Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.3 HIGH
CVE-2025-13818 — Local privilege escalation in ESET Management Agent for Windows

Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent

management_agent | Misconfiguration
Feb 06, 2026 Feb 18, 2026
Feb 06, 2026
Feb 18, 2026
7.5 HIGH
CVE-2026-2055 — D-Link DIR-605L/DIR-619L DHCP Client Information information disclosure

A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation …

dir-605l_firmware dir-619l_firmware dir-605l dir-619l | Remote | Information Disclosure
Feb 06, 2026 Feb 17, 2026
Feb 06, 2026
Feb 17, 2026
7.5 HIGH
CVE-2026-2054 — D-Link DIR-605L/DIR-619L Wifi Setting information disclosure

A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in inform…

dir-605l_firmware dir-619l_firmware dir-605l dir-619l | Remote | Information Disclosure
Feb 06, 2026 Feb 17, 2026
Feb 06, 2026
Feb 17, 2026
9.8 CRITICAL
CVE-2026-2018 — itsourcecode School Management System controller.php sql injection

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injecti…

school_management_system school_management_system | Remote | Injection
Feb 06, 2026 Feb 10, 2026
Feb 06, 2026
Feb 10, 2026
10.0 HIGH
CVE-2026-2017 — IP-COM W30AP POST Request wx3auth R7WebsSecurityHandler stack-based overflow

A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The …

w30ap_firmware w30ap | Remote | Memory Corruption
Feb 06, 2026 Feb 17, 2026
Feb 06, 2026
Feb 17, 2026
7.8 HIGH
CVE-2026-2016 — happyfish100 libfastcommon base64.c base64_decode stack-based overflow

A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to…

libfastcommon | Memory Corruption
Feb 06, 2026 Feb 17, 2026
Feb 06, 2026
Feb 17, 2026
6.4 MEDIUM
CVE-2026-1293 — Yoast SEO <= 26.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'yoast-s…

The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the `yoast-schema` block attribute in all versions up to…

Remote | Cross-Site Scripting
Feb 06, 2026 Feb 06, 2026
Feb 06, 2026
Feb 06, 2026
8.8 HIGH
CVE-2026-2015 — Portabilis i-Educar Final Status Import FinalStatusImportService.php improper authorizati…

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulati…

i-educar | Remote | Authorization
Feb 06, 2026 Feb 10, 2026
Feb 06, 2026
Feb 10, 2026
9.8 CRITICAL
CVE-2026-2014 — itsourcecode Student Management System index.php sql injection

A security flaw has been discovered in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /ramonsys/billing/index.php. Performing a manipulation of the argument …

student_management_system school_management_system student_management_system | Remote | Injection
Feb 06, 2026 Feb 10, 2026
Feb 06, 2026
Feb 10, 2026
9.8 CRITICAL
CVE-2026-2013 — itsourcecode Student Management System index.php sql injection

A vulnerability was identified in itsourcecode Student Management System 1.0. This affects an unknown function of the file /ramonsys/soa/index.php. Such manipulation of the argument ID leads to sql i…

student_management_system school_management_system student_management_system | Remote | Injection
Feb 06, 2026 Feb 10, 2026
Feb 06, 2026
Feb 10, 2026
5.8 MEDIUM
CVE-2026-24928 — Apache File System Out-of-Bounds Write Vulnerability

Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

emui harmonyos | Memory Corruption
Feb 06, 2026 Feb 09, 2026
Feb 06, 2026
Feb 09, 2026
5.5 MEDIUM
CVE-2026-24927 — "Siemens Frequency Modulation Out-of-Bounds Access Vulnerability"

Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.

emui harmonyos | Memory Corruption
Feb 06, 2026 Feb 09, 2026
Feb 06, 2026
Feb 09, 2026
6.1 MEDIUM
CVE-2026-24924 — HP Print Module Privilege Escalation Vulnerability

Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

harmonyos | Authorization
Feb 06, 2026 Mar 05, 2026
Feb 06, 2026
Mar 05, 2026
6.2 MEDIUM
CVE-2026-24920 — Adobe Experience Manager (AEM) Permission Control Vulnerability - Availability

Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability.

emui harmonyos | Authorization
Feb 06, 2026 Feb 09, 2026
Feb 06, 2026
Feb 09, 2026
9.8 CRITICAL
CVE-2026-2012 — itsourcecode Student Management System index.php sql injection

A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /ramonsys/facultyloading/index.php. This manipulation of the argu…

student_management_system school_management_system student_management_system | Remote | Injection
Feb 06, 2026 Feb 10, 2026
Feb 06, 2026
Feb 10, 2026
9.8 CRITICAL
CVE-2026-2011 — itsourcecode Student Management System controller.php sql injection

A vulnerability was found in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /ramonsys/enrollment/controller.php. The manipulation of the argument …

student_management_system school_management_system student_management_system | Remote | Injection
Feb 06, 2026 Feb 10, 2026
Feb 06, 2026
Feb 10, 2026
5.9 MEDIUM
CVE-2026-24931 — Verifone Card Module Information Disclosure Vulnerability

Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

harmonyos | Authorization
Feb 06, 2026 Feb 09, 2026
Feb 06, 2026
Feb 09, 2026
8.4 HIGH
CVE-2026-24930 — Adobe Flash UAF Concurrency Vulnerability

UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.

harmonyos | Memory Corruption
Feb 06, 2026 Feb 09, 2026
Feb 06, 2026
Feb 09, 2026
5.9 MEDIUM
CVE-2026-24929 — Adobe Flash Out-of-bounds Read Vulnerability

Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.

harmonyos | Memory Corruption
Feb 06, 2026 Feb 09, 2026
Feb 06, 2026
Feb 09, 2026
8.4 HIGH
CVE-2026-24926 — "Canon Camera Out-of-Bounds Write Vulnerability"

Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.

harmonyos | Memory Corruption
Feb 06, 2026 Feb 10, 2026
Feb 06, 2026
Feb 10, 2026
Showing 20 of 5089 Results