Latest CVE Feed
-
5.5
MEDIUMCVE-2026-20655
An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Authorization
-
5.5
MEDIUMCVE-2026-24437
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) serve sensitive administrative content without appropriate cache-control directives. As a result, browsers may store credential-bearing responses locally, exposing them to subs... Read more
- Published: Jan. 26, 2026
- Modified: Jan. 28, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-20618
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-65264
The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request.... Read more
Affected Products : cpu-z- Published: Jan. 27, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-20678
An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to access sensitive user data.... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Authorization
-
5.5
MEDIUMCVE-2026-21317
Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue require... Read more
Affected Products : audition- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-2258
A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed loca... Read more
Affected Products : lobster- Published: Feb. 10, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-21314
Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue require... Read more
Affected Products : audition- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-21870
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access (MAC) layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash (SI... Read more
Affected Products : bacnet_stack- Published: Feb. 13, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2020-37140
Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and pa... Read more
Affected Products :- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-2490
RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of RustDesk Client for Windows. An attacker must first obt... Read more
Affected Products :- Published: Feb. 20, 2026
- Modified: Feb. 20, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-33237
NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service.... Read more
Affected Products : geforce- Published: Jan. 28, 2026
- Modified: Jan. 29, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-20624
An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to access sensitive user data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Injection
-
5.5
MEDIUMCVE-2026-2147
A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed... Read more
- Published: Feb. 08, 2026
- Modified: Feb. 10, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-2667
A vulnerability has been found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. The impacted element is an unknown function of the file /dispatch/api?cmd=userinfo. The manipulation leads to improper access controls. The attac... Read more
Affected Products :- Published: Feb. 18, 2026
- Modified: Feb. 19, 2026
- Vuln Type: Authorization
-
5.5
MEDIUMCVE-2025-43537
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5. Restoring a maliciously crafted backup file may lead to modification of protected system files.... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-20602
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to cause a denial-of-service.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-25145
melange allows users to build apk packages using declarative pipelines. From version 0.14.0 to before 0.40.3, an attacker who can influence a melange configuration file (e.g., through pull request-driven CI or build-as-a-service scenarios) could read arbi... Read more
Affected Products : melange- Published: Feb. 04, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-20625
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to access sensitive user data.... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-20669
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Path Traversal