| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4606 | GeoVision ERM Improper Privilege Assignment Leads to SYSTEM-Level Privilege | GeoVision | GV-Edge Recording Manager | 中危 | - | 2026-03-23 01:05:32 | Deep Dive |
| CVE-2019-25545 | Terminal Services Manager 3.2.1 Local Buffer Overflow Denial of Service | Lizardsystems | Terminal Services Manager | Medium | 6.2 | 2026-03-21 12:46:49 | Deep Dive |
| CVE-2026-4004 | Task Manager <= 3.0.2 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via 'task_id' Parameter | eoxia | Task Manager | Medium | 6.5 | 2026-03-21 03:27:12 | Deep Dive |
| CVE-2026-2351 | Task Manager <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Read | eoxia | Task Manager | Medium | 6.5 | 2026-03-21 03:27:03 | Deep Dive |
| CVE-2026-1800 | Fonts Manager | Custom Fonts <= 1.2 - Unauthenticated SQL Injection via fmcfIdSelectedFnt parameter | wisdomlogix | Fonts Manager | Custom Fonts | High | 7.5 | 2026-03-21 03:26:32 | Deep Dive |
| CVE-2026-3350 | Image Alt Text Manager <= 1.8.2 - Authenticated (Author+) Stored Cross-Site Scripting via Post Title | wpsaad | Image Alt Text Manager – Bulk & Dynamic Alt Tags For image SEO Optimization + AI | Medium | 6.4 | 2026-03-20 23:25:14 | Deep Dive |
| CVE-2026-32768 | Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace | ctfer-io | chall-manager | 中危 | - | 2026-03-20 05:30:07 | Deep Dive |
| CVE-2026-21992 | Oracle Identity Manager 安全漏洞 | Oracle Corporation | Oracle Identity Manager | Critical | 9.8 | 2026-03-20 02:24:16 | Deep Dive |
| CVE-2026-2571 | Download Manager <= 3.3.49 - Missing Authorization to Authenticated (Subscriber+) User Email Enumeration via 'user' Parameter | codename065 | Download Manager | Medium | 4.3 | 2026-03-19 06:46:15 | Deep Dive |
| CVE-2026-1780 | [CR]Paid Link Manager <= 0.5 - Reflected Cross-Site Scripting | silentwind | [CR]Paid Link Manager | Medium | 6.1 | 2026-03-18 03:37:14 | Deep Dive |
| CVE-2025-13702 | IBM Sterling Partner Engagement Manager Cross-Site Scripting | IBM | Sterling Partner Engagement Manager | Medium | 6.1 | 2026-03-13 18:33:13 | Deep Dive |
| CVE-2025-13718 | IBM Sterling Partner Engagement Manager Information Disclosure | IBM | Sterling Partner Engagement Manager | Low | 3.7 | 2026-03-13 18:33:08 | Deep Dive |
| CVE-2025-13723 | IBM Sterling Partner Engagement Manager Information Disclosure | IBM | Sterling Partner Engagement Manager | Medium | 5.3 | 2026-03-13 18:32:46 | Deep Dive |
| CVE-2025-13726 | IBM Sterling Partner Engagement Manager Information Disclosure | IBM | Sterling Partner Engagement Manager | Medium | 5.3 | 2026-03-13 18:26:34 | Deep Dive |
| CVE-2025-14811 | IBM Sterling Partner Engagement Manager Information Disclosure | IBM | Sterling Partner Engagement Manager | Low | 3.1 | 2026-03-13 18:22:00 | Deep Dive |
| CVE-2026-32413 | WordPress Permalink Manager Lite plugin < 2.5.3 - Broken Access Control vulnerability | Maciej Bis | Permalink Manager Lite | 中危 | - | 2026-03-13 11:42:15 | Deep Dive |
| CVE-2026-32364 | WordPress Turbo Manager plugin < 4.0.8 - Local File Inclusion vulnerability | redqteam | Turbo Manager | 中危 | - | 2026-03-13 11:42:06 | Deep Dive |
| CVE-2026-2640 | Lenovo PC Manager 安全漏洞 | Lenovo | PC Manager | Medium | 5.5 | 2026-03-11 20:23:13 | Deep Dive |
| CVE-2019-25478 | GetGo Download Manager 6.2.2.3300 Buffer Overflow DoS | Getgosoft | GetGo Download Manager | High | 7.5 | 2026-03-11 18:23:19 | Deep Dive |
| CVE-2026-3231 | Checkout Field Editor (Checkout Manager) for WooCommerce <= 2.1.7 - Unauthenticated Stored Cross-Site Scripting via Block Checkout Custom Radio Field | themehigh | Checkout Field Editor (Checkout Manager) for WooCommerce | High | 7.2 | 2026-03-11 09:25:45 | Deep Dive |