Skip to main content
Weekly Report Mar 30, 2026 by vuln.today Threat Intelligence

Threat Landscape 23/03-30/03/2026: Supply Chain Attacks and Auth Failures Surge

Full article requires sign-in

Access weekly reports, audio discussions, threat analysis, and CVE breakdowns.

Sign in - Free

Related CVEs

CVE-2026-33634 CVE-2026-4585 CVE-2026-4567 CVE-2026-30530 CVE-2026-30533 CVE-2026-30532 CVE-2026-33696 CVE-2026-33660 CVE-2025-71275 CVE-2025-60949

Related Vulnerability Groups

Tenda Router Buffer Overflow Vulnerabilities CRITICAL
2 CVEs
n8n Workflow Automation Security Flaws CRITICAL
3 CVEs

Other CVEs in Same Group

CVE-2026-33663 HIGH 8.5

n8n workflow automation platform Community Edition contains an authorization bypass vulnerability allowing authenticated users with member-level privileges to steal plaintext credentials from other users. The flaw chains name-based credential resolution that doesn't enforce ownership with a permissions bypass affecting generic HTTP credential types (httpBasicAuth, httpHeaderAuth, httpQueryAuth). Attackers can decrypt and exfiltrate credentials without authorization, though native integration credentials remain unaffected.
CVE-2026-4565 HIGH 7.4

Buffer overflow in Tenda AC21 firmware version 16.03.08.16 allows authenticated remote attackers to achieve complete system compromise through crafted QoS configuration requests to the SetNetControlList endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can execute arbitrary code with full system privileges (confidentiality, integrity, and availability impact).

More Coverage

github.com/AshleyT3 CVE-2026-33634: Docker Socket Privilege Escalation - Safer Trivy Scanning Without Root
Mar 31, 2026
medium.com CVE-2026-33696: n8n Prototype Pollution RCE in XML and GSuite Admin

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy