Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2020-37206

    ShareAlarmPro contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload to trigger an application crash when pasted into the... Read more

    Affected Products :
    • Published: Feb. 11, 2026
    • Modified: Feb. 12, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2020-37198

    Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license act... Read more

    Affected Products :
    • Published: Feb. 11, 2026
    • Modified: Feb. 12, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2020-37190

    Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Re... Read more

    Affected Products :
    • Published: Feb. 11, 2026
    • Modified: Feb. 12, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2024-26480

    An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the admin parameter.... Read more

    Affected Products :
    • Published: Feb. 11, 2026
    • Modified: Feb. 12, 2026
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2020-37180

    GTalk Password Finder 2.2.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger ... Read more

    Affected Products :
    • Published: Feb. 11, 2026
    • Modified: Feb. 12, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2026-23569

    An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows a remote attacker to leak stack memory and cause a denial of service via a crafted r... Read more

    Affected Products : windows digital_employee_experience
    • Published: Jan. 29, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2026-23743

    Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, permalinks pointing to access-restricted resources (private topics, categories, posts, or hidden tags) were redirecting users to URLs containi... Read more

    Affected Products : discourse
    • Published: Jan. 28, 2026
    • Modified: Jan. 30, 2026
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2026-1739

    A vulnerability has been found in Free5GC pcf up to 1.4.1. This affects the function HandleCreateSmPolicyRequest of the file internal/sbi/processor/smpolicy.go. The manipulation leads to null pointer dereference. The attack is possible to be carried out r... Read more

    Affected Products : pcf
    • Published: Feb. 02, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2021-47895

    Nsauditor 3.2.2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Event Description field with a large buffer. Attackers can generate a 10,000-character 'U' buffer and paste it into the Event De... Read more

    Affected Products : nsauditor
    • Published: Jan. 23, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-69908

    An unauthenticated information disclosure vulnerability in Newgen OmniApp allows attackers to enumerate valid privileged usernames via a publicly accessible client-side JavaScript resource.... Read more

    Affected Products : omniapp
    • Published: Jan. 23, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2024-26477

    An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazon_sns, export endpoints.... Read more

    Affected Products :
    • Published: Feb. 11, 2026
    • Modified: Feb. 12, 2026
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2025-70986

    Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data.... Read more

    Affected Products : ruoyi
    • Published: Jan. 23, 2026
    • Modified: Jan. 30, 2026
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2020-37039

    Frigate 2.02 contains a denial of service vulnerability that allows attackers to crash the application by sending oversized input to the command line interface. Attackers can generate a payload of 8000 repeated characters and paste it into the application... Read more

    Affected Products :
    • Published: Jan. 30, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-69873

    ajv (Another JSON Schema Validator) through version 8.17.1 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed ... Read more

    Affected Products :
    • Published: Feb. 11, 2026
    • Modified: Feb. 12, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-36442

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns.... Read more

    Affected Products : db2
    • Published: Jan. 30, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-69620

    A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.... Read more

    Affected Products : office_reader
    • Published: Feb. 04, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Path Traversal

  • 7.5

    HIGH
    CVE-2026-25128

    fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xm... Read more

    Affected Products : fast-xml-parser
    • Published: Jan. 30, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2025-36070

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables.... Read more

    Affected Products : db2
    • Published: Jan. 30, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-36365

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorizati... Read more

    Affected Products : db2
    • Published: Jan. 30, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2025-69619

    A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.... Read more

    Affected Products : my_teditor
    • Published: Feb. 05, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Path Traversal
Showing 20 of 4947 Results