Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.8 HIGH
CVE-2025-60037 — Rexroth IndraWorks Remote Code Execution Vulnerability

A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized da…

rexroth_indraworks | Remote | Information Disclosure
Feb 18, 2026 Feb 24, 2026
Feb 18, 2026
Feb 24, 2026
8.8 HIGH
CVE-2025-60036 — Rexroth IndraWorks UA.Testclient Remote Code Execution Vulnerability

A vulnerability has been identified in the UA.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary …

rexroth_indraworks rexroth_ua.testclient | Remote | Misconfiguration
Feb 18, 2026 Feb 24, 2026
Feb 18, 2026
Feb 24, 2026
8.8 HIGH
CVE-2025-60035 — Rexroth IndraWorks OPC.Testclient Remote Code Execution (RCE)

A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary…

rexroth_indraworks | Remote | Memory Corruption
Feb 18, 2026 Feb 24, 2026
Feb 18, 2026
Feb 24, 2026
8.6 HIGH
CVE-2025-59920 — SQL injection in time@work from systems@work

When hours are entered in time@work, version 7.0.5, it performs a query to display the projects assigned to the user. If the query URL is copied and opened in a new browser window, the ‘IDClient’ par…

time_at_work | Remote | Injection
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
7.8 HIGH
CVE-2025-33253 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability …

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33252 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, informa…

nemo | Denial of Service
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33251 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, informa…

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33250 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, informa…

nemo | Information Disclosure
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33249 — NVIDIA NeMo Framework Code Injection Vulnerability

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of th…

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33246 — NVIDIA NeMo Framework Command Injection Vulnerability

NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. A …

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
8.8 HIGH
CVE-2025-33245 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privilege…

nemo | Remote | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33243 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution…

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33241 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code…

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33240 — NVIDIA Megatron Bridge Code Injection Vulnerability

NVIDIA Megatron Bridge contains a vulnerability in a data shuffling tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code executi…

megatron-bridge | Injection
Feb 18, 2026 Feb 26, 2026
Feb 18, 2026
Feb 26, 2026
7.8 HIGH
CVE-2025-33239 — NVIDIA Megatron Bridge Code Injection Vulnerability

NVIDIA Megatron Bridge contains a vulnerability in a data merging tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code execution…

megatron-bridge | Injection
Feb 18, 2026 Feb 26, 2026
Feb 18, 2026
Feb 26, 2026
7.8 HIGH
CVE-2025-33236 — NVIDIA NeMo Framework Code Injection Vulnerability

NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalat…

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.3 HIGH
CVE-2025-14340 — Admin Account Takeover via malicious URL payload

Cross-site scripting in REST Management Interface in Payara Server <4.1.2.191.54, <5.83.0, <6.34.0, <7.2026.1 allows an attacker to mislead the administrator to change the admin password via URL Payl…

Remote | Cross-Site Scripting
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
4.3 MEDIUM
CVE-2026-2386 — The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu,…

The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and incl…

Remote | Authorization
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
3.7 LOW
CVE-2026-1582 — WP All Export <= 1.4.14 - Unauthenticated Sensitive Information Exposure via PHP Type Jug…

The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.14 via the export download endpoint. This is due to a PHP type jugglin…

Remote | Authentication
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
6.5 MEDIUM
CVE-2026-1317 — WP Import – Ultimate CSV XML Importer for WordPress <= 7.37 - Authenticated (Subscriber+)…

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 7.37. This is due to insufficient escaping on the `fi…

Remote | Injection
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
Showing 20 of 5070 Results