Skip to main content
CVE-2025-27769 LOW CISA Monitor

A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station (All versions < F4.11.1), Heliox Mobile DC 40 kW EV Charging Station (All versions < L4.10.1). [CVSS 2.6 LOW]

Authentication Bypass
NVD
CVSS 3.1
2.6
EPSS
0.0%
CVE-2026-22629 LOW Monitor

An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4 all versions, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4 all versions, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4 all...

Fortinet Authentication Bypass
NVD VulDB
CVSS 3.1
3.7
EPSS
0.0%
CVE-2026-24310 LOW Monitor

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module and read the sensitive information from database catalog of the ABAP system. [CVSS 3.5 LOW]

SAP Authentication Bypass
NVD VulDB
CVSS 3.1
3.5
EPSS
0.0%
CVE-2026-21791 LOW Monitor

HCL Sametime for Android is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URL [CVSS 3.3 LOW]

Information Disclosure Google
NVD VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-0121 LOW Monitor

In VPU, there is a possible use-after-free read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. [CVSS 2.9 LOW]

Information Disclosure Race Condition
NVD VulDB
CVSS 3.1
2.9
EPSS
0.0%
CVE-2026-24641 LOW Monitor

A NULL Pointer Dereference vulnerability [CWE-476] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow an authenticated attacker to crash the HTTP daemon via crafted HTTP requests. [CVSS 2.7 LOW]

Fortinet Null Pointer Dereference Denial Of Service
NVD VulDB
CVSS 3.1
2.7
EPSS
0.1%
CVE-2026-2741 LOW PATCH Monitor

Specially crafted ZIP archives can escape the intended extraction directory during Node.js download and extraction in Vaadin 14.2.0 versions up to 14.14.0 is affected by path traversal.

Node.js Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.1%
CVE-2026-0115 LOW Monitor

Android versions up to - contains a vulnerability that allows attackers to physical information disclosure with no additional execution privileges needed (CVSS 2.1).

Information Disclosure
NVD VulDB
CVSS 3.1
2.1
EPSS
0.0%
CVE-2026-30977 LOW Monitor

RenderBlocking is a MediaWiki extension that allows interface administrators to specify render-blocking CSS and JavaScript. versions up to 0.1.1 is affected by cross-site scripting (xss).

XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy