5.3

CVSS3.1

CVE-2026-1870 - Thim Kit for Elementor <= 1.3.7 - Missing Authorization to Unauthenticated Private Course Disclosure

The Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing validation checks on the 'thim-ekit/archive-course/get-courses' REST endpoint callback function in all versions up to, and including, 1.3.7. Th…

📅 Published: March 14, 2026, 1:24 p.m. 🔄 Last Modified: March 14, 2026, 1:24 p.m.

0.0

CVE-2025-54920 - Apache Spark: Spark History Server Code Execution Vulnerability

This issue affects Apache Spark: before 3.5.7 and 4.0.1. Users are recommended to upgrade to version 3.5.7 or 4.0.1 and above, which fixes the issue. Summary Apache Spark 3.5.4 and earlier versions contain a code execution vulnerability in the Spark History Web UI due to overly permissive Jac…

📅 Published: March 14, 2026, 9:01 a.m. 🔄 Last Modified: March 14, 2026, 9:01 a.m.

4.3

CVSS3.1

CVE-2026-1948 - NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.9 - Missing Authorization to Authenticated (…

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivate_license() function in all versions up to, and including, 9.1.9. This makes it possible for authenticated attackers, with Su…

📅 Published: March 14, 2026, 3:24 a.m. 🔄 Last Modified: March 14, 2026, 3:24 a.m.

5

CVSS3.1

CVE-2026-0385 - Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

📅 Published: March 13, 2026, 9:55 p.m. 🔄 Last Modified: March 13, 2026, 9:55 p.m.

0

CVSS4.0

CVE-2026-32732 - XSS in @leanprover/unicode-input-component

Lean 4 VS Code Extension is a Visual Studio Code extension for the Lean 4 proof assistant. Projects that use @leanprover/unicode-input-component are vulnerable to an XSS exploit in 0.1.9 of the package and lower. The component re-inserted text in the input element back into the input element as une…

📅 Published: March 13, 2026, 9:43 p.m. 🔄 Last Modified: March 13, 2026, 9:43 p.m.
Load More Vulnerability
avatar

Mehmet Ince

@mdisec

CVE stats coming here

avatar

Nuri Çilengir

@ncilengir

CVE stats coming here

avatar

@aydinnyunus

CVE stats coming here

avatar

Onurcan Genç

@onurcangnc

CVE stats coming here

avatar

Seyit Sigirci

@h3xecute

CVE stats coming here

avatar

Ali İltizar

@iltosec

CVE stats coming here

avatar

@b3rsec

CVE stats coming here

avatar

@furkank

CVE stats coming here

avatar

kutaysec

@kutaysec

CVE stats coming here