Latest CVE Feed
-
5.5
MEDIUMCVE-2026-21338
Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to serv... Read more
Affected Products : substance_3d_designer- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-20634
The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a malicio... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-20675
The issue was addressed with improved bounds checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a malicious... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-43537
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5. Restoring a maliciously crafted backup file may lead to modification of protected system files.... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-20602
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to cause a denial-of-service.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-20618
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-2551
A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal. It is possible t... Read more
Affected Products : zentao- Published: Feb. 16, 2026
- Modified: Feb. 16, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2020-37140
Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and pa... Read more
Affected Products :- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-21317
Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue require... Read more
Affected Products : audition- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-14369
dr_flac, an audio decoder within the dr_libs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to per... Read more
Affected Products :- Published: Jan. 20, 2026
- Modified: Jan. 26, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-21316
Audition versions 25.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become un... Read more
Affected Products : audition- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-24116
Wasmtime is a runtime for WebAssembly. Starting in version 29.0.0 and prior to version 36.0.5, 40.0.3, and 41.0.1, on x86-64 platforms with AVX, Wasmtime's compilation of the `f64.copysign` WebAssembly instruction with Cranelift may load 8 more bytes than... Read more
Affected Products : wasmtime- Published: Jan. 27, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-20625
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to access sensitive user data.... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-21315
Audition versions 25.3 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires ... Read more
Affected Products : audition- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-36059
IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 006. IBM Cloud Pak for Business Automation could allow a local user with access to the containe... Read more
- Published: Jan. 20, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Injection
-
5.5
MEDIUMCVE-2026-20669
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-2109
A vulnerability was identified in jsbroks COCO Annotator up to 0.11.1. Affected is an unknown function of the file /api/undo/ of the component Delete Category Handler. Such manipulation of the argument ID leads to improper authorization. The attack may be... Read more
Affected Products : coco_annotator- Published: Feb. 07, 2026
- Modified: Feb. 09, 2026
- Vuln Type: Authorization
-
5.5
MEDIUMCVE-2026-2552
A vulnerability was identified in ZenTao up to 21.7.8. Affected by this issue is the function delete of the file editor/control.php of the component Committer. Such manipulation of the argument filePath leads to path traversal. Upgrading to version 21.7.9... Read more
Affected Products : zentao- Published: Feb. 16, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2025-65264
The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request.... Read more
Affected Products : cpu-z- Published: Jan. 27, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-21339
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of th... Read more
Affected Products : substance_3d_designer- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption