Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-15582

    A security flaw has been discovered in detronetdip E-commerce 1.0.0. The impacted element is the function Delete/Update of the component Product Management Module. Performing a manipulation of the argument ID results in authorization bypass. Remote exploi... Read more

    Affected Products : e-commerce
    • Published: Feb. 20, 2026
    • Modified: Feb. 20, 2026
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2026-21358

    InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to ... Read more

    Affected Products : macos windows indesign
    • Published: Feb. 10, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2026-21339

    Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of th... Read more

    Affected Products : substance_3d_designer
    • Published: Feb. 10, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2026-21319

    After Effects versions 25.6 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requ... Read more

    Affected Products : macos windows after_effects
    • Published: Feb. 10, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2026-20627

    An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to access... Read more

    Affected Products : macos iphone_os watchos ipados visionos
    • Published: Feb. 11, 2026
    • Modified: Feb. 13, 2026
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2026-21313

    Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue require... Read more

    Affected Products : audition
    • Published: Feb. 10, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2026-25385

    Server-Side Request Forgery (SSRF) vulnerability in KaizenCoders URL Shortify url-shortify allows Server Side Request Forgery.This issue affects URL Shortify: from n/a through <= 1.12.3.... Read more

    Affected Products :
    • Published: Feb. 19, 2026
    • Modified: Feb. 19, 2026
    • Vuln Type: Server-Side Request Forgery

  • 5.5

    MEDIUM
    CVE-2026-25061

    tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can caus... Read more

    Affected Products : tcpflow
    • Published: Jan. 29, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-36316

    The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service... Read more

    Affected Products :
    • Published: Feb. 11, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2026-2861

    A vulnerability was detected in Foswiki up to 2.1.10. The affected element is an unknown function of the component Changes/Viewfile/Oops. The manipulation results in information disclosure. It is possible to launch the attack remotely. The exploit is now ... Read more

    Affected Products :
    • Published: Feb. 21, 2026
    • Modified: Feb. 21, 2026
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2026-2863

    A flaw has been found in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. The impacted element is the function deleteFile of the file FileServiceImpl.java. This manipulation causes path traversal. The attack ca... Read more

    Affected Products :
    • Published: Feb. 21, 2026
    • Modified: Feb. 21, 2026
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2025-33237

    NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service.... Read more

    Affected Products : geforce
    • Published: Jan. 28, 2026
    • Modified: Jan. 29, 2026
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2026-20629

    A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Feb. 11, 2026
    • Modified: Feb. 17, 2026
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2026-2258

    A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed loca... Read more

    Affected Products : lobster
    • Published: Feb. 10, 2026
    • Modified: Feb. 17, 2026
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-54150

    An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a local attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerab... Read more

    Affected Products : qsync_central
    • Published: Feb. 11, 2026
    • Modified: Feb. 12, 2026
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2026-20634

    The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a malicio... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Feb. 11, 2026
    • Modified: Feb. 13, 2026
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-15318

    Tanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools.... Read more

    Affected Products : endpoint_end-user-notifications
    • Published: Feb. 09, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2026-1998

    A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mp_import_all of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may ... Read more

    Affected Products : micropython
    • Published: Feb. 06, 2026
    • Modified: Feb. 17, 2026
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-65264

    The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request.... Read more

    Affected Products : cpu-z
    • Published: Jan. 27, 2026
    • Modified: Feb. 06, 2026
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2026-20621

    The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to cause unexpected system... Read more

    Affected Products : macos iphone_os ipados visionos
    • Published: Feb. 11, 2026
    • Modified: Feb. 18, 2026
    • Vuln Type: Memory Corruption
Showing 20 of 4756 Results