Latest CVE Feed
-
7.8
HIGHCVE-2025-60037
A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically... Read more
Affected Products :- Published: Feb. 18, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2026-21509
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.... Read more
Affected Products : office 365_apps office_long_term_servicing_channel office_2016 office_2024 office_2021 office_2019- Actively Exploited
- Published: Jan. 26, 2026
- Modified: Feb. 11, 2026
-
7.8
HIGHCVE-2026-0648
The vulnerability stems from an incorrect error-checking logic in the CreateCounter() function (in threadx/utility/rtos_compatibility_layers/OSEK/tx_osek.c) when handling the return value of osek_get_counter(). Specifically, the current code checks if cnt... Read more
Affected Products :- Published: Jan. 27, 2026
- Modified: Jan. 29, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-2016
A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local access is required t... Read more
Affected Products : libfastcommon- Published: Feb. 06, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-33217
NVIDIA Display Driver for Windows contains a vulnerability where an attacker could trigger a use after free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and informat... Read more
- Published: Jan. 28, 2026
- Modified: Jan. 29, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-20615
A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to gain root privileges.... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Path Traversal
-
7.8
HIGHCVE-2026-26208
ADB Explorer is a fluent UI for ADB on Windows. Prior to Beta 0.9.26020, ADB Explorer is vulnerable to Insecure Deserialization leading to Remote Code Execution. The application attempts to deserialize the App.txt settings file using Newtonsoft.Json with ... Read more
Affected Products :- Published: Feb. 13, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Misconfiguration
-
7.8
HIGHCVE-2026-0536
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more
Affected Products : 3ds_max- Published: Feb. 04, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-69604
An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls.... Read more
Affected Products : superduper\!- Published: Jan. 29, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Path Traversal
-
7.8
HIGHCVE-2025-47398
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware sw5100_firmware +296 more products- Published: Feb. 02, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-15319
Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.... Read more
Affected Products : endpoint_patch- Published: Feb. 09, 2026
- Modified: Feb. 10, 2026
- Vuln Type: Authorization
-
7.8
HIGHCVE-2026-21246
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_23h2 windows_server_2022_23h2 +5 more products- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-70083
An issue was discovered in OpenSatKit 2.2.1. The DirName field in the telecommand is provided by the ground segment and must be treated as untrusted input. The program copies DirName into the local buffer DirWithSep using strcpy. The size of this buffer i... Read more
Affected Products : opensatkit- Published: Feb. 11, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-11547
AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.... Read more
- Published: Feb. 10, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Authorization
-
7.8
HIGHCVE-2026-20610
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.3. An app may be able to gain root privileges.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Authorization
-
7.8
HIGHCVE-2026-20700
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary co... Read more
- Actively Exploited
- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-25584
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a stack-buffer-overflow vulnerability in CIccTagFloatNum<>::GetValues(). This i... Read more
Affected Products : iccdev- Published: Feb. 04, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-20411
In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS1035... Read more
- Published: Feb. 02, 2026
- Modified: Feb. 04, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-25880
SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary (explorer.exe) located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads t... Read more
Affected Products : sumatrapdf- Published: Feb. 09, 2026
- Modified: Feb. 10, 2026
- Vuln Type: Authentication
-
7.8
HIGHCVE-2025-61982
An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A specially crafted OpenFOAM simulation file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger th... Read more
Affected Products :- Published: Feb. 18, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Injection