| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4469 | itsourcecode Online Frozen Foods Ordering System admin_edit_menu_action.php sql injection | itsourcecode | Online Frozen Foods Ordering System | Medium | 4.7 | 2026-03-20 04:02:12 | Deep Dive |
| CVE-2026-32985 | Xerte Online Toolkits <= 3.14 Unauthenticated Template Import Arbitrary File Upload Leading to Remote Code Execution | Xerte | Xerte Online Toolkits | Critical | 9.8 | 2026-03-20 00:06:29 | Deep Dive |
| CVE-2026-26137 | Microsoft Exchange Elevation of Privilege Vulnerability | Microsoft | Microsoft Exchange Online | Critical | 9.9 | 2026-03-19 21:06:26 | Deep Dive |
| CVE-2026-4236 | itsourcecode Online Enrollment System index.php sql injection | itsourcecode | Online Enrollment System | High | 7.3 | 2026-03-16 11:32:09 | Deep Dive |
| CVE-2026-4235 | itsourcecode Online Enrollment System login.php sql injection | itsourcecode | Online Enrollment System | High | 7.3 | 2026-03-16 11:02:09 | Deep Dive |
| CVE-2026-3981 | itsourcecode Online Doctor Appointment System doctor_action.php sql injection | itsourcecode | Online Doctor Appointment System | High | 7.3 | 2026-03-12 04:32:08 | Deep Dive |
| CVE-2026-3980 | itsourcecode Online Doctor Appointment System patient_action.php sql injection | itsourcecode | Online Doctor Appointment System | High | 7.3 | 2026-03-12 04:02:09 | Deep Dive |
| CVE-2026-3226 | LearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Notification Triggering | thimpress | LearnPress – WordPress LMS Plugin for Create and Sell Online Courses | Medium | 4.3 | 2026-03-12 02:22:37 | Deep Dive |
| CVE-2026-26108 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft | Microsoft 365 Apps for Enterprise | High | 7.8 | 2026-03-10 17:05:19 | Deep Dive |
| CVE-2026-26109 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft | Microsoft 365 Apps for Enterprise | High | 8.4 | 2026-03-10 17:05:19 | Deep Dive |
| CVE-2026-26107 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft | Microsoft 365 Apps for Enterprise | High | 7.8 | 2026-03-10 17:05:18 | Deep Dive |
| CVE-2026-26112 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft | Microsoft 365 Apps for Enterprise | High | 7.8 | 2026-03-10 17:05:04 | Deep Dive |
| CVE-2026-3759 | projectworlds Online Art Gallery Shop adminHome.php sql injection | projectworlds | Online Art Gallery Shop | High | 7.3 | 2026-03-08 18:02:11 | Deep Dive |
| CVE-2026-3758 | projectworlds Online Art Gallery Shop adminHome.php sql injection | projectworlds | Online Art Gallery Shop | High | 7.3 | 2026-03-08 18:02:09 | Deep Dive |
| CVE-2026-3757 | projectworlds Online Art Gallery Shop pass sql injection | projectworlds | Online Art Gallery Shop | High | 7.3 | 2026-03-08 18:02:07 | Deep Dive |
| CVE-2026-1071 | Carta Online <= 2.13.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings | cartaonline | Carta Online | Medium | 4.4 | 2026-03-07 07:22:04 | Deep Dive |
| CVE-2026-3406 | projectworlds Online Art Gallery Shop Registration registration.php sql injection | projectworlds | Online Art Gallery Shop | High | 7.3 | 2026-03-02 02:32:08 | Deep Dive |
| CVE-2025-13673 | Tutor LMS <= 3.9.6 - Unauthenticated SQL Injection via coupon_code | themeum | Tutor LMS – eLearning and online course solution | High | 7.5 | 2026-02-28 07:25:35 | Deep Dive |
| CVE-2026-24494 | SQL injection vulnerability in Order Up Online Ordering System | Order Up | Online Ordering System | Critical | 9.8 | 2026-02-23 01:24:48 | Deep Dive |
| CVE-2026-2944 | Tosei Online Store Management System ネット店舗管理システム HTTP POST Request monitor.php system os command injection | Tosei | Online Store Management System ネット店舗管理システム | High | 7.3 | 2026-02-22 11:02:08 | Deep Dive |