Skip to main content
CVE-2026-21957 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. [CVSS 7.5 HIGH]

Oracle Virtualbox Vm Virtualbox Suse
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-59466 HIGH PATCH This Week

We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when `async_hooks.createHook()` is enabled. Instead of reaching `process.on('uncaughtException')`, the process terminates, making the crash unrecoverable. [CVSS 7.5 HIGH]

Node.js Denial Of Service Node.Js Red Hat Suse
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-58744 HIGH This Week

Imagedirector Capture versions up to 7.6.3.25808. is affected by use of hard-coded credentials (CVSS 7.5).

Windows Imagedirector Capture
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-58743 HIGH This Week

Imagedirector Capture versions up to 7.6.3.25808. is affected by use of a broken or risky cryptographic algorithm (CVSS 7.5).

Windows Imagedirector Capture
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-33230 HIGH PATCH This Week

NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker could cause an OS command injection by supplying a malicious string to the installation path. [CVSS 7.3 HIGH]

Linux Denial Of Service Privilege Escalation Command Injection Information Disclosure +2
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-33228 HIGH PATCH This Week

NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the process_nsys_rep_cli.py script if the script is invoked manually. [CVSS 7.3 HIGH]

Denial Of Service Privilege Escalation Command Injection Information Disclosure Cuda Toolkit +1
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-36418 HIGH This Week

Applinx versions up to 11.1.0 is affected by improper verification of cryptographic signature (CVSS 7.3).

IBM Privilege Escalation Applinx
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-33229 HIGH PATCH This Week

NVIDIA Nsight Visual Studio for Windows contains a vulnerability in Nsight Monitor where an attacker can execute arbitrary code with the same privileges as the NVIDIA Nsight Visual Studio Edition Monitor application. [CVSS 7.3 HIGH]

Windows Denial Of Service Privilege Escalation Information Disclosure Cuda Toolkit +1
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-1222 HIGH This Week

Remote code execution in BROWAN COMMUNICATIONS PrismX MX100 AP controller allows high-privileged remote attackers to upload arbitrary files and execute web shell backdoors without user interaction. This vulnerability affects administrators with elevated credentials and enables complete compromise of the affected access point. No patch is currently available to remediate this issue.

File Upload RCE
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2025-15380 HIGH This Week

The NotificationX - FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting via the 'nx-preview' POST parameter in all versions up to, and including, 3.2.0. [CVSS 7.2 HIGH]

WordPress XSS PHP
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2026-21976 HIGH This Week

Business Intelligence versions up to 7.6.0.0.0 contains a vulnerability that allows attackers to unauthorized creation, deletion or modification access to critical data or all O (CVSS 7.1).

Oracle Industrial Business Intelligence
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-55131 HIGH PATCH This Week

A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the `vm` module with the timeout option. [CVSS 7.1 HIGH]

Node.js RCE Buffer Overflow
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-21986 HIGH This Week

Vm Virtualbox versions up to 7.1.14 contains a vulnerability that allows attackers to unauthorized ability to cause a hang or frequently repeatable crash (complete DO (CVSS 7.1).

Oracle Windows Virtualbox Denial Of Service Vm Virtualbox
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-21939 HIGH This Week

Vulnerability in the SQLcl component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.0. [CVSS 7.0 HIGH]

Oracle Database Server
NVD
CVSS 3.1
7.0
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy