SVG files look innocent as simple vector graphics, but they are XML documents that can hide malicious JavaScript, phishing links, and XXE exploits. Opening an untrusted SVG in your browser might trigger redirects to fake login pages or data leaks without warning.

CVE-2026-32729 - Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp` CVE ID :CVE-2026-32729 Published : March 13, 2026, 9:41 p.m. | 2 hours, 22 minutes ago Description :Runtipi is a personal homeserver orchestrator. Prior to 4.8.1, The Runtipi /api/auth/verify-totp endpoint does not enforce any rate limiting, attempt counting, or account lockout mechanism. An attacker who has obtained a user's valid credentials (via phishing, credential stuffing, or data breach) can brute-force the 6-digit TOTP code to completely bypass two-factor authentication. The TOTP verification session persists for 24 hours (default cache TTL), providing an excessive window during which the full 1,000,000-code keyspace (000000–999999) can be exhausted. At practical request rates (~500 req/s), the attack completes in approximately 33 minutes in the worst case. This vulnerability is fixed in 4.8.1. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-32729 - Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp` scq.ms/47jXI7B

CVE-2026-3227 - Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N CVE ID :CVE-2026-3227 Published : March 13, 2026, 9:38 p.m. | 25 minutes ago Description :A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file that results in execution of OS commands with root privileges during port-trigger processing. Successful exploitation allows an authenticated attacker to execute system commands with root privileges, leading to full device compromise. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-3227 - Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N scq.ms/4lMnbMZ

CVE-2026-4092 - Google Apps Script Path Traversal Remote Code Execution Vulnerability CVE ID :CVE-2026-4092 Published : March 13, 2026, 7:55 p.m. | 8 minutes ago Description :Path Traversal in Clasp impacting versions 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-4092 - Google Apps Script Path Traversal Remote Code Execution Vulnerability scq.ms/3NpjpMt

North Korean hackers have compromised the popular Axios npm package, injecting malware via a fake dependency that deploys cross-platform RATs on developer systems. Downloaded millions of times weekly and used in 80% of cloud environments.

CVE-2026-32746 - GNU inetutils telnetd LINEMODE SLC Buffer Overflow CVE ID :CVE-2026-32746 Published : March 13, 2026, 6:19 p.m. | 1 hour, 7 minutes ago Description :telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-32746 - GNU inetutils telnetd LINEMODE SLC Buffer Overflow scq.ms/47zeUG3

CVE-2026-26954 - SandboxJS Function Injection Vulnerability CVE ID :CVE-2026-26954 Published : March 13, 2026, 4:20 p.m. | 1 hour, 25 minutes ago Description :SandboxJS is a JavaScript sandboxing library. Prior to 0.8.34, it is possible to obtain arrays containing Function, which allows escaping the sandbox. Given an array containing Function, and Object.fromEntries, it is possible to construct {[p]: Function} where p is any constructible property. This vulnerability is fixed in 0.8.34. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-26954 - SandboxJS Function Injection Vulnerability scq.ms/4bjjp8M

CVE-2025-13779 - ABB AWIN GW100/GW120 Authentication Bypass CVE ID :CVE-2025-13779 Published : March 13, 2026, 2:20 p.m. | 1 hour, 6 minutes ago Description :Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2025-13779 - ABB AWIN GW100/GW120 Authentication Bypass scq.ms/4lsmCr7

CVE-2026-3891 - "Pix for WooCommerce Arbitrary File Upload Vulnerability" CVE ID :CVE-2026-3891 Published : March 13, 2026, 8:21 a.m. | 3 hours, 4 minutes ago Description :The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lkn_pix_for_woocommerce_c6_save_settings' function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-3891 - "Pix for WooCommerce Arbitrary File Upload Vulnerability" scq.ms/4sK2FyF

CVE-2026-22193 - wpDiscuz SQL Injection Vulnerability CVE ID :CVE-2026-22193 Published : March 13, 2026, 6:19 a.m. | 1 hour, 6 minutes ago Description :wpDiscuz before 7.6.47 contains an SQL injection vulnerability in the getAllSubscriptions() function where string parameters lack proper quote escaping in SQL queries. Attackers can inject malicious SQL code through email, activation_key, subscription_date, and imported_from parameters to manipulate database queries and extract sensitive information. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-22193 - wpDiscuz SQL Injection Vulnerability scq.ms/3P2mEKt

CVE-2026-32306 - OneUptime ClickHouse SQL Injection via Aggregate Query Parameters CVE ID :CVE-2026-32306 Published : March 12, 2026, 9:27 p.m. | 1 hour, 57 minutes ago Description :OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the telemetry aggregation API accepts user-controlled aggregationType, aggregateColumnName, and aggregationTimestampColumnName parameters and interpolates them directly into ClickHouse SQL queries via the .append() method (documented as "trusted SQL"). There is no allowlist, no parameterized query binding, and no input validation. An authenticated user can inject arbitrary SQL into ClickHouse, enabling full database read (including telemetry data from all tenants), data modification, and potential remote code execution via ClickHouse table functions. This vulnerability is fixed in 10.0.23. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-32306 - OneUptime ClickHouse SQL Injection via Aggregate Query Parameters scq.ms/4sC5f9O

Struggling with Microsoft Sentinel incident triage? Harvey AI changes that. Our conversational AI bot guides you through investigations effortlessly, generating KQL queries automatically so no expertise is needed. Enjoy faster resolutions, reduced MTTR, and proactive threat hunting.

CVE-2026-32274 - Black: Arbitrary file writes from unsanitized user input in cache file name CVE ID :CVE-2026-32274 Published : March 12, 2026, 8:16 p.m. | 1 hour, 9 minutes ago Description :Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the value of this argument to write cache files to arbitrary file system locations. Fixed in Black 26.3.1. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-32274 - Black: Arbitrary file writes from unsanitized user input in cache file name scq.ms/4s9DzJH

CVE-2026-3841 - Command Injection Vulnerability in Telnet CLI on TP-Link TL-MR6400 CVE ID :CVE-2026-3841 Published : March 12, 2026, 6:16 p.m. | 1 hour, 8 minutes ago Description :A command injection vulnerability has been identified in the Telnet command-line interface (CLI) of TP-Link TL-MR6400 v5.3. This issue is caused by insufficient sanitization of data processed during specific CLI operations. An authenticated attacker with elevated privileges may be able to execute arbitrary system commands. Successful exploitation may lead to full device compromise, including potential loss of confidentiality, integrity, and availability. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-3841 - Command Injection Vulnerability in Telnet CLI on TP-Link TL-MR6400 scq.ms/3P1y9Sp

CVE-2026-32274 - Black: Arbitrary file writes from unsanitized user input in cache file name CVE ID :CVE-2026-32274 Published : March 12, 2026, 8:16 p.m. | 43 minutes ago Description :Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the value of this argument to write cache files to arbitrary file system locations. Fixed in Black 26.3.1. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-32274 - Black: Arbitrary file writes from unsanitized user input in cache file name scq.ms/4s9DzJH

CVE-2026-3841 - Command Injection Vulnerability in Telnet CLI on TP-Link TL-MR6400 CVE ID :CVE-2026-3841 Published : March 12, 2026, 6:16 p.m. | 1 hour, 8 minutes ago Description :A command injection vulnerability has been identified in the Telnet command-line interface (CLI) of TP-Link TL-MR6400 v5.3. This issue is caused by insufficient sanitization of data processed during specific CLI operations. An authenticated attacker with elevated privileges may be able to execute arbitrary system commands. Successful exploitation may lead to full device compromise, including potential loss of confidentiality, integrity, and availability. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-3841 - Command Injection Vulnerability in Telnet CLI on TP-Link TL-MR6400 scq.ms/3P1y9Sp

CVE-2026-4043 - Tenda i12 wifiSSIDget formwrlSSIDget stack-based overflow CVE ID :CVE-2026-4043 Published : March 12, 2026, 4:16 p.m. | 1 hour, 8 minutes ago Description :A security vulnerability has been detected in Tenda i12 1.0.0.6(2204). The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-4043 - Tenda i12 wifiSSIDget formwrlSSIDget stack-based overflow scq.ms/4b81djL

CVE-2026-3841 - Command Injection Vulnerability in Telnet CLI on TP-Link TL-MR6400 CVE ID :CVE-2026-3841 Published : March 12, 2026, 6:16 p.m. | 43 minutes ago Description :A command injection vulnerability has been identified in the Telnet command-line interface (CLI) of TP-Link TL-MR6400 v5.3. This issue is caused by insufficient sanitization of data processed during specific CLI operations. An authenticated attacker with elevated privileges may be able to execute arbitrary system commands. Successful exploitation may lead to full device compromise, including potential loss of confidentiality, integrity, and availability. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-3841 - Command Injection Vulnerability in Telnet CLI on TP-Link TL-MR6400 scq.ms/3P1y9Sp

CVE-2026-4043 - Tenda i12 wifiSSIDget formwrlSSIDget stack-based overflow CVE ID :CVE-2026-4043 Published : March 12, 2026, 4:16 p.m. | 1 hour, 8 minutes ago Description :A security vulnerability has been detected in Tenda i12 1.0.0.6(2204). The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-4043 - Tenda i12 wifiSSIDget formwrlSSIDget stack-based overflow scq.ms/4b81djL

CVE-2026-28384 - Authenticated RCE via unsanitized compression_algorithm CVE ID :CVE-2026-28384 Published : March 12, 2026, 2:51 p.m. | 33 minutes ago Description :An improper sanitization of the compression_algorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup endpoints. This issue affected LXD from 4.12 through 6.6 and was fixed in the snap versions 5.0.6-e49d9f4 (channel 5.0/stable), 5.21.4-1374f39 (channel 5.21/stable), and 6.7-1f11451 (channel 6.0 stable). The channel 4.0/stable is not affected as it contains version 4.0.10. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-28384 - Authenticated RCE via unsanitized compression_algorithm scq.ms/47wBAGX

CVE-2026-2514 - Possibility of unintended actions when viewing maliciously crafted network data in Progress Flowmon ADS web application CVE ID :CVE-2026-2514 Published : March 12, 2026, 1 p.m. | 24 minutes ago Description :In Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, a vulnerability exists whereby an adversary with access to Flowmon monitoring ports may craft malicious network data that, when processed by Flowmon ADS and viewed by an authenticated user, could result in unintended actions being executed in the user's browser context. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-2514 - Possibility of unintended actions when viewing maliciously crafted network data in Progress Flowmon ADS web application scq.ms/4sGkWge

CVE-2026-4008 - Tenda W3 POST Parameter wifiSSIDset stack-based overflow CVE ID :CVE-2026-4008 Published : March 12, 2026, 7:16 a.m. | 2 hours, 8 minutes ago Description :A flaw has been found in Tenda W3 1.0.0.3(2204). This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-4008 - Tenda W3 POST Parameter wifiSSIDset stack-based overflow scq.ms/4lpyom5

CVE-2026-3978 - D-Link DIR-513 formEasySetupWizard3 stack-based overflow CVE ID :CVE-2026-3978 Published : March 12, 2026, 4:16 a.m. | 1 hour, 7 minutes ago Description :A vulnerability was detected in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formEasySetupWizard3. The manipulation of the argument wan_connected results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-3978 - D-Link DIR-513 formEasySetupWizard3 stack-based overflow scq.ms/47FxXOV

CVE-2026-3973 - Tenda W3 POST Parameter setAutoPing formSetAutoPing stack-based overflow CVE ID :CVE-2026-3973 Published : March 12, 2026, 2:15 a.m. | 1 hour, 8 minutes ago Description :A vulnerability was determined in Tenda W3 1.0.0.3(2204). This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-3973 - Tenda W3 POST Parameter setAutoPing formSetAutoPing stack-based overflow scq.ms/40tu8Zn

CVE-2026-32136 - AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass CVE ID :CVE-2026-32136 Published : March 11, 2026, 10:16 p.m. | 1 hour, 6 minutes ago Description :AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.73, an unauthenticated remote attacker can bypass all authentication in AdGuardHome by sending an HTTP/1.1 request that requests an upgrade to HTTP/2 cleartext (h2c). Once the upgrade is accepted, the resulting HTTP/2 connection is handled by the inner mux, which has no authentication middleware attached. All subsequent HTTP/2 requests on that connection are processed as fully authenticated, regardless of whether any credentials were provided. This vulnerability is fixed in 0.107.73. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-32136 - AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass scq.ms/4low3YA

CVE-2026-0940 - Lenovo ThinkPad BIOS Initialization Vulnerability CVE ID :CVE-2026-0940 Published : March 11, 2026, 8:21 p.m. | 1 hour, 1 minute ago Description :A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-0940 - Lenovo ThinkPad BIOS Initialization Vulnerability scq.ms/4s7kZ4U

CVE-2026-31887 - Shopware unauthenticated data extraction possible through store-api.order endpoint CVE ID :CVE-2026-31887 Published : March 11, 2026, 7:16 p.m. | 38 minutes ago Description :Shopware is an open commerce platform. Prior to 6.7.8.1 and 6.6.10.15, an insufficient check on the filter types for unauthenticated customers allows access to orders of other customers. This is part of the deepLinkCode support on the store-api.order endpoint. This vulnerability is fixed in 6.7.8.1 and 6.6.10.15. Severity: 8.9 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-31887 - Shopware unauthenticated data extraction possible through store-api.order endpoint scq.ms/4ukmFcR

CVE-2019-25487 - SAPIDO RB-1732 V2.0.43 Remote Command Execution via formSysCmd CVE ID :CVE-2019-25487 Published : March 11, 2026, 6:23 p.m. | 58 minutes ago Description :SAPIDO RB-1732 V2.0.43 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the formSysCmd endpoint. Attackers can send POST requests with the sysCmd parameter containing shell commands to execute code on the device with router privileges. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2019-25487 - SAPIDO RB-1732 V2.0.43 Remote Command Execution via formSysCmd scq.ms/3OVD2fN

CVE-2026-31854 - Cursor Affected by Arbitrary Code Execution via Prompt Injection and Whitelist Bypass CVE ID :CVE-2026-31854 Published : March 11, 2026, 5:16 p.m. | 1 hour, 13 minutes ago Description :Cursor is a code editor built for programming with AI. Prior to 2.0 ,if a visited website contains maliciously crafted instructions, the model may attempt to follow them in order to “assist” the user. When combined with a bypass of the command whitelist mechanism, such indirect prompt injections could result in commands being executed automatically, without the user’s explicit intent, thereby posing a significant security risk. This vulnerability is fixed in 2.0. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2026-31854 - Cursor Affected by Arbitrary Code Execution via Prompt Injection and Whitelist Bypass scq.ms/4cDQEGh

Alert fatigue in SOCs is more than workload; it's a real safety risk with analysts missing critical threats amid thousands of daily alerts. SecQubes Harvey AI transforms Microsoft Sentinel triage into conversational guided sessions, eliminating KQL barriers.