30:57+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhr4fda2qx24 2026-03-23 22:31:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhr4g4gzxc2q 2026-03-23 22:36:07+00:00| seen|...

8.7CVSS5.8AI score0.00017EPSS
Exploits0References4
Circl
Circladded 2026/03/23 10:30 p.m.1 views

CVE-2026-32276

creationtimestamp| type| source ---|---|--- 2026-03-23 22:30:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhr4f4hwqo2c 2026-03-23 22:31:16+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhr4fviqoh2f 2026-03-23 23:34:10+00:00| seen|...

8.8CVSS5.8AI score0.00103EPSS
Exploits0References3
Circl
Circladded 2026/03/23 10:29 p.m.1 views

CVE-2026-32913

creationtimestamp| type| source ---|---|--- 2026-03-23 22:29:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhr4cjbbof2e 2026-03-23 23:14:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhr6slkvs22p 2026-03-24 12:00:04+00:00| published-proof-of-concept|...

9.3CVSS4.8AI score0.00045EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/03/23 10:25 p.m.1 views

CVE-2026-4066 Smart Custom Fields <= 5.0.6 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Relational Post Search

The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relationalpostssearch function in all versions up to, and including, 5.0.6. This makes it possible for authenticated attackers, with Contributor-level access and abov...

4.3CVSS5.8AI score0.00014EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/03/23 10:25 p.m.28 views

CVE-2026-4066 Smart Custom Fields <= 5.0.6 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Relational Post Search

The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relationalpostssearch function in all versions up to, and including, 5.0.6. This makes it possible for authenticated attackers, with Contributor-level access and abov...

4.3CVSS0.00014EPSS
Exploits0References5
CVE
CVEadded 2026/03/23 10:25 p.m.8 views

CVE-2026-4066

The CVE concerns the Smart Custom Fields plugin for WordPress (affected: all versions up to and including 5.0.6). A missing capability check in relational_posts_search() allows authenticated users with Contributor-level access or higher to read private and draft posts from other authors via the s...

4.3CVSS5.8AI score0.00014EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/03/23 10:25 p.m.3 views

CVE-2026-4066

The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relationalpostssearch function in all versions up to, and including, 5.0.6. This makes it possible for authenticated attackers, with Contributor-level access and abov...

4.3CVSS5.8AI score0.00014EPSS
Exploits0References6
Patchstack
Patchstackadded 2026/03/23 7:51 p.m.3 views

WordPress WP Posts Re-order plugin <= 1.0 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin WP Posts Re-order versions = 1.0...

4.3CVSS5.8AI score0.00016EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder