Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
4.3 MEDIUM
CVE-2026-25633 — Statamic's missing authorization allows access to assets

Statamic is a, Laravel + Git powered CMS designed for building websites. Prior to 5.73.6 and 6.2.5, users without permission to view assets are able are able to download them and view their metadata.…

statamic | Remote | Authorization
Feb 11, 2026 Feb 18, 2026
Feb 11, 2026
Feb 18, 2026
5.5 MEDIUM
CVE-2026-25062 — Outline Affected an Arbitrary File Read via Path Traversal in JSON Import

Outline is a service that allows for collaborative documentation. Prior to 1.4.0, during the JSON import process, the value of attachments[].key from the imported JSON is passed directly to path.join…

outline | Remote | Path Traversal
Feb 11, 2026 Feb 20, 2026
Feb 11, 2026
Feb 20, 2026
6.9 MEDIUM
CVE-2025-68663 — Outline has a suspended user authentication bypass via WebSocket connections

Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a vulnerability was found in Outline's WebSocket authentication mechanism that allows suspended users to maintain or …

outline | Remote | Authentication
Feb 11, 2026 Feb 20, 2026
Feb 11, 2026
Feb 20, 2026
7.6 HIGH
CVE-2025-64487 — Outline is vulnerable to privilege escalation vulnerability in document sharing

Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorizati…

outline | Remote | Authorization
Feb 11, 2026 Feb 20, 2026
Feb 11, 2026
Feb 20, 2026
8.8 HIGH
CVE-2024-50620 — CIPPlanner CIPAce Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerabilities exist in the rich text editor and document manage components in CIPPlanner CIPAce before 9.17. An authorized user can upload executable…

cipace | Remote | Misconfiguration
Feb 11, 2026 Feb 20, 2026
Feb 11, 2026
Feb 20, 2026
7.5 HIGH
CVE-2020-37215 — MSN Password Recovery 1.30 - Denial of Service

MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized input in the registration code field. Attackers …

office_password_recovery | Remote | Denial of Service
Feb 11, 2026 Feb 12, 2026
Feb 11, 2026
Feb 12, 2026
8.7 HIGH
CVE-2020-37214 — Voyager 1.3.0 - Directory Traversal

Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in…

voyager | Remote | Path Traversal
Feb 11, 2026 Feb 12, 2026
Feb 11, 2026
Feb 12, 2026
7.5 HIGH
CVE-2020-37213 — TextCrawler Pro3.1.1 - Denial of Service

TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-…

Remote | Denial of Service
Feb 11, 2026 Feb 12, 2026
Feb 11, 2026
Feb 12, 2026
7.5 HIGH
CVE-2020-37212 — SpotMSN 2.4.6 - 'Name' Denial of Service

SpotMSN 2.4.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste…

spotmsn | Remote | Denial of Service
Feb 11, 2026 Feb 26, 2026
Feb 11, 2026
Feb 26, 2026
7.5 HIGH
CVE-2020-37211 — SpotIM 2.2 - 'Name' Denial Of Service

SpotIM 2.2 contains a denial of service vulnerability that allows attackers to crash the application by inputting a large buffer in the registration name field. Attackers can generate a 1000-characte…

spotim | Remote | Denial of Service
Feb 11, 2026 Feb 26, 2026
Feb 11, 2026
Feb 26, 2026
7.5 HIGH
CVE-2020-37210 — SpotIE 2.9.5 - 'Key' Denial of Service

SpotIE 2.9.5 contains a denial of service vulnerability in the registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste …

spotie | Remote | Denial of Service
Feb 11, 2026 Feb 26, 2026
Feb 11, 2026
Feb 26, 2026
7.5 HIGH
CVE-2020-37209 — SpotFTP FTP Password Recovery 3.0.0.0 - 'Name' Denial of Service

SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload …

spotftp | Remote | Denial of Service
Feb 11, 2026 Feb 20, 2026
Feb 11, 2026
Feb 20, 2026
7.5 HIGH
CVE-2020-37208 — SpotFTP FTP Password Recovery 3.0.0.0 - 'Key' Denial of Service

SpotFTP 3.0.0.0 contains a buffer overflow vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste …

spotftp | Remote | Memory Corruption
Feb 11, 2026 Feb 20, 2026
Feb 11, 2026
Feb 20, 2026
7.5 HIGH
CVE-2020-37207 — SpotDialup 1.6.7 - 'Key' Denial of Service

SpotDialup 1.6.7 contains a denial of service vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload …

spotdialup | Remote | Denial of Service
Feb 11, 2026 Feb 26, 2026
Feb 11, 2026
Feb 26, 2026
7.5 HIGH
CVE-2020-37206 — ShareAlarmPro Advanced Network Access Control - 'Key' Denial of Service

ShareAlarmPro contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payl…

sharealarmpro | Remote | Denial of Service
Feb 11, 2026 Feb 26, 2026
Feb 11, 2026
Feb 26, 2026
7.5 HIGH
CVE-2020-37205 — RemShutdown 2.9.0.0 - 'Name' Denial of Service

RemShutdown 2.9.0.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' registration field. Attackers can generate a 1000-character buf…

remshutdown | Remote | Denial of Service
Feb 11, 2026 Feb 20, 2026
Feb 11, 2026
Feb 20, 2026
7.5 HIGH
CVE-2020-37204 — RemShutdown 2.9.0.0 - 'Key' Denial of Service

RemShutdown 2.9.0.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and…

remshutdown | Remote | Denial of Service
Feb 11, 2026 Feb 20, 2026
Feb 11, 2026
Feb 20, 2026
7.5 HIGH
CVE-2020-37203 — Office Product Key Finder 1.5.4 - Denial of Service

Office Product Key Finder 1.5.4 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the registration code input. Attackers can create a specially…

Remote | Denial of Service
Feb 11, 2026 Feb 12, 2026
Feb 11, 2026
Feb 12, 2026
7.5 HIGH
CVE-2020-37202 — NetworkSleuth 3.0.0.0 - 'Key' Denial of Service

NetworkSleuth 3.0.0.0 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buf…

Remote | Denial of Service
Feb 11, 2026 Feb 12, 2026
Feb 11, 2026
Feb 12, 2026
7.5 HIGH
CVE-2020-37201 — NetShareWatcher 1.5.8.0 - 'Name' Denial Of Service

NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration name input that allows attackers to crash the application. Attackers can generate a 1000-character payload and pas…

netsharewatcher | Remote | Memory Corruption
Feb 11, 2026 Feb 17, 2026
Feb 11, 2026
Feb 17, 2026
Showing 20 of 5071 Results