Latest CVE Feed
-
5.5
MEDIUMCVE-2026-21358
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to ... Read more
- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-21355
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue re... Read more
Affected Products : dng_software_development_kit- Published: Feb. 10, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-24927
Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more
- Published: Feb. 06, 2026
- Modified: Feb. 09, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-15469
Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot alg... Read more
Affected Products : openssl- Published: Jan. 27, 2026
- Modified: Feb. 02, 2026
- Vuln Type: Cryptography
-
5.5
MEDIUMCVE-2026-21354
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive... Read more
Affected Products : dng_software_development_kit- Published: Feb. 10, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-2258
A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed loca... Read more
Affected Products : lobster- Published: Feb. 10, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-21222
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_23h2 windows_server_2022_23h2 +4 more products- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-21319
After Effects versions 25.6 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requ... Read more
- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-2490
RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of RustDesk Client for Windows. An attacker must first obt... Read more
Affected Products :- Published: Feb. 20, 2026
- Modified: Feb. 20, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-20624
An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to access sensitive user data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Injection
-
5.5
MEDIUMCVE-2026-20612
A privacy issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to access sensitive user data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-15318
Tanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools.... Read more
Affected Products : endpoint_end-user-notifications- Published: Feb. 09, 2026
- Modified: Feb. 10, 2026
- Vuln Type: Misconfiguration
-
5.5
MEDIUMCVE-2026-2864
A vulnerability has been found in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to ... Read more
Affected Products :- Published: Feb. 21, 2026
- Modified: Feb. 21, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-21261
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-43417
A path handling issue was addressed with improved logic. This issue is fixed in macOS Sonoma 14.8.4. An app may be able to access user-sensitive data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-20619
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-25062
Outline is a service that allows for collaborative documentation. Prior to 1.4.0, during the JSON import process, the value of attachments[].key from the imported JSON is passed directly to path.join(rootPath, node.key) and then read using fs.readFile wit... Read more
Affected Products : outline- Published: Feb. 11, 2026
- Modified: Feb. 20, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-20675
The issue was addressed with improved bounds checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a malicious... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2024-54192
An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c.... Read more
Affected Products :- Published: Feb. 10, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-21350
After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Explo... Read more
- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Denial of Service