Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.3 MEDIUM
CVE-2026-1964 — WeKan REST Endpoint boards.js BoardTitleRESTBleed access control

A vulnerability was determined in WeKan up to 8.20. This impacts an unknown function of the file models/boards.js of the component REST Endpoint. This manipulation causes improper access controls. Re…

wekan | Remote | Authorization
Feb 05, 2026 Feb 12, 2026
Feb 05, 2026
Feb 12, 2026
9.8 CRITICAL
CVE-2026-1963 — WeKan Attachment Storage attachments.js MoveStorageBleed access control

A vulnerability was found in WeKan up to 8.20. This affects an unknown function of the file models/attachments.js of the component Attachment Storage. The manipulation results in improper access cont…

wekan | Remote | Authorization
Feb 05, 2026 Mar 06, 2026
Feb 05, 2026
Mar 06, 2026
9.8 CRITICAL
CVE-2026-1962 — WeKan Attachment Migration attachmentMigration.js AttachmentMigrationBleed access control

A vulnerability has been found in WeKan up to 8.20. The impacted element is an unknown function of the file server/attachmentMigration.js of the component Attachment Migration. The manipulation leads…

wekan | Remote | Authorization
Feb 05, 2026 Feb 12, 2026
Feb 05, 2026
Feb 12, 2026
9.3 CRITICAL
CVE-2026-0106 — "VPU MMAP Privilege Escalation Vulnerability"

In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Us…

android | Memory Corruption
Feb 05, 2026 Feb 19, 2026
Feb 05, 2026
Feb 19, 2026
6.5 MEDIUM
CVE-2025-12131 — Truncated 802.15.4 packet leads to denial of service

A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service.

simplicity_software_development_kit | Denial of Service
Feb 05, 2026 Feb 12, 2026
Feb 05, 2026
Feb 12, 2026
6.8 MEDIUM
CVE-2026-1301 — Out-of-bounds Write in o6 Automation GmbH Open62541

In builds with PubSub and JSON enabled, a crafted JSON message can cause the decoder to write beyond a heap-allocated array before authentication, reliably crashing the process and corrupting memory.

Remote | Memory Corruption
Feb 05, 2026 Feb 05, 2026
Feb 05, 2026
Feb 05, 2026
6.5 MEDIUM
CVE-2025-15343 — Tanium addressed an incorrect default permissions vulnerability in Enforce.

Tanium addressed an incorrect default permissions vulnerability in Enforce.

service_enforce enforce | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
4.3 MEDIUM
CVE-2025-15342 — Tanium addressed an improper access controls vulnerability in Reputation.

Tanium addressed an improper access controls vulnerability in Reputation.

service_reputation reputation | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
6.5 MEDIUM
CVE-2025-15341 — Tanium addressed an incorrect default permissions vulnerability in Benchmark.

Tanium addressed an incorrect default permissions vulnerability in Benchmark.

service_benchmark benchmark | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
6.5 MEDIUM
CVE-2025-15340 — Tanium addressed an incorrect default permissions vulnerability in Comply.

Tanium addressed an incorrect default permissions vulnerability in Comply.

service_comply comply | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
6.5 MEDIUM
CVE-2025-15339 — Tanium addressed an incorrect default permissions vulnerability in Discover.

Tanium addressed an incorrect default permissions vulnerability in Discover.

service_discover discover | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
6.5 MEDIUM
CVE-2025-15338 — Tanium addressed an incorrect default permissions vulnerability in Partner Integration.

Tanium addressed an incorrect default permissions vulnerability in Partner Integration.

service_partnerintegration partner_integration | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
6.5 MEDIUM
CVE-2025-15337 — Tanium addressed an incorrect default permissions vulnerability in Patch.

Tanium addressed an incorrect default permissions vulnerability in Patch.

service_patch patch | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
6.5 MEDIUM
CVE-2025-15336 — Tanium addressed an incorrect default permissions vulnerability in Performance.

Tanium addressed an incorrect default permissions vulnerability in Performance.

service_performance performance | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
4.3 MEDIUM
CVE-2025-15335 — Tanium addressed an information disclosure vulnerability in Threat Response.

Tanium addressed an information disclosure vulnerability in Threat Response.

service_threatresponse threat_response | Remote | Information Disclosure
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
4.3 MEDIUM
CVE-2025-15334 — Tanium addressed an information disclosure vulnerability in Threat Response.

Tanium addressed an information disclosure vulnerability in Threat Response.

service_threatresponse threat_response | Remote | Information Disclosure
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
4.3 MEDIUM
CVE-2025-15333 — Tanium addressed an information disclosure vulnerability in Threat Response.

Tanium addressed an information disclosure vulnerability in Threat Response.

service_threatresponse threat_response | Remote | Information Disclosure
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
4.9 MEDIUM
CVE-2025-15332 — Tanium addressed an information disclosure vulnerability in Threat Response.

Tanium addressed an information disclosure vulnerability in Threat Response.

service_threatresponse threat_response | Remote | Information Disclosure
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
4.3 MEDIUM
CVE-2025-15331 — Tanium addressed an uncontrolled resource consumption vulnerability in Connect.

Tanium addressed an uncontrolled resource consumption vulnerability in Connect.

service_connect connect | Remote | Denial of Service
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
8.8 HIGH
CVE-2025-15330 — Tanium addressed an improper input validation vulnerability in Deploy.

Tanium addressed an improper input validation vulnerability in Deploy.

service_deploy deploy | Remote
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
Showing 20 of 5117 Results