Latest CVE Feed
-
5.5
MEDIUMCVE-2026-20647
This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-20634
The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a malicio... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-65264
The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request.... Read more
Affected Products : cpu-z- Published: Jan. 27, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2026-24883
In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success with sig->data[] set to a NULL value, leading to a denial of service (application crash).... Read more
- Published: Jan. 27, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-24927
Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more
- Published: Feb. 06, 2026
- Modified: Feb. 09, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-43403
An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. An app may be able to access sensitive user data.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Authorization
-
5.5
MEDIUMCVE-2026-20602
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to cause a denial-of-service.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-22280
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains an incorrect permission assignment for critical resource vulnera... Read more
Affected Products : powerscale_onefs- Published: Jan. 22, 2026
- Modified: Jan. 28, 2026
- Vuln Type: Misconfiguration
-
5.5
MEDIUMCVE-2026-27014
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular `NextOffset` chains cause an infinite loop, and deeply nested directories cause unbounded recursion (stack overflow) in the ROMFS archive parse... Read more
Affected Products : nanazip- Published: Feb. 19, 2026
- Modified: Feb. 20, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-2327
Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\*+$/ in the linkify function. An attacker can supply a long sequence of * characters followed by... Read more
Affected Products : markdown-it- Published: Feb. 12, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-21870
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access (MAC) layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash (SI... Read more
Affected Products : bacnet_stack- Published: Feb. 13, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-28164
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.... Read more
Affected Products : libpng- Published: Jan. 27, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-15313
Tanium addressed an arbitrary file deletion vulnerability in Tanium EUSS.... Read more
Affected Products : endpoint_euss- Published: Feb. 10, 2026
- Modified: Feb. 10, 2026
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2026-21317
Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue require... Read more
Affected Products : audition- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-54151
An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a local attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerab... Read more
Affected Products : qsync_central- Published: Feb. 11, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-1737
A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function sgwc_s5c_handle_create_bearer_request of the file /src/sgwc/s5c-handler.c of the component CreateBearerRequest Handler. Performing a manipulation results in reachabl... Read more
Affected Products : open5gs- Published: Feb. 02, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2026-1734
A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization... Read more
Affected Products : crmeb- Published: Feb. 02, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Authorization
-
5.5
MEDIUMCVE-2026-20608
This issue was addressed through improved state management. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected p... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-70347
An issue in mquickjs before commit 74b7e (2026-01-15) allows a local attacker to cause a denial of service via a crafted file to the get_mblock_size function at mquickjs.c.... Read more
Affected Products :- Published: Feb. 10, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2024-54192
An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c.... Read more
Affected Products :- Published: Feb. 10, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Denial of Service