THREAT ALERT

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — February 12, 2026

123 CVEs tracked today. 21 Critical, 60 High, 32 Medium, 1 Low.

CVE-2026-26219 CRITICAL CVSS 9.1
Unsalted MD5 password hashing in newbee-mall. Combined with hardcoded credentials (CVE-2026-26218), passwords are trivially crackable. PoC available.

Information Disclosure Newbee Mall
CVE-2026-26218 CRITICAL CVSS 9.8
Hardcoded admin credentials in newbee-mall e-commerce platform database initialization script. PoC available.

Authentication Bypass Newbee Mall
CVE-2026-26216 CRITICAL CVSS 10.0
Remote code execution in Crawl4AI Docker API before 0.8.0 via hooks parameter. The /crawl endpoint accepts Python code in hooks that executes on the server. EPSS 0.28%.

Python Docker RCE AI / ML Crawl4ai
CVE-2026-26068 CRITICAL CVSS 9.9
Command injection in emp3r0r C2 framework before 3.21.1. Untrusted agent metadata (Transport, Hostname) injected into commands. PoC and patch available. EPSS 0.61%.

Linux RCE Command Injection Emp3r0r
CVE-2026-26011 CRITICAL CVSS 9.8
Heap out-of-bounds write in Nav2 AMCL (Adaptive Monte Carlo Localization) in ROS 2 Navigation Framework 1.3.11 and earlier. Robot navigation vulnerability. PoC and patch available.

Denial Of Service Nav2
CVE-2026-25996 CRITICAL CVSS 9.8
String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter injection. PoC and patch available.

Kubernetes Code Injection Inspektor Gadget Suse
CVE-2026-25227 CRITICAL CVSS 9.1
Code injection in authentik identity provider from 2021.3.1 through multiple versions. Users with delegated permissions can inject code. Patch available.

RCE Code Injection Authentik
CVE-2026-24895 CRITICAL CVSS 9.8
CGI path splitting vulnerability in FrankenPHP before 1.11.2 — Unicode characters bypass path validation during CGI processing. PoC and patch available.

PHP Golang Frankenphp Suse
CVE-2026-1729 CRITICAL CVSS 9.8
Authentication bypass in AdForest WordPress theme (all versions through 6.0.12) allows unauthenticated attackers to take over any user account.

WordPress Authentication Bypass
CVE-2026-1358 CRITICAL CVSS 9.8
Unrestricted file upload in Airleader Master versions 6.381 and prior. Multiple webpages allow unauthenticated file upload with maximum privileges.

File Upload
CVE-2025-70981 CRITICAL CVSS 9.8
SQL injection in CordysCRM 1.4.1 employee list query via departmentIds parameter. PoC available.

SQLi Cordys Crm
CVE-2025-70314 CRITICAL CVSS 9.8
Buffer overflow in webfsd 1.21 web server via crafted request targeting filename variable. PoC available.

Buffer Overflow Webfsd
CVE-2025-69634 CRITICAL CVSS 9.0
CSRF leading to privilege escalation in Dolibarr ERP & CRM v.22.0.9. Attackers can escalate privileges via the notes field in permission management.

PHP
CVE-2025-15573 CRITICAL CVSS 9.4
Missing certificate validation in SolaX solar inverter MQTT connections to Alibaba Cloud. Devices accept any server certificate, enabling MITM attacks on solar energy infrastructure.

Authentication Bypass
CVE-2025-14892 CRITICAL CVSS 9.8
Privilege escalation in Prime Listing Manager WordPress plugin through 1.1 allows unauthenticated administrative access.

WordPress PHP
CVE-2025-14014 CRITICAL CVSS 9.8
Unrestricted file upload in NTN software enables web shell upload and RCE.

File Upload
CVE-2025-10969 CRITICAL CVSS 9.8
SQL injection in Farktor E-Commerce platform allows full database access.

SQLi E Commerce Package
CVE-2019-25337 CRITICAL CVSS 9.8
Username enumeration in OwnCloud 8.1.8 via share.php endpoint. PoC available.

PHP
CVE-2019-25327 CRITICAL CVSS 9.8
Buffer overflow in Prime95 29.8 build 6 user ID field allows code execution. PoC available.

Dns Buffer Overflow
CVE-2019-25321 CRITICAL CVSS 9.8
Stack overflow in FTP Navigator 8.03 via SEH overwrite. PoC available.

RCE Buffer Overflow Stack Overflow Ftp Navigator
CVE-2019-25319 CRITICAL CVSS 9.8
Stack overflow in Domain Quester Pro 6.02 via SEH overwrite. PoC available.

Dns Stack Overflow
CVE-2026-26235 HIGH CVSS 7.5
JUNG Smart Visu Server 1.1.1050 can be forcibly shut down or rebooted by unauthenticated remote attackers through a single POST request, causing service disruption. Public exploit code exists for this denial of service vulnerability, and no patch is currently available to address the authentication bypass.

Denial Of Service Smart Visu Server Firmware
CVE-2026-26234 HIGH CVSS 8.8
Smart Visu Server Firmware contains a vulnerability that allows attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host head (CVSS 8.8).

Code Injection Smart Visu Server Firmware
CVE-2026-26217 HIGH CVSS 8.6
Crawl4AI versions before 0.8.0 allow unauthenticated remote attackers to read arbitrary files from the server through file:// URL handling in Docker API endpoints (/execute_js, /screenshot, /pdf, /html), enabling exposure of sensitive configuration files, credentials, and environment variables. The vulnerability affects Docker deployments and AI/ML applications using the affected library, with no patch currently available.

Docker Lfi AI / ML Crawl4ai
CVE-2026-26214 HIGH CVSS 7.4
Galaxy FDS Android SDK version 3.0.8 and earlier disable TLS hostname verification by default, allowing attackers to perform man-in-the-middle attacks against applications using the library. All applications leveraging this SDK with default configuration are vulnerable to interception and modification of communications with Xiaomi FDS cloud storage, potentially compromising authentication credentials and file contents. No patch is currently available, and the affected open source project has reached end-of-life status.

Android Apache Tls
CVE-2026-26076 HIGH CVSS 7.5
ntpd-rs versions prior to 1.7.1 are vulnerable to remote denial of service through crafted NTS (Network Time Protocol Security) packets that force excessive CPU consumption on affected servers. An unauthenticated attacker can exploit this by sending malformed NTS cookie requests that require significantly more processing resources to handle, degrading server performance and availability. The vulnerability affects ntpd-rs deployments with NTS enabled and is resolved in version 1.7.1.

Denial Of Service Ntpd Rs Suse
CVE-2026-26069 HIGH CVSS 7.5
Scraparr versions 3.0.0-beta through 3.0.1 expose Readarr API keys in plaintext through the /metrics endpoint when the Readarr integration is enabled without a custom alias configured. An attacker with access to the publicly exposed /metrics endpoint can harvest valid API credentials to compromise an externally accessible Readarr instance. This vulnerability affects only deployments where Readarr scraping is enabled, no alias is set, and the metrics endpoint is accessible to untrusted users.

Prometheus Industrial Scraparr
CVE-2026-26056 HIGH CVSS 8.8
Arbitrary code execution in Yoke's Air Traffic Controller component allows authenticated users with CustomResource create/update permissions to execute malicious WebAssembly modules by injecting crafted URLs into the overrides.yoke.cd/flight annotation, potentially enabling cluster-admin privilege escalation. The vulnerability affects Yoke 0.19.0 and earlier, with no patch currently available and an 8.8 CVSS severity rating.

Kubernetes RCE Code Injection Suse
CVE-2026-26055 HIGH CVSS 7.5
Unauthenticated webhook endpoints in Yoke's Air Traffic Controller component allow any pod within a Kubernetes cluster to submit AdmissionReview requests and execute WASM modules in the controller's context without authorization. This affects Yoke versions 0.19.0 and earlier, enabling attackers with cluster access to bypass API Server authentication and potentially compromise the infrastructure-as-code deployment pipeline. No patch is currently available.

Kubernetes Authentication Bypass Suse
CVE-2026-26020 HIGH CVSS 8.8
Remote code execution in AutoGPT prior to version 0.6.48 allows authenticated users to execute arbitrary Python code on the backend server by embedding a disabled BlockInstallationBlock within a workflow graph, bypassing validation controls that only checked the disabled flag at direct execution endpoints. An attacker with valid credentials can exploit this to gain full control over the backend system and automate malicious workflows. The vulnerability has been patched in version 0.6.48 and all users should upgrade immediately.

Python RCE AI / ML Autogpt Platform
CVE-2026-25949 HIGH CVSS 7.5
Denial of service in Traefik versions prior to 3.6.8 allows unauthenticated remote attackers to exhaust connection resources by exploiting improper timeout handling in STARTTLS request processing. An attacker can send a PostgreSQL SSLRequest prelude and then stall the connection indefinitely, bypassing the readTimeout protection and accumulating open connections until service availability is degraded. A patch is available in version 3.6.8.

PostgreSQL Denial Of Service Traefik Redhat Suse
CVE-2026-25922 HIGH CVSS 8.8
authentik is an open-source identity provider. [CVSS 8.8 HIGH]

Authentication Bypass Authentik
CVE-2026-25767 HIGH CVSS 8.1
Authenticated users holding the Policymaker tag in LavinMQ prior to version 2.6.8 can create shovels that bypass access controls, allowing them to read from or publish messages to unauthorized virtual hosts. This privilege escalation vulnerability affects multi-tenant deployments where access segregation is critical. A patch is available in version 2.6.8 and later.

Authentication Bypass Lavinmq
CVE-2026-25748 HIGH CVSS 8.6
Authentik Proxy Provider allows authentication bypass through malformed cookies when deployed with Traefik or Caddy as a reverse proxy, enabling attackers to access protected applications by circumventing forward authentication checks. The vulnerability stems from improper cookie validation that prevents the setting of required authentik-specific X-Authentik-* headers, potentially granting unauthorized access depending on the backend application's configuration. Affected versions prior to 2025.10.4 and 2025.12.4 are vulnerable; patches are available in the specified releases.

Authentication Bypass Authentik
CVE-2026-25676 HIGH CVSS 7.8
M-Track Duo HD version 1.0.0 installer is vulnerable to DLL hijacking due to improper library search path handling, enabling local attackers to execute arbitrary code with administrator privileges. An attacker with local access and user interaction can exploit this vulnerability by placing malicious DLLs in predictable locations to gain full system compromise. No patch is currently available for this high-severity vulnerability.

Privilege Escalation RCE
CVE-2026-24894 HIGH CVSS 7.5
FrankenPHP versions prior to 1.11.2 fail to properly isolate session data between worker requests, enabling cross-user session fixation where an attacker can read sensitive $_SESSION information intended for other users. This high-severity flaw affects multi-request worker mode deployments and has public exploit code available. A patched version 1.11.2 is available and should be deployed immediately.

Privilege Escalation Frankenphp Suse
CVE-2026-23857 HIGH CVSS 8.2
Dell Update Package Framework versions 23.12.00 through 24.12.00 suffers from improper privilege handling that allows local attackers with low-level user accounts to escalate their privileges on affected systems. An attacker with interactive access could exploit this vulnerability to gain elevated permissions, potentially compromising system integrity and confidentiality. No patch is currently available for this high-severity vulnerability.

Information Disclosure Dell Update Package Framework
CVE-2026-23856 HIGH CVSS 7.8
Privilege escalation in Dell iDRAC Service Module (Windows versions before 6.0.3.1 and Linux versions before 5.4.1.1) stems from improper access controls that allow local users with low privileges to gain elevated system access. An attacker with local access can exploit this vulnerability to obtain administrative capabilities on affected systems. No patch is currently available for this issue affecting both Windows and Linux environments.

Linux Windows
CVE-2026-2007 HIGH CVSS 8.2
Heap buffer overflow in the pg_trgm extension of PostgreSQL 18.0 and 18.1 allows authenticated database users to trigger memory corruption through specially crafted input strings. An attacker with database access could potentially achieve privilege escalation or cause service disruption, though exploit complexity is currently limited by restricted control over written data. No patch is currently available.

PostgreSQL Buffer Overflow Privilege Escalation Redhat Suse
CVE-2026-2006 HIGH CVSS 8.8
Arbitrary code execution in PostgreSQL results from insufficient validation of multibyte character lengths in text manipulation functions, allowing authenticated database users to trigger buffer overflows and execute commands with database process privileges. Affected versions include PostgreSQL 14.x before 14.21, 15.x before 15.16, 16.x before 16.12, 17.x before 17.8, and all versions before 18.2. No patch is currently available, leaving databases vulnerable to privilege escalation attacks from database-level users.

PostgreSQL Redhat Suse
CVE-2026-2005 HIGH CVSS 8.8
Arbitrary code execution in PostgreSQL pgcrypto module (versions before 14.21, 15.16, 16.12, 17.8, and 18.2) stems from a heap buffer overflow that allows attackers with database access to execute commands with the privileges of the PostgreSQL system user. An authenticated attacker can exploit this vulnerability by providing specially crafted ciphertext to trigger the overflow condition. No patch is currently available, leaving affected PostgreSQL installations vulnerable to privilege escalation and full system compromise.

PostgreSQL Buffer Overflow Redhat Suse
CVE-2026-2004 HIGH CVSS 8.8
PostgreSQL versions prior to 18.2, 17.8, 16.12, 15.16, and 14.21 contain insufficient input validation in the intarray extension's selectivity estimator function, enabling authenticated users with object creation privileges to execute arbitrary code with database server privileges. The vulnerability requires valid database credentials but allows complete system compromise through code execution at the OS level. No patch is currently available for affected deployments.

PostgreSQL Redhat Suse
CVE-2026-1320 HIGH CVSS 7.2
Secure Copy Content Protection and Content Locking (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 7.2).

WordPress XSS
CVE-2026-1316 HIGH CVSS 7.2
Customer Reviews for WooCommerce (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 7.2).

WordPress XSS
CVE-2026-1104 HIGH CVSS 8.8
FastDup WordPress plugin versions up to 2.7.1 fail to validate user permissions on REST API endpoints, allowing Contributor-level authenticated users to create and download complete site backups including databases and configuration files. This HIGH severity vulnerability (CVSS 8.8) affects all WordPress installations using the affected plugin versions, with no patch currently available. An attacker with basic authenticated access can extract sensitive data and obtain a full copy of the WordPress installation for further exploitation.

WordPress
CVE-2026-0969 HIGH CVSS 8.8
Authenticated attackers can execute arbitrary code through next-mdx-remote's MDX compiler due to inadequate input validation in the serialization function, affecting applications processing untrusted MDX content. An authenticated user with access to compile MDX can inject and execute malicious code with full system privileges. No patch is currently available, leaving all versions vulnerable to this critical code execution risk.

RCE Code Injection
CVE-2025-70886 HIGH CVSS 7.5
An issue in halo v.2.22.4 and before allows a remote attacker to cause a denial of service via a crafted payload to the public comment submission endpoint [CVSS 7.5 HIGH]

Denial Of Service Halo
CVE-2025-69807 HIGH CVSS 7.5
p2r3 Bareiron commit: 8e4d4020d is vulnerable to Buffer Overflow, which allows unauthenticated remote attackers to cause a denial of service via a packet sent to the server. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service Bareiron
CVE-2025-69806 HIGH CVSS 7.5
p2r3 bareiron commit: 8e4d4020d contains an Out-of-bounds Read, which allows unauthenticated remote attackers to get relative information leakage via a packet sent to the server [CVSS 7.5 HIGH]

Buffer Overflow Information Disclosure Bareiron
CVE-2025-67433 HIGH CVSS 7.5
A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service (DoS) via a crafted DATA packet. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service
CVE-2025-67432 HIGH CVSS 7.5
A stack overflow in the ZBarcode_Encode function of Monkeybread Software MBS DynaPDF Plugin v21.3.1.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 7.5 HIGH]

Stack Overflow Denial Of Service
CVE-2025-63421 HIGH CVSS 7.8
An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3 allows a local attacker to execute arbitrary code via the comeinst.exe file [CVSS 7.8 HIGH]

RCE Code Injection
CVE-2025-61880 HIGH CVSS 8.8
In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution. [CVSS 8.8 HIGH]

RCE Deserialization Nios
CVE-2025-61879 HIGH CVSS 7.7
In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism. [CVSS 7.7 HIGH]

Nios
CVE-2025-55210 HIGH CVSS 7.5
Freepbx versions up to 17.0.5 contains a vulnerability that allows attackers to forge a valid JWT with full access to the REST and GraphQL APIs on a FreePBX tha (CVSS 7.5).

MySQL Privilege Escalation Freepbx
CVE-2025-54756 HIGH CVSS 8.4
BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 use a default password that is guessable with knowledge of the device information. [CVSS 8.4 HIGH]

Information Disclosure
CVE-2025-54519 HIGH CVSS 7.3
A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. [CVSS 7.3 HIGH]

Privilege Escalation RCE
CVE-2025-15577 HIGH CVSS 7.5
An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older. [CVSS 7.5 HIGH]

Path Traversal Dna
CVE-2025-13002 HIGH CVSS 8.2
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting (XSS).This issue affects E-Commerce Package: through 27112025. [CVSS 8.2 HIGH]

XSS E Commerce Package
CVE-2023-31313 HIGH CVSS 7.2
An unintended proxy or intermediary in the AMD power management firmware (PMFW) could allow a privileged attacker to send malformed messages to the system management unit (SMU) potentially resulting in arbitrary code execution. [CVSS 7.2 HIGH]

RCE
CVE-2020-37167 HIGH CVSS 8.4
ClamAV versions up to 0.103.0 contains a vulnerability that allows attackers to manipulate bytecode function names (CVSS 8.4).

Information Disclosure Suse
CVE-2019-25347 HIGH CVSS 7.5
thesystem App 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the username parameter. Attackers can inject malicious SQL code like ' or '1=1 to the username field to gain unauthorized access to user accounts. [CVSS 7.5 HIGH]

SQLi Authentication Bypass Password Management Application
CVE-2019-25346 HIGH CVSS 7.5
TheSystem 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the 'server_name' parameter. Attackers can inject malicious SQL code like ' or '1=1 to retrieve unauthorized database records and potentially access sensitive system information. [CVSS 7.5 HIGH]

SQLi Authentication Bypass Password Management Application
CVE-2019-25345 HIGH CVSS 7.8
Realtek IIS Codec Service 6.4.10041.133 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in the service configuration to inject malicious executables and escalate privileges on the system. [CVSS 7.8 HIGH]

Iis
CVE-2019-25344 HIGH CVSS 7.8
Mobilego versions up to 8.5.0 is affected by incorrect permission assignment for critical resource (CVSS 7.8).

Golang Mobilego
CVE-2019-25343 HIGH CVSS 7.8
NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification. [CVSS 7.8 HIGH]

Privilege Escalation
CVE-2019-25342 HIGH CVSS 7.5
Centova Cast 3.2.12 contains a denial of service vulnerability that allows attackers to overwhelm the system by repeatedly calling the database export API endpoint. Attackers can trigger 100% CPU load by sending multiple concurrent requests to the /api.php endpoint with crafted parameters. [CVSS 7.5 HIGH]

PHP Denial Of Service
CVE-2019-25341 HIGH CVSS 7.5
iNetTools for iOS 8.20 contains a denial of service vulnerability in the Whois feature that allows attackers to crash the application by manipulating input. Attackers can paste a specially crafted 98-character buffer into the Domain Name field to trigger an application crash. [CVSS 7.5 HIGH]

Denial Of Service
CVE-2019-25340 HIGH CVSS 7.5
SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. [CVSS 7.5 HIGH]

Denial Of Service Spotauditor
CVE-2019-25339 HIGH CVSS 7.5
GHIA CamIP 1.2 for iOS contains a denial of service vulnerability in the password input field that allows attackers to crash the application. Attackers can paste a 33-character buffer of repeated characters into the password field to trigger an application crash on iOS devices. [CVSS 7.5 HIGH]

Denial Of Service
CVE-2019-25336 HIGH CVSS 8.4
SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. [CVSS 8.4 HIGH]

Buffer Overflow Spotauditor
CVE-2019-25335 HIGH CVSS 7.5
PRO-7070 Hazır Profesyonel Web Sitesi version 1.0 contains an authentication bypass vulnerability in the administration panel login page. Attackers can bypass authentication by using '=' 'or' as both username and password to gain unauthorized access to the administrative interface. [CVSS 7.5 HIGH]

Authentication Bypass
CVE-2019-25333 HIGH CVSS 7.5
Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP request paths. [CVSS 7.5 HIGH]

Aws Path Traversal
CVE-2019-25332 HIGH CVSS 8.4
FTP Commander Pro 8.03 contains a local stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting the EIP register through a custom command input. [CVSS 8.4 HIGH]

RCE Stack Overflow
CVE-2019-25331 HIGH CVSS 8.4
AVS Audio Converter 9.1 contains a local buffer overflow vulnerability that allows local attackers to overwrite CPU registers by manipulating the 'Exit folder' input field. [CVSS 8.4 HIGH]

Buffer Overflow
CVE-2019-25330 HIGH CVSS 7.5
SurfOffline Professional 2.2.0.103 contains a structured exception handler (SEH) overflow vulnerability that allows attackers to crash the application by manipulating the project name input. [CVSS 7.5 HIGH]

Denial Of Service
CVE-2019-25329 HIGH CVSS 7.5
FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwriting Structured Exception Handler (SEH) with malicious input. [CVSS 7.5 HIGH]

Denial Of Service Ftp Navigator
CVE-2019-25328 HIGH CVSS 7.5
XnConvert 1.82 contains a denial of service vulnerability in its registration code input field that allows attackers to crash the application. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the registration code field to trigger an application crash. [CVSS 7.5 HIGH]

Denial Of Service
CVE-2019-25325 HIGH CVSS 8.2
Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticated attackers to bypass authentication by manipulating the 'user' POST parameter. [CVSS 8.2 HIGH]

PHP SQLi Authentication Bypass
CVE-2019-25322 HIGH CVSS 7.5
Heatmiser Netmonitor 3.03 contains a hardcoded credentials vulnerability in the networkSetup.htm page with predictable admin login credentials. Attackers can access the device by using the hard-coded username 'admin' and password 'admin' in the hidden form input fields. [CVSS 7.5 HIGH]

Authentication Bypass
CVE-2019-25318 HIGH CVSS 8.8
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. [CVSS 8.8 HIGH]

Dns Stack Overflow
CVE-2026-26188 MEDIUM CVSS 5.4
Stored XSS in Solspace Freeform for Craft CMS 5.x allows authenticated users with form creation privileges to inject malicious JavaScript into form labels and integration metadata, which executes in the Control Panel when administrators view the builder or integrations. Public exploit code exists for this vulnerability. The vulnerability is resolved in version 5.14.7.

XSS Freeform
CVE-2026-26185 MEDIUM CVSS 5.3
Directus versions before 11.14.1 contain a timing-based side-channel vulnerability in the password reset function that allows unauthenticated attackers to enumerate valid user accounts by measuring response time differences when submitting invalid reset URLs. The approximately 500ms variance between responses for existing versus non-existing users enables reliable, remote user discovery without authentication. A patch is available in version 11.14.1 and later.

Information Disclosure Directus
CVE-2026-26075 MEDIUM CVSS 5.4
FastGPT's web and HTTP data acquisition nodes fail to properly validate internal network addresses, allowing unauthenticated remote attackers to bypass network isolation controls and access sensitive internal resources. This vulnerability affects FastGPT versions prior to 4.14.7 and requires user interaction to exploit. The vulnerability has a CVSS score of 5.4 and currently has no available patch.

CSRF AI / ML Fastgpt
CVE-2026-26005 MEDIUM CVSS 5.0
ClipBucket v5 before 5.5.3 allows authenticated users to trigger server-side request forgery (SSRF) through the Remote Play feature by specifying internal network URLs in video references, enabling attackers to scan and probe internal network infrastructure. Public exploit code exists for this vulnerability, which requires only standard user privileges to execute. The SSRF capability permits GET requests to internal servers without requiring the attacker to upload content to the platform.

SSRF Clipbucket
CVE-2026-26000 MEDIUM CVSS 6.1
Xwiki versions up to 17.9.0 is affected by improper restriction of rendered ui layers or frames (CVSS 6.1).

XSS Xwiki
CVE-2026-25933 MEDIUM CVSS 6.8
Command injection in Arduino App Lab prior to version 0.4.0 allows an attacker with physical access to a connected device to execute arbitrary shell commands by injecting metacharacters into unsanitized Serial and Address metadata fields during terminal session initialization. The vulnerability stems from insufficient input validation when processing hardware device information, enabling code execution with the privileges of the application.

Command Injection App Lab
CVE-2026-25828 MEDIUM CVSS 5.4
Authenticated users can inject arbitrary OS commands into the initramfs boot process through unsanitized input parameters in grub-btrfs versions through January 2026 on Arch Linux and derivatives. The vulnerability requires valid credentials and may have limited exploitability depending on specific system configurations. No patch is currently available for this medium-severity command injection flaw.

Linux Command Injection
CVE-2026-25768 MEDIUM CVSS 6.5
Authenticated users in LavinMQ versions before 2.6.6 can read sensitive broker metadata they lack permissions to access, resulting in information disclosure. This vulnerability requires valid credentials but poses a risk in multi-tenant deployments where access controls should be strictly enforced. A patch is available in version 2.6.6.

Authentication Bypass Lavinmq
CVE-2026-22821 MEDIUM CVSS 4.9
The More Reporting GLPI plugin versions prior to 1.9.4 contain a SQL injection vulnerability in date change functionality that allows authenticated users with high privileges to execute arbitrary SQL queries and extract sensitive data. An attacker with administrative credentials could exploit this network-accessible vulnerability to read confidential information from the database. A patch is available in version 1.9.4 and later.

SQLi More Reporting
CVE-2026-21722 MEDIUM CVSS 5.3
Grafana public dashboards with annotations enabled fail to enforce the dashboard's locked timerange restriction on annotation queries, allowing unauthenticated attackers to retrieve the complete annotation history beyond the intended viewing window. This information disclosure affects any organization exposing public dashboards with annotations, though only annotations already visible on the dashboard are accessible. No patch is currently available for this vulnerability.

Information Disclosure Grafana Redhat Suse
CVE-2026-21438 MEDIUM CVSS 5.3
Webtransport-go versions prior to 0.10.0 fail to properly clean up closed WebTransport streams from internal session maps, allowing remote attackers to exhaust server memory through repeated stream creation and closure. This denial-of-service condition requires no authentication or user interaction and affects all deployments using the vulnerable library. A patch is available in version 0.10.0.

Golang Webtransport Go Suse
CVE-2026-21435 MEDIUM CVSS 5.3
Webtransport-go versions prior to 0.10.0 are vulnerable to denial of service attacks where a malicious peer can withhold QUIC flow control credits to indefinitely block WebTransport session closure. An attacker can exploit this to hang close operations and prevent proper session termination, leaving connections in a suspended state. Affected applications using webtransport-go for protocol communication should upgrade to version 0.10.0 or later to mitigate this vulnerability.

Golang Denial Of Service Webtransport Go Suse
CVE-2026-21434 MEDIUM CVSS 5.3
Webtransport-go versions 0.3.0 through 0.9.0 fail to enforce the 1024-byte limit on Application Error Messages in WT_CLOSE_SESSION capsules, allowing remote attackers to trigger unbounded memory consumption by sending oversized payloads. An unauthenticated attacker can exhaust server memory and cause denial of service, requiring only sufficient bandwidth to transmit the malicious payload. The vulnerability is resolved in version 0.10.0, though no patch is currently available for affected versions.

Golang Webtransport Go Suse
CVE-2026-2327 MEDIUM CVSS 5.3
Markdown-It versions up to 14.1.1 is affected by inefficient regular expression complexity (redos) (CVSS 5.3).

Denial Of Service Markdown It Redhat Suse
CVE-2026-2003 MEDIUM CVSS 4.3
Improper validation of the "oidvector" type in PostgreSQL allows authenticated database users to read small amounts of server memory, potentially exposing sensitive data. This vulnerability affects PostgreSQL versions prior to 18.2, 17.8, 16.12, 15.16, and 14.21, with no patch currently available for impacted systems.

PostgreSQL Redhat Suse
CVE-2026-1671 MEDIUM CVSS 6.5
The Activity Log for WordPress plugin through version 1.2.8 fails to validate user permissions on the winter_activity_log_action() function, allowing authenticated subscribers and higher to access sensitive activity logs containing administrator credentials and other confidential data. An attacker with low-privilege WordPress access can exploit this missing capability check to read potentially sensitive information from exposed log files. No patch is currently available for this vulnerability.

WordPress
CVE-2026-1537 MEDIUM CVSS 5.3
The LatePoint Calendar Booking Plugin for WordPress versions up to 5.2.6 fails to validate user permissions on the load_step() function, allowing unauthenticated attackers to retrieve sensitive booking data such as customer names, emails, phone numbers, and appointment details. This network-accessible vulnerability requires no user interaction and affects all installations of the plugin without the patch. No patch is currently available to remediate this exposure.

WordPress
CVE-2026-1356 MEDIUM CVSS 4.8
The Converter for Media WordPress plugin through version 6.5.1 contains a server-side request forgery vulnerability in the image loading function that allows unauthenticated attackers to make arbitrary web requests from the affected server. This could enable attackers to probe internal services and potentially read or modify sensitive data accessible from the web application. No patch is currently available.

WordPress SSRF
CVE-2025-70845 MEDIUM CVSS 6.1
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting (XSS) exists in the /setting/ page where the "intro" field is not properly sanitized or escaped. [CVSS 6.1 MEDIUM]

XSS
CVE-2025-70092 MEDIUM CVSS 5.5
A cross-site scripting (XSS) vulnerability in the Item Kits function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Item Name parameter. [CVSS 5.5 MEDIUM]

XSS Open Source Point Of Sale
CVE-2025-69752 MEDIUM CVSS 4.3
An issue in the "My Details" user profile functionality of Ideagen Q-Pulse 7.1.0.32 allows an authenticated user to view other users' profile information by modifying the objectKey HTTP parameter in the My Details page URL. [CVSS 4.3 MEDIUM]

Authentication Bypass
CVE-2025-56647 MEDIUM CVSS 6.5
farmfe/core versions up to 1.7.6 contains a vulnerability that allows attackers to surveil developers running Farm who visit their webpage and steal source code th (CVSS 6.5).

Node.js
CVE-2025-41117 MEDIUM CVSS 6.8
Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. [CVSS 6.8 MEDIUM]

Grafana Redhat Suse
CVE-2025-15575 MEDIUM CVSS 5.3
The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. [CVSS 5.3 MEDIUM]

Information Disclosure
CVE-2025-15574 MEDIUM CVSS 6.5
When connecting to the Solax Cloud MQTT server the username is the "registration number", which is the 10 character string printed on the SolaX Power Pocket device / the QR code on the device. The password is derived from the "registration number" using a proprietary XOR/transposition algorithm. [CVSS 6.5 MEDIUM]

Information Disclosure
CVE-2025-14282 MEDIUM CVSS 5.4
A flaw was found in Dropbear. When running in multi-user mode and authenticating users, the dropbear ssh server does the socket forwardings requested by the remote client as root, only switching to the logged-in user upon spawning a shell or performing some operations like reading the user's files. [CVSS 5.4 MEDIUM]

Ssh
CVE-2025-13004 MEDIUM CVSS 6.3
Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables.This issue affects E-Commerce Package: through 27112025. [CVSS 6.3 MEDIUM]

Authentication Bypass E Commerce Package
CVE-2019-25338 MEDIUM CVSS 5.3
Dokuwiki versions up to 2018-04-22b contains a vulnerability that allows attackers to identify valid user accounts (CVSS 5.3).

Information Disclosure Dokuwiki
CVE-2019-25334 MEDIUM CVSS 6.7
Product Key Explorer 4.2.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by overflowing the registration name input field. [CVSS 6.2 MEDIUM]

Buffer Overflow Denial Of Service Stack Overflow
CVE-2019-25324 MEDIUM CVSS 6.1
RICOH Web Image Monitor 1.09 contains an HTML injection vulnerability in the address configuration CGI script that allows attackers to inject malicious HTML code. [CVSS 6.1 MEDIUM]

XSS
CVE-2019-25323 MEDIUM CVSS 6.1
Heatmiser Netmonitor v3.03 contains an HTML injection vulnerability in the outputSetup.htm page that allows attackers to inject malicious HTML code through the outputtitle parameter. [CVSS 6.1 MEDIUM]

RCE XSS
CVE-2019-25320 MEDIUM CVSS 6.5
E Learning Script 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard without valid credentials by manipulating login parameters. [CVSS 6.5 MEDIUM]

PHP Authentication Bypass
CVE-2026-26225 None
Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones, contains a local privilege escalation vulnerability.

macOS Golang Privilege Escalation
CVE-2026-26224 None
Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability.

macOS Golang Privilege Escalation Race Condition
CVE-2026-24044 None
Element Server Suite Community Edition (ESS Community) deploys a Matrix stack using the provided Helm charts and Kubernetes distribution.

Kubernetes
CVE-2026-2391 LOW CVSS 3.7
### Summary The `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to cause denial-of-service via memory exhaustion. [CVSS 3.7 LOW]

Node.js Denial Of Service
CVE-2026-2276 None
Reflected Cross-Site Scripting (XSS) vulnerability in the Wix web application, where the endpoint ' https://manage.wix.com/account/account-settings ', responsible for uploading SVG images, does not properly sanitize the content.

XSS
CVE-2026-0619 None
A reachable infinite loop via an integer wraparound is present in Silicon Labs' Matter SDK which allows an attacker to trigger a denial of service. A hard reset is required to recover the device.

Denial Of Service
CVE-2025-52533 None
Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity.

Authentication Bypass
CVE-2024-36319 None
Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.

Information Disclosure
CVE-2023-31323 None
Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent (XGMI TA) leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability.

Buffer Overflow
CVE-2023-20601 None
Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition.

Buffer Overflow

Today's Vulnerabilities Vulnerabilities