March 2026

383 security articles published this month.

173

critical

174

high

33

medium

1

low

2

Advisory

291

Breaches

12

News

50

Intel

28

Learn

2

Research

0

Malware

0

Advisory

(291)

critical Mar 31

Python SQL Injection (CVE-2026-32714)

CVE-2026-34042: RCE — Patch Guide

critical Mar 31

NocoBase RCE (CVE-2026-34156) [PoC]

FastGPT exposes AI tools to unauthenticated users

JOSE library allows forged JWT tokens (CVE-2026-34240)

critical Mar 31

Wenxian GitHub Actions RCE (CVE-2026-34243)

critical Mar 31

HAPI FHIR Auth Token Theft (CVE-2026-34361)

critical Mar 31

SiYuan XSS to RCE (CVE-2026-34448)

critical Mar 31

SiYuan RCE Vulnerability (CVE-2026-34449)

OpenClaw SSRF exposes internal URLs (CVE-2026-34504)

SiYuan XSS to RCE (CVE-2026-34585)

critical Mar 30

Software Path Traversal (CVE-2025-15036) - Patch Now

critical Mar 30

Software Command Injection (CVE-2025-15379) - Patch Now

Gitlab Vulnerability (CVE-2026-2370)

CVE-2026-28228: OpenOlat RCE — Patch Guide

CVE-2026-29872: RCE — Patch Guide

critical Mar 30

PHP RCE (CVE-2026-30562)

Nginx Vulnerability (CVE-2026-33030)

critical Mar 30

Nginx Vulnerability (CVE-2026-33032)

critical Mar 30

CVE-2026-34557: CI4MS XSS — Critical — Patch Now

critical Mar 30

CVE-2026-34558: CI4MS XSS — Critical — Patch Now

CVE-2026-0560: RCE — Patch Guide

critical Mar 29

OpenClaw privilege escalation to admin (CVE-2026-32922)

critical Mar 29

CVE-2026-32924: OpenClaw

critical Mar 29

CVE-2026-32973: OpenClaw

CVE-2026-32974: OpenClaw Auth Bypass — Patch Guide

critical Mar 29

CVE-2026-32975: OpenClaw

CVE-2026-32980: OpenClaw RCE — Patch Guide

critical Mar 29

CVE-2026-32987: OpenClaw Privilege Escalation

CVE-2026-5019: Php SQLi — Patch Guide

CVE-2026-5033: Php SQLi — Patch Guide

CVE-2026-5034: Php SQLi — Patch Guide

critical Mar 28

and prior Buffer Overflow (CVE-2016-20049)

critical Mar 28

and prior Buffer Overflow (CVE-2017-20225)

critical Mar 28

Software Buffer Overflow (CVE-2017-20227) - Patch Now

critical Mar 28

MAWK Stack Buffer Overflow (CVE-2017-20229) - Update Now

elecV2P SSRF Vulnerability (CVE-2026-5016)

CVE-2026-5017: Php SQLi — Patch Guide

CVE-2026-5018: Php SQLi — Patch Guide

critical Mar 27

CVE-2026-22738: In Spring AI [PoC]

CVE-2026-22742: Spring AI SSRF — Patch Guide

critical Mar 27

Grafana unauthenticated RCE (CVE-2026-27876) [PoC]

critical Mar 27

Software Command Injection (CVE-2026-30302) - Patch Now

critical Mar 27

Axon Code OS command injection (CVE-2026-30303)

CVE-2026-30529: Php RCE — Patch Guide

critical Mar 27

PHP RCE (CVE-2026-30530)

critical Mar 27

PHP RCE (CVE-2026-30532)

critical Mar 27

PHP RCE (CVE-2026-30533)

critical Mar 27

Handlebars allows arbitrary code execution [PoC]

critical Mar 27

Android RCE (CVE-2026-33976)

critical Mar 27

Home Assistant exposes unauthenticated endpoints

CVE-2018-25195: Wecodex Hotel CMS SQLi — Patch Guide

CVE-2018-25203: Online Store System SQLi — Patch Guide

critical Mar 26

CVE-2026-33152: Tandoor Recipes

Etcd authentication bypass (CVE-2026-33413)

CVE-2026-33506: Ory Polis XSS — Patch Guide

Pay SDK skips signature verification (CVE-2026-33661)

RPCSEC_GSS stack buffer overflow (CVE-2026-4747)

critical Mar 26

CVE-2026-4809: RCE — Critical — Patch Now

Cisco Vulnerability (CVE-2026-20012)

Cisco Vulnerability (CVE-2026-20084)

Cisco CW9800 unauthenticated RCE (CVE-2026-20086)

critical Mar 25

PHP Code Injection (CVE-2026-25366)

critical Mar 25

pdf-image npm package allows OS command injection [PoC]

critical Mar 25

node-tesseract-ocr shell injection (CVE-2026-26832)

CVE-2026-29187: OpenEMR RCE — Patch Guide [PoC]

Sonarr unauthenticated file read (CVE-2026-30976)

CVE-2026-33348: OpenEMR RCE — Patch Guide

Gitlab Vulnerability (CVE-2026-3857)

critical Mar 24

CVE-2026-33286: Graphiti RCE — Critical — Patch Now

critical Mar 24

Wordpress RCE (CVE-2026-4001)

critical Mar 24

Firefox Use-After-Free (CVE-2026-4688)

critical Mar 24

Firefox Use-After-Free Leads to RCE (CVE-2026-4691)

critical Mar 24

Firefox Use-After-Free (CVE-2026-4696)

critical Mar 24

Firefox Vulnerability (CVE-2026-4698)

critical Mar 24

Firefox HTTP Mitigation Bypass (CVE-2026-4700) - Update Now

critical Mar 24

Firefox Use-After-Free (CVE-2026-4701)

critical Mar 24

Firefox Vulnerability (CVE-2026-4702)

critical Mar 24

Firefox Vulnerability (CVE-2026-4705)

critical Mar 24

Firefox Use-After-Free (CVE-2026-4725)

critical Mar 24

Android Vulnerability (CVE-2026-4755)

Wordpress RCE (CVE-2025-10679)

critical Mar 23

Sap RCE (CVE-2026-32968)

critical Mar 23

PHP RCE (CVE-2026-33297)

critical Mar 23

PHP RCE (CVE-2026-33351)

critical Mar 23

PHP RCE (CVE-2026-33352)

critical Mar 23

WWBN AVideo RCE (CVE-2026-33478)

critical Mar 23

WWBN AVideo SSRF Vulnerability (CVE-2026-33502)

critical Mar 23

PHP RCE (CVE-2026-33716)

critical Mar 23

Linux Vulnerability (CVE-2026-3587)

CVE-2026-4562: Php

critical Mar 23

Tenda Vulnerability (CVE-2026-4567)

critical Mar 23

jsrsasign leaks private keys (CVE-2026-4599)

Android Vulnerability (CVE-2019-25605)

critical Mar 22

Free Float FTP Buffer Overflow (CVE-2019-25614)

CVE-2026-33292: Php RCE — Patch Guide

CVE-2026-33293: Php RCE — Patch Guide

Tenda Buffer Overflow (CVE-2026-4534)

CVE-2026-4540: Php SQLi — Patch Guide

Linksys MR9600 exposes admin credentials

critical Mar 21

CVE-2019-25568: Memu Play

CVE-2019-25573: Green CMS SQLi — Patch Guide

CVE-2019-25575: SimplePress CMS SQLi — Patch Guide

CVE-2019-25576: Kepler Wallpaper Script SQLi — Patch Guide

CVE-2019-25578: Php SQLi — Patch Guide

CVE-2019-25579: Php Path Traversal — Patch Guide

CVE-2019-25580: SQLi — Patch Guide

i-doit CMDB SQL Injection (CVE-2019-25581)

D-Link Buffer Overflow (CVE-2026-4529)

critical Mar 20

Oracle Vulnerability (CVE-2026-21992)

Android Vulnerability (CVE-2026-32317)

MySQL Vulnerability (CVE-2026-32710)

critical Mar 20

Anchorr XSS (CVE-2026-32890)

critical Mar 20

CVE-2026-32938: SiYuan

critical Mar 20

CVE-2026-32940: SiYuan XSS — Critical — Patch Now

critical Mar 20

CVE-2026-32985: Php RCE — Critical — Patch Now

critical Mar 20

Python Path Traversal (CVE-2026-33054)

critical Mar 20

Python Vulnerability (CVE-2026-33057)

critical Mar 20

PHP SQL Injection (CVE-2026-33134)

critical Mar 20

PHP XSS (CVE-2026-33135)

critical Mar 20

PHP XSS (CVE-2026-33136)

Statamic stored XSS via SVG reupload (CVE-2026-33172)

critical Mar 20

CVE-2026-33186: RCE — Critical — Patch Now [PoC]

CVE-2026-33226: Budibase RCE — Patch Guide

critical Mar 19

Software RCE Flaw (CVE-2026-27542) - Patch Now

critical Mar 19

Docker Vulnerability (CVE-2026-32038)

critical Mar 19

Software SSRF Flaw (CVE-2026-32169) - Patch Now

critical Mar 19

Microsoft Command Injection (CVE-2026-32191)

critical Mar 19

Microsoft Command Injection (CVE-2026-32194)

CVE-2026-32255: Kan RCE — Patch Guide [PoC]

critical Mar 19

PHP XSS (CVE-2026-32754)

CVE-2025-15031: RCE — Patch Guide

CVE-2026-22729:

CVE-2026-22730: SQLi — Patch Guide

critical Mar 18

OmniGen2-RL RCE (CVE-2026-25873)

Apache Command Injection (CVE-2026-27811)

CVE-2026-31898:

critical Mar 18

CVE-2026-31938:

CVE-2026-32321: Php RCE — Patch Guide [PoC]

critical Mar 18

OpenProject RCE (CVE-2026-32698)

ApostropheCMS MFA Bypass (CVE-2026-32730)

critical Mar 18

ApostropheCMS RCE (CVE-2026-32731) [PoC]

CVE-2025-14031: Ibm

CVE-2026-1376: Ibm RCE — Patch Guide

critical Mar 17

Oracle RCE (CVE-2026-21994)

critical Mar 17

Spinnaker URL Validation Bypass (CVE-2026-25534)

Apache Vulnerability (CVE-2026-28779)

Airflow lets tasks read HITL data (CVE-2026-30911)

critical Mar 17

CVE-2026-3564:

CVE-2015-20121: Realtyscript SQLi — Patch Guide

critical Mar 16

Apache Vulnerability (CVE-2016-20026)

critical Mar 16

CVE-2016-20030: ZKTeco ZKBioSecurity

critical Mar 16

Authlib JWK Header Injection (CVE-2026-27962)

CVE-2026-30875: Chamilo LMS RCE — Patch Guide

CVE-2026-32313: Php RCE — Patch Guide

critical Mar 16

CVE-2026-32621: Apollo Federation

critical Mar 16

AnythingLLM Desktop XSS in chat (CVE-2026-32626)

CVE-2026-32628: AnythingLLM SQLi — Patch Guide

critical Mar 16

CVE-2026-4170: Php Command Injection — Critical — Patch Now

critical Mar 13

Software DoS Flaw (CVE-2026-25823) - Patch Now

critical Mar 13

CVE-2026-26954: SandboxJS

critical Mar 13

CVE-2026-31886: Dagu

CVE-2026-31944: LibreChat

critical Mar 13

Centrifugo RCE (CVE-2026-32301)

critical Mar 13

CVE-2026-32304: Locutus

CVE-2026-32308: OneUptime

critical Mar 13

Wordpress RCE (CVE-2026-3891) [PoC]

Chrome Vulnerability (CVE-2026-3909) [PoC]

Chrome Vulnerability (CVE-2026-3910)

CVE-2019-25482: Php SQLi — Patch Guide

CVE-2019-25488: Jettweb Hazir Rent SQLi — Patch Guide

CVE-2019-25508: Php SQLi — Patch Guide

XooDigital Latest SQL Injection (CVE-2019-25509)

CVE-2019-25510: Php Auth Bypass — Patch Guide

CVE-2019-25511: Php SQLi — Patch Guide

CVE-2019-25512: Php SQLi — Patch Guide

CVE-2019-25513: Php SQLi — Patch Guide

CVE-2019-25514: Php SQLi — Patch Guide

critical Mar 12

PostgreSQL RCE (CVE-2026-21708)

critical Mar 11

CVE-2019-25471: Php

critical Mar 11

Sap Vulnerability (CVE-2019-25487)

Gitlab Vulnerability (CVE-2026-1090)

critical Mar 11

PHP RCE (CVE-2026-27591)

critical Mar 11

Kubernetes RCE (CVE-2026-28229)

critical Mar 11

Windows Vulnerability (CVE-2026-30903)

critical Mar 11

iOS RCE (CVE-2026-31852)

critical Mar 11

PHP SQL Injection (CVE-2026-31896)

critical Mar 11

Microsoft Vulnerability (CVE-2026-31957)

critical Mar 11

Plunk SSRF Vulnerability (CVE-2026-32096) - Update to 0.7.0 [PoC]

critical Mar 10

CVE-2025-48611: In DeviceId

CVE-2026-23654: Dependency

Windows Vulnerability (CVE-2026-23669)

critical Mar 10

Sap Deserialization (CVE-2026-27685)

critical Mar 10

CVE-2026-28292:

critical Mar 10

CVE-2026-28495: Php

critical Mar 10

SiYuan Path Traversal (CVE-2026-30869)

critical Mar 10

CVE-2026-30887: OneUptime

critical Mar 10

Node.js RCE (CVE-2026-30966)

critical Mar 10

Linux SQL Injection (CVE-2026-3843)

CVE-2025-61611: In DoS — Patch Guide

CVE-2025-61612: In DoS — Patch Guide

CVE-2025-61613: In DoS — Patch Guide

CVE-2025-61614: In DoS — Patch Guide

CVE-2025-61615: In DoS — Patch Guide

CVE-2025-61616: In DoS — Patch Guide

CVE-2025-69278: In DoS — Patch Guide

CVE-2026-0846:

Budibase Path Traversal (CVE-2026-30240)

Kubernetes Vulnerability (CVE-2026-3288) [PoC]

A Memory Corruption (CVE-2026-3703)

CVE-2026-3705: Php

CVE-2026-3708: Php

CVE-2026-3709: Php

CVE-2026-3723: Php

CVE-2026-3730: Php RCE — Patch Guide

CVE-2026-3734: Php RCE — Patch Guide

CVE-2026-3735: Php

CVE-2026-3736: Php

CVE-2026-3740: Php RCE — Patch Guide

PHP SQL injection in Student Web Portal (CVE-2026-3744)

CVE-2026-3746: Php RCE — Patch Guide

CVE-2026-3747: Php RCE — Patch Guide

CVE-2026-3758: Php

Python RCE (CVE-2026-29778)

CVE-2026-29779: UptimeFlare

CVE-2026-29784: Ghost CSRF — Patch Guide

Chrome SSRF (CVE-2026-30834)

WeKnora RCE (CVE-2026-30860)

WeKnora RCE (CVE-2026-30861)

CVE-2018-25161: Warranty Tracking System SQLi — Patch Guide

CVE-2018-25163: BitZoom SQLi — Patch Guide

CVE-2018-25166: Meneame English Pligg SQLi — Patch Guide

CVE-2018-25167: Php SQLi — Patch Guide

CVE-2018-25170: DoceboLMS SQLi — Patch Guide

CVE-2018-25172: Pedidos SQLi — Patch Guide

CVE-2018-25173: Rmedia SMS SQLi — Patch Guide

Php RCE Vulnerability (CVE-2026-28501)

Python RCE (CVE-2026-29075)

CVE-2026-29183: SiYuan XSS — Critical — Patch Now

CVE-2026-29789: Php

CVE-2026-0848: NLTK [PoC]

Microsoft RCE Vulnerability (CVE-2026-21536)

CVE-2026-24457:

Wordpress Deserialization (CVE-2026-2599)

Nginx Vulnerability (CVE-2026-27944) [PoC]

Windows Vulnerability (CVE-2026-28391)

Slack Privilege Escalation (CVE-2026-28392)

CVE-2026-28469: OpenClaw

Nextcloud Vulnerability (CVE-2026-28474)

CVE-2019-25499: Simple Job Script SQLi — Patch Guide

CVE-2019-25501: Simple Job Script SQLi — Patch Guide

CVE-2026-0847: Path Traversal — Patch Guide [PoC]

Cisco Vulnerability (CVE-2026-20039)

Cisco Vulnerability (CVE-2026-20079) [PoC]

Cisco Vulnerability (CVE-2026-20082)

Cisco Vulnerability (CVE-2026-20101)

Cisco Vulnerability (CVE-2026-20103)

Cisco Vulnerability (CVE-2026-20131) [PoC]

Chrome Vulnerability (CVE-2026-3539)

Apache RCE Vulnerability (CVE-2025-59059)

Ibm Vulnerability (CVE-2026-1567)

iOS Buffer Overflow (CVE-2026-20777)

iOS Buffer Overflow (CVE-2026-22891)

CVE-2026-25673:

CVE-2026-26266: AliasVault XSS — Critical — Patch Now

CVE-2026-26279: Froxlor RCE — Critical — Patch Now

CVE-2026-27012: OpenSTAManager RCE — Critical — Patch Now

Python RCE (CVE-2026-27932)

CVE-2026-28289: Php [PoC]

CVE-2024-31328: In

CVE-2025-48574: In RCE — Patch Guide

CVE-2026-21853: AFFiNE RCE — Patch Guide

Php SQL Injection (CVE-2026-26710)

Php SQL Injection (CVE-2026-26711)

Php SQL Injection (CVE-2026-26712)

Php SQL Injection (CVE-2026-26713)

Windows RCE Vulnerability (CVE-2026-2999)

Windows RCE Vulnerability (CVE-2026-3000)

CVE-2026-3400:

CVE-2026-3406: Php

CVE-2026-3409: RCE — Patch Guide

CVE-2026-3410: Php RCE — Patch Guide

CVE-2026-3411: Php RCE — Patch Guide

MongoDB Vulnerability (CVE-2026-3431)

CVE-2026-3377:

CVE-2026-3378: Buffer Overflow — Patch Guide

CVE-2026-3379:

CVE-2026-3380: Buffer Overflow — Patch Guide

CVE-2026-3395: Php [PoC]

CVE-2026-3398:

CVE-2026-3399:

Breaches

(12)

Cuties AI Breach Exposes 144K User Profiles

critical Mar 27

BreachForums Hacking Forum Leaks 340K User Accounts

critical Mar 26

Scuf Gaming Breach Exposes 129K Gamer Accounts and Passwords

critical Mar 26

Sound Radix Audio Tools Breach - 293K User Accounts Exposed

critical Mar 23

RuneScape Boards Breach - 222K Accounts Exposed

critical Mar 18

Aura Breach - 903K Accounts Exposed

critical Mar 15

Baydöner Data Breach Exposes 1.2 Million Customer Records

Divine Skins Breach Exposes Over 105K User Accounts

Provecho Breach: 713K Accounts Exposed

KomikoAI Breach: 1.1M Accounts Exposed

Lovora Breach: 496K Accounts Exposed

Quitbro Breach: 23K Accounts — Email Addresses Exposed

News

(50)

critical Mar 30

Critical Citrix NetScaler memory actively exploited

DeepLoad Malware Uses ClickFix and WMI Persistence to

AI SOC Agent Hype Masks Growing Secrets Sprawl Crisis

Russian CTRL Toolkit Hijacks RDP via Malicious LNK

critical Mar 28

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides

Windows 11 KB5079391 update rolls out Smart App Control

critical Mar 26

LangChain, LangGraph Flaws Expose Files, Secrets,

Device Code Phishing Hits 340+ Microsoft 365 Orgs

PolyShell attacks target 56% of all vulnerable Magento

FCC Bans New Foreign-Made Routers Over Supply Chain and

Hackers Use Fake Resumes to Steal Enterprise

North Korean Hackers Abuse VS Code Auto-Run Tasks to

The Hidden Cost of Cybersecurity Specialization

U.S. Sentences Russian Hacker to 6.75 Years for Role in

critical Mar 21

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV

Google Adds 24-Hour Wait for Unverified App Sideloading

The Importance of Behavioral Analytics in AI-Enabled

critical Mar 19

CISA Warns of Zimbra, SharePoint Exploits; Cisco

Interlock Ransomware Exploits Cisco FMC Zero-Day

Apple Fixes WebKit Vulnerability Enabling Same-Origin

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for

LeakNet Ransomware Uses ClickFix via Hacked Sites,

critical Mar 16

CISA Flags Actively Exploited Wing FTP Vulnerability

GlassWorm Attack Uses Stolen GitHub Tokens to

Google Fixes Two Chrome Zero-Days Exploited in the Wild

INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning

Apple Issues Security Updates for Older iOS Devices

critical Mar 12

CISA Flags Actively Exploited n8n RCE Bug as 24,700

Hive0163 Uses AI-Assisted Slopoly Malware for

Nine CrackArmor Flaws in Linux AppArmor Enable Root

Veeam Patches 7 Critical Backup & Replication Flaws

critical Mar 10

CISA Flags SolarWinds, Ivanti, and Workspace One

How to Stop AI Data Leaks

KadNap Malware Infects 14,000+ Edge Devices to Power

Microsoft Patches 84 Flaws in March Patch Tuesday,

New 'LeakyLooker' Flaws in Google Looker Studio Could

Threat Actors Mass-Scan Salesforce Experience Cloud via

Malicious npm Package Posing as OpenClaw Installer

Hikvision and Rockwell Automation CVSS 9.8 Flaws Added

China-Linked Hackers Use TernDoor, PeerTime, BruteEntry

Coruna iOS Exploit Kit Uses 23 Exploits Across Five

FBI and Europol Seize LeakBase Forum Used to Trade

APT41-Linked Silver Dragon Targets Governments Using

Bruteforce Scans for CrushFTP , (Tue, Mar 3rd)

CISA Adds Actively Exploited VMware Aria Operations

CyberStrikeAI tool adopted by hackers for AI-powered

New Chrome Vulnerability Let Malicious Extensions

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited

Intel

(28)

BreachForums new ownership + takedown (March 2026)

critical Mar 14

China Mobile (中国移动) 2022: 1 billion Records Allegedly Leaked

Baydöner: 3.6M Records Allegedly Leaked

critical Mar 13

0xy0um0m Databases: 6m Records Allegedly Leaked

critical Mar 12

2invoice: 0m Records Allegedly Leaked

critical Mar 12

Air Miles España (Travel Club) Breach Claim — 23,177,370 ...

critical Mar 12

Betterment: 20 million Records Allegedly Leaked

BMW Hong Kong: 13978 records Records Allegedly Leaked

Cal AI: 3 million Records Allegedly Leaked

Chronopost Pickup: 861k Records Allegedly Leaked

Free.fr ISP Data Breach Allegation - 14 Million User Records Exposed

Fédération Sportive et Gymnique du Travail (FSGT) Breach ...

Instagram Expolits (2017-2024): 87k Records Allegedly Leaked

critical Mar 12

Iron March: 1186 records Records Allegedly Leaked

JobsGo: 2,325,285 records Records Allegedly Leaked

Maxance: 348k Records Allegedly Leaked

Mutuelle Des Motards: 1.3 million Records Allegedly Leaked

critical Mar 12

Panera Bread Database Allegedly Leaked - 14 Million Records Exposed

Paris A Coeur Ouvert: 616 records Records Allegedly Leaked

critical Mar 12

Peruvian Taxpayers Breach Claim — 13063781 records Records

SocRadar Cybersecurity Firm Alleged in Massive 332M Email Scrape

SUCCESS: 141k Records Allegedly Leaked

critical Mar 12

Ticketek User Database Allegedly Leaked - 30 Million Records Exposed

Turkish Citizenship: 49Million Records Allegedly Leaked

critical Mar 12

Yellow Pages Directory Breach Claim — 28.5 million Records

Coté Sushi Database Allegedly Leaked - 1.1m Records Exposed

Intersport Rent: 1.2 million Records Allegedly Leaked

Odido Database Allegedly Leaked - 6M Records Exposed

Learn

(2)

The OSI Model Explained for Security Engineers (Mapped to Modern Attack Techniques)

Complete Guide to CVSS v3.1 and v4.0 Scoring (With Real CVE Case Studies)

February 2026 All Threats April 2026