Latest CVE Feed
-
7.5
HIGHCVE-2026-20419
In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for expl... Read more
- Published: Feb. 02, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2026-20420
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interac... Read more
- Published: Feb. 02, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2024-54263
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Talemy Spirit Framework allows PHP Local File Inclusion.This issue affects Spirit Framework: from n/a through 1.2.13.... Read more
Affected Products :- Published: Feb. 02, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Path Traversal
-
7.5
HIGHCVE-2020-37180
GTalk Password Finder 2.2.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger ... Read more
Affected Products :- Published: Feb. 11, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2026-21852
Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirmed trust. An attacker-controlled repository... Read more
Affected Products : claude_code- Published: Jan. 21, 2026
- Modified: Feb. 02, 2026
- Vuln Type: Information Disclosure
-
7.5
HIGHCVE-2022-50978
An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).... Read more
Affected Products :- Published: Feb. 02, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-66960
An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads a string length from untrusted GGUF metadata... Read more
Affected Products : ollama- Published: Jan. 21, 2026
- Modified: Feb. 02, 2026
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2026-23569
An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows a remote attacker to leak stack memory and cause a denial of service via a crafted r... Read more
- Published: Jan. 29, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Information Disclosure
-
7.5
HIGHCVE-2022-50977
An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.... Read more
Affected Products :- Published: Feb. 02, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-66959
An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the GGUF decoder... Read more
Affected Products : ollama- Published: Jan. 21, 2026
- Modified: Feb. 02, 2026
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2026-1522
A weakness has been identified in Open5GS up to 2.7.6. This vulnerability affects the function sgwc_s5c_handle_modify_bearer_response of the file src/sgwc/s5c-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The att... Read more
Affected Products : open5gs- Published: Jan. 28, 2026
- Modified: Feb. 02, 2026
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-53968
This vulnerability arises because there are no limitations on the number of authentication attempts a user can make. An attacker can exploit this weakness by continuously sending authentication requests, leading to a denial-of-service (DoS) condition. ... Read more
Affected Products : evmapa- Published: Jan. 22, 2026
- Modified: Feb. 02, 2026
- Vuln Type: Authentication
-
7.5
HIGHCVE-2025-56589
A Local File Inclusion (LFI) and a Server-Side Request Forgery (SSRF) vulnerability was found in the InsertFromHtmlString() function of the Apryse HTML2PDF SDK thru 11.6.0. These vulnerabilities could allow an attacker to read local files on the server or... Read more
Affected Products : html2pdf- Published: Jan. 22, 2026
- Modified: Feb. 02, 2026
- Vuln Type: Path Traversal
-
7.5
HIGHCVE-2026-20402
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User intera... Read more
- Published: Feb. 02, 2026
- Modified: Feb. 04, 2026
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2026-1739
A vulnerability has been found in Free5GC pcf up to 1.4.1. This affects the function HandleCreateSmPolicyRequest of the file internal/sbi/processor/smpolicy.go. The manipulation leads to null pointer dereference. The attack is possible to be carried out r... Read more
Affected Products : pcf- Published: Feb. 02, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2021-47895
Nsauditor 3.2.2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Event Description field with a large buffer. Attackers can generate a 10,000-character 'U' buffer and paste it into the Event De... Read more
Affected Products : nsauditor- Published: Jan. 23, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2025-69908
An unauthenticated information disclosure vulnerability in Newgen OmniApp allows attackers to enumerate valid privileged usernames via a publicly accessible client-side JavaScript resource.... Read more
Affected Products : omniapp- Published: Jan. 23, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Information Disclosure
-
7.5
HIGHCVE-2024-26477
An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazon_sns, export endpoints.... Read more
Affected Products :- Published: Feb. 11, 2026
- Modified: Feb. 12, 2026
- Vuln Type: Information Disclosure
-
7.5
HIGHCVE-2025-40537
SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions.... Read more
Affected Products : web_help_desk- Published: Jan. 28, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Authentication
-
7.5
HIGHCVE-2025-67853
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against ... Read more
Affected Products : moodle- Published: Feb. 03, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Authentication