Latest CVE Feed
-
5.5
MEDIUMCVE-2026-2551
A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal. It is possible t... Read more
Affected Products : zentao- Published: Feb. 16, 2026
- Modified: Feb. 16, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-1998
A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mp_import_all of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may ... Read more
Affected Products : micropython- Published: Feb. 06, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-24914
Type confusion vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more
Affected Products : harmonyos- Published: Feb. 06, 2026
- Modified: Feb. 10, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-20415
In imgsys, there is a possible memory corruption due to improper locking. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10363254; I... Read more
- Published: Feb. 02, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-24927
Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more
- Published: Feb. 06, 2026
- Modified: Feb. 09, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-2521
A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwc_s5c_handle_create_session_response of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exp... Read more
Affected Products : open5gs- Published: Feb. 15, 2026
- Modified: Feb. 15, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-2522
A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is an unknown function of the file /src/mme/esm-build.c of the component MME. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The expl... Read more
Affected Products : open5gs- Published: Feb. 16, 2026
- Modified: Feb. 16, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-2523
A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smf_gn_handle_create_pdp_context_request of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to l... Read more
Affected Products : open5gs- Published: Feb. 16, 2026
- Modified: Feb. 16, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-2524
A flaw has been found in Open5GS 2.7.6. The impacted element is the function mme_s11_handle_create_session_response of the component MME. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been published and ... Read more
Affected Products : open5gs- Published: Feb. 16, 2026
- Modified: Feb. 16, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-15314
Tanium addressed an arbitrary file deletion vulnerability in end-user-cx.... Read more
Affected Products : endpoint_end-user-cx- Published: Feb. 10, 2026
- Modified: Feb. 10, 2026
-
5.5
MEDIUMCVE-2026-20602
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to cause a denial-of-service.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-21338
Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to serv... Read more
Affected Products : substance_3d_designer- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-21350
After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Explo... Read more
- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-46306
The issue was addressed with improved bounds checks. This issue is fixed in macOS Tahoe 26, Keynote 15.1, iOS 26 and iPadOS 26. Processing a maliciously crafted Keynote file may disclose memory contents.... Read more
- Published: Jan. 28, 2026
- Modified: Jan. 30, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-20618
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-24883
In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success with sig->data[] set to a NULL value, leading to a denial of service (application crash).... Read more
- Published: Jan. 27, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-50537
Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run() method, which validates test cases and checks for duplicates. D... Read more
Affected Products : eslint- Published: Jan. 26, 2026
- Modified: Feb. 04, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2026-2552
A vulnerability was identified in ZenTao up to 21.7.8. Affected by this issue is the function delete of the file editor/control.php of the component Committer. Such manipulation of the argument filePath leads to path traversal. Upgrading to version 21.7.9... Read more
Affected Products : zentao- Published: Feb. 16, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-20630
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.3. An app may be able to access protected user data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Authorization
-
5.5
MEDIUMCVE-2026-20666
An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Authorization