2026-03-27
2026-03-27 22:16Z
HIGH

CVE-2026-33940 — Handlebarsjs Handlebars: In versions 4.0.0 through 4.7.8, a crafted object placed in the template context can

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33940

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, a crafted object placed in the template context can bypass all conditional guards in `resolvePartial()` and cause `invokePartial()` to return `undefined`. The Handlebars runtime then treats the unresolved partial as a source that needs to be compiled, passing the crafted object to `env.compile()`. Because the object is a valid Handlebars AST containing injected code CVSSv3.1 8.1 (HIGH)

CWECWE 94CWECWE 843VNDHandlebarsjsVNDHandlebarsTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-03-27
2026-03-27 22:16Z
HIGH

CVE-2019-25651 — Ubiquiti: UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-25651

Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weaknesses that allow attackers to recover encryption keys from captured traffic. Attackers with adjacent network access can capture sufficient encrypted traffic and exploit AES-CBC mode vu CVSSv3.1 8.3 (HIGH) · EPSS 1th percentile

CWECWE 327VNDUbiquitiTYPVulnerability
8.3
CVSS v3.1
92
Edit Score
2026-03-27
2026-03-27 21:32Z
CRIT

darksword-kexploit — iOS <=26.0.1 DarkSword Kernel Exploit reimplemented in Objective-C

GitHub · kernel exploits·github.comGITHUB POC

opa334 has published darksword-kexploit, a Objective-C reimplementation of a kernel exploit targeting iOS versions up to 26.0.1. The exploit appears to be a public proof-of-concept for kernel-level privilege escalation on Apple's mobile platform.

SRFOsTACTA0004SRFMobileVNDAppleTYPToolTYPExploitSTGPrivescSTGExecution
78
Edit Score
2026-03-27
2026-03-27 21:17Z
HIGH

CVE-2026-34046 — Langflow Langflow: Prior to version 1.5.1, the `_read_flow` helper in `src/backend/base/langflow/api/v1/flows.py` branched on the `AUTO_LOGIN` setting

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34046

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.5.1, the `_read_flow` helper in `src/backend/base/langflow/api/v1/flows.py` branched on the `AUTO_LOGIN` setting to decide whether to filter by `user_id`. When `AUTO_LOGIN` was `False` (i.e., authentication was enabled), neither branch enforced an ownership check — the query returned any flow matching the given UUID regardless of who owned it. This allowed any authenticated user CVSSv3.1 8.8 (HIGH) · EPSS 9th percentile

CWECWE 862CWECWE 639VNDLangflowTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-03-27
2026-03-27 21:17Z
HIGH

CVE-2026-33938 — Handlebarsjs Handlebars: provides the power necessary to let users build semantic templates.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33938

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the `@partial-block` special variable is stored in the template data context and is reachable and mutable from within a template via helpers that accept arbitrary objects. When a helper overwrites `@partial-block` with a crafted Handlebars AST, a subsequent invocation of `{{> @partial-block}}` compiles and executes that AST, enabling arbitrary JavaScript execution o CVSSv3.1 8.1 (HIGH)

CWECWE 94CWECWE 843CWECWE 917VNDHandlebarsjsVNDHandlebarsTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-03-27
2026-03-27 21:17Z
CRIT

CVE-2026-33937 — Handlebarsjs Handlebars: An attacker who can supply a crafted AST to `compile()` can therefore inject and

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33937

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, `Handlebars.compile()` accepts a pre-parsed AST object in addition to a template string. The `value` field of a `NumberLiteral` AST node is emitted directly into the generated JavaScript without quoting or sanitization. An attacker who can supply a crafted AST to `compile()` can therefore inject and execute arbitrary JavaScript, leading to Remote Code Execution on t CVSSv3.1 9.8 (CRITICAL)

CWECWE 94CWECWE 843VNDHandlebarsjsVNDHandlebarsTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-03-27
2026-03-27 21:17Z
CRIT

CVE-2026-33879 — Aicentre Federated_learning_and_interoperability_platform: Federated Learning and Interoperability Platform (FLIP) is an open-source platform for federated training and

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33879

Federated Learning and Interoperability Platform (FLIP) is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling brute-force and credential-stuffing attacks. FLIP users are external to the organization, increasing credential reuse risk. As of time of publication, it is unclear if a patch is available. CVSSv3.1 9.8 (CRITICAL)

CWECWE 307VNDAicentreVNDFederatedTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
728 × 90 / responsive · programmatic ad slot
2026-03-27
2026-03-27 20:16Z
CRIT

CVE-2026-33765 — Pi-hole Web_interface: Versions prior to 6.0 have a critical OS Command Injection vulnerability in the savesettings.php

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33765

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions prior to 6.0 have a critical OS Command Injection vulnerability in the savesettings.php file. The application takes the user-controlled $_POST['webtheme'] parameter and concatenates it directly into a system command executed via PHP's exec() function. Since the input is neither sanitized nor validated before being passed to the shell, an atta CVSSv3.1 9.8 (CRITICAL)

CWECWE 78VNDPi HoleTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-03-27
2026-03-27 20:16Z
CRIT

CVE-2026-33654 — Nanobot Nanobot: Prior to version 0.1.6, an indirect prompt injection vulnerability exists in the email channel

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33654

nanobot is a personal AI assistant. Prior to version 0.1.6, an indirect prompt injection vulnerability exists in the email channel processing module (`nanobot/channels/email.py`), allowing a remote, unauthenticated attacker to execute arbitrary LLM instructions (and subsequently, system tools) without any interaction from the bot owner. By sending an email containing malicious prompts to the bot's monitored email address, the bot automatically polls, ingests, and processes th CVSSv3.1 9.8 (CRITICAL)

CWECWE 94CWECWE 290CWECWE 1336VNDNanobotTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-03-27
2026-03-27 19:16Z
CRIT

CVE-2026-34387 — Fleetdm Fleet: Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34387

Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root (macOS/Linux) or SYSTEM (Windows) on managed hosts when an uninstall is triggered for a crafted software package. Version 4.81.1 patches the issue. CVSSv3.1 9.8 (CRITICAL)

CWECWE 78VNDFleetdmVNDFleetTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-03-27
2026-03-27 19:16Z
HIGH

CVE-2026-34385 — Fleetdm Fleet: Prior to 4.81.0, a second-order SQL injection vulnerability in Fleet's Apple MDM profile delivery

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34385

Fleet is open source device management software. Prior to 4.81.0, a second-order SQL injection vulnerability in Fleet's Apple MDM profile delivery pipeline could allow an attacker with a valid MDM enrollment certificate to exfiltrate or modify the contents of the Fleet database, including user credentials, API tokens, and device enrollment secrets. Version 4.81.0 patches the issue. CVSSv3.1 8.1 (HIGH)

CWECWE 89VNDFleetdmVNDFleetTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-03-27
2026-03-27 17:16Z
HIGH

CVE-2026-28369 — Redhat Build_of_apache_camel_-_hawtio: Request smuggling allows an attacker to bypass security mechanisms, access restricted information, or manipulate

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-28369

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform request smuggling. Request smuggling allows an attacker to bypass security mechanisms, access restricted information, or manipulate web caches, potentially leading to unauthorized acti CVSSv3.1 8.7 (HIGH) · EPSS 15th percentile

CWECWE 444VNDUndertowTYPVulnerability
8.7
CVSS v3.1
94
Edit Score
2026-03-27
2026-03-27 17:16Z
HIGH

CVE-2026-28368 — Redhat Build_of_apache_camel_-_hawtio: This vulnerability allows a remote attacker to construct specially crafted requests where header names

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-28368

A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing security controls and accessing unauthorized resources. CVSSv3.1 8.7 (HIGH) · EPSS 8th percentile

CWECWE 444VNDUndertowTYPVulnerability
8.7
CVSS v3.1
94
Edit Score
2026-03-27
2026-03-27 17:16Z
HIGH

CVE-2026-28367 — Redhat Build_of_apache_camel_-_hawtio: This can be used for request smuggling with certain proxy servers, such as older

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-28367

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\r\r\r` as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer, potentially leading to unauthorized access or manipulation of web requests. CVSSv3.1 8.7 (HIGH)

CWECWE 444VNDUndertowTYPVulnerability
8.7
CVSS v3.1
94
Edit Score
2026-03-27
2026-03-27 15:17Z
HIGH

CVE-2026-4984 — Twilio: The Twilio integration webhook handler accepts any POST request without validating Twilio's 'X-Twilio-Signature'.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-4984

The Twilio integration webhook handler accepts any POST request without validating Twilio's 'X-Twilio-Signature'. When processing media messages, it fetches user-controlled URLs ('MediaUrlN' parameters) using HTTP requests that include the integration's Twilio credentials in the 'Authorization' header. An attacker can forge a webhook payload pointing to their own server and receive the victim's 'accountSID' and 'authToken' in plaintext (base64-encoded Basic Auth), leading t CVSSv3.1 8.2 (HIGH) · EPSS 13th percentile

CWECWE 352CWECWE 345VNDTwilioTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-03-27
2026-03-27 15:16Z
CRIT

CVE-2026-33757 — Openbao Openbao: This allows an attacker to start an authentication request and perform "remote phishing" by

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33757

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao does not prompt for user confirmation when logging in via JWT/OIDC and a role with `callback_mode` set to `direct`. This allows an attacker to start an authentication request and perform "remote phishing" by having the victim visit the URL and automatically log-in to the session of the attacker. Despite being based on the authorization code flow, the `direct` mode calls back d CVSSv3.1 9.6 (CRITICAL)

CWECWE 384VNDOpenbaoTYPVulnerability
9.6
CVSS v3.1
98
Edit Score
2026-03-27
2026-03-27 15:16Z
HIGH

CVE-2026-33433 — Traefik Traefik: Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when `headerField` is configured with a non-canonical

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33433

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when `headerField` is configured with a non-canonical HTTP header name (e.g., `x-auth-user` instead of `X-Auth-User`), an authenticated attacker can inject their own canonical version of that header to impersonate any identity to the backend. The backend receives two header entries — the attacker-injected canonical one is read first, overriding Traefik's non-canonical write. CVSSv3.1 8.8 (HIGH)

CWECWE 290VNDTraefikTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-03-27
2026-03-27 15:16Z
CRIT

CVE-2026-27876 — Grafana Grafana: A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-27876

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the sqlExpressions feature toggle enabled are vulnerable. Only instances in the following version ranges are affected: - 11.6.0 (inclusive) to 11.6.14 (exclusive): 11.6.14 has the fix. 11 CVSSv3.1 9.1 (CRITICAL) · EPSS 66th percentile

CWECWE 94VNDGrafanaTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2026-03-27
2026-03-27 06:16Z
HIGH

CVE-2026-22742 — Vmware Spring_ai: Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery (SSRF) vulnerability in BedrockProxyChatModel when processing

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-22742

Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery (SSRF) vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests to unintended internal or external destinations. This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4. CVSSv3.1 8.6 (HIGH) · EPSS 18th percentile

CWECWE 918VNDVmwareVNDSpringTYPVulnerability
8.6
CVSS v3.1
93
Edit Score
2026-03-27
2026-03-27 06:16Z
CRIT

CVE-2026-22738 — Vmware Spring_ai: In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-22738

In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could exploit this to execute arbitrary code. Only applications that use SimpleVectorStore and pass user-supplied input as a filter expression key are affected. This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4. CVSSv3.1 9.8 (CRITICAL) · EPSS 16th percentile

CWECWE 88CWECWE 917VNDVmwareVNDSpringTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-03-27
2026-03-27 01:16Z
CRIT

CVE-2026-33729 — Openfga Openfga: In versions prior to 1.13.1, under specific conditions, models using conditions with caching enabled

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33729

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. In versions prior to 1.13.1, under specific conditions, models using conditions with caching enabled can result in two different check requests producing the same cache key. This can result in OpenFGA reusing an earlier cached result for a different request. Users are affected if the model has relations which rely on condition evaluation andncaching CVSSv3.1 9.8 (CRITICAL)

CWECWE 345CWECWE 20CWECWE 1289VNDOpenfgaTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-03-27
2026-03-27 01:16Z
CRIT

CVE-2026-33728 — Datadog Dd-trace-java: On JDK version 16 and earlier, an attacker with network access to a JMX

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33728

dd-trace-java is a Datadog APM client for Java. In versions of dd-trace-java 0.40.0 through prior to 1.60.2, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK version 16 and earlier, an attacker with network access to a JMX or RMI port on an instrumented JVM could exploit this to potentially achieve remote code execution. All three of the following conditions must be true to exploit this vulnera CVSSv3.1 9.8 (CRITICAL) · EPSS 49th percentile

CWECWE 502VNDDatadogTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-03-27
2026-03-27 01:16Z
CRIT

CVE-2026-33701 — Linuxfoundation Opentelemetry_instrumentation_for_java: On JDK version 16 and earlier, an attacker with network access to a JMX

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-33701

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.26.1, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK version 16 and earlier, an attacker with network access to a JMX or RMI port on an instrumented JVM could exploit this to potentially achieve remote code execution. All three of the following conditio CVSSv3.1 9.8 (CRITICAL)

CWECWE 502VNDLinuxfoundationVNDOpentelemetryTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-03-27
2026-03-27 00:16Z
HIGH

CVE-2026-27893 — Vllm Vllm: This enables remote code execution via malicious model repositories even when the user has

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-27893

vLLM is an inference and serving engine for large language models (LLMs). Starting in version 0.10.1 and prior to version 0.18.0, two model implementation files hardcode `trust_remote_code=True` when loading sub-components, bypassing the user's explicit `--trust-remote-code=False` security opt-out. This enables remote code execution via malicious model repositories even when the user has explicitly disabled remote code trust. Version 0.18.0 patches the issue. CVSSv3.1 8.8 (HIGH)

CWECWE 693CWECWE 501VNDVllmTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-03-27
2026-03-27 00:00Z
HIGH

Elastic Security Labs uncovers BRUSHWORM and BRUSHLOGGER

Elastic Security Labs·elastic.co

Elastic Security Labs disclosed BRUSHWORM and BRUSHLOGGER, two custom malware components targeting a South Asian financial institution. BRUSHWORM is a modular backdoor with USB worm propagation, scheduled task persistence, AES-encrypted configuration, and broad file theft capabilities; BRUSHLOGGER is a DLL side-loaded keylogger masquerading as libcurl.dll with system-wide keystroke capture and XOR-encrypted logs. Multiple development versions (V1.exe, V2.exe, etc.) were discovered on VirusTotal, indicating active refinement by an inexperienced threat actor.

SRFApplicationSRFOsTACTA0005TACTA0006TACTA0007TACTA0003TACTA0011TACTA0043
72
Edit Score