Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.3 MEDIUM
CVE-2025-8308 — Reflected XSS in Key Software's INFOREX

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Key Software Solutions Inc. INFOREX- General Information Management System allows XSS Thro…

Remote | Cross-Site Scripting
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
8.8 HIGH
CVE-2025-60038 — "Bosch Rexroth IndraWorks Remote Code Execution Vulnerability"

A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized da…

rexroth_indraworks | Remote | Injection
Feb 18, 2026 Feb 24, 2026
Feb 18, 2026
Feb 24, 2026
8.8 HIGH
CVE-2025-60037 — Rexroth IndraWorks Remote Code Execution Vulnerability

A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized da…

rexroth_indraworks | Remote | Information Disclosure
Feb 18, 2026 Feb 24, 2026
Feb 18, 2026
Feb 24, 2026
8.8 HIGH
CVE-2025-60036 — Rexroth IndraWorks UA.Testclient Remote Code Execution Vulnerability

A vulnerability has been identified in the UA.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary …

rexroth_indraworks rexroth_ua.testclient | Remote | Misconfiguration
Feb 18, 2026 Feb 24, 2026
Feb 18, 2026
Feb 24, 2026
8.8 HIGH
CVE-2025-60035 — Rexroth IndraWorks OPC.Testclient Remote Code Execution (RCE)

A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary…

rexroth_indraworks | Remote | Memory Corruption
Feb 18, 2026 Feb 24, 2026
Feb 18, 2026
Feb 24, 2026
8.6 HIGH
CVE-2025-59920 — SQL injection in time@work from systems@work

When hours are entered in time@work, version 7.0.5, it performs a query to display the projects assigned to the user. If the query URL is copied and opened in a new browser window, the ‘IDClient’ par…

time_at_work | Remote | Injection
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
7.8 HIGH
CVE-2025-33253 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability …

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33252 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, informa…

nemo | Denial of Service
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33251 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, informa…

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33250 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, informa…

nemo | Information Disclosure
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33249 — NVIDIA NeMo Framework Code Injection Vulnerability

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of th…

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33246 — NVIDIA NeMo Framework Command Injection Vulnerability

NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. A …

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
8.8 HIGH
CVE-2025-33245 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privilege…

nemo | Remote | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33243 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution…

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33241 — NVIDIA NeMo Framework Remote Code Execution Vulnerability

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code…

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.8 HIGH
CVE-2025-33240 — NVIDIA Megatron Bridge Code Injection Vulnerability

NVIDIA Megatron Bridge contains a vulnerability in a data shuffling tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code executi…

megatron-bridge | Injection
Feb 18, 2026 Feb 26, 2026
Feb 18, 2026
Feb 26, 2026
7.8 HIGH
CVE-2025-33239 — NVIDIA Megatron Bridge Code Injection Vulnerability

NVIDIA Megatron Bridge contains a vulnerability in a data merging tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code execution…

megatron-bridge | Injection
Feb 18, 2026 Feb 26, 2026
Feb 18, 2026
Feb 26, 2026
7.8 HIGH
CVE-2025-33236 — NVIDIA NeMo Framework Code Injection Vulnerability

NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalat…

nemo | Injection
Feb 18, 2026 Feb 20, 2026
Feb 18, 2026
Feb 20, 2026
7.3 HIGH
CVE-2025-14340 — Admin Account Takeover via malicious URL payload

Cross-site scripting in REST Management Interface in Payara Server <4.1.2.191.54, <5.83.0, <6.34.0, <7.2026.1 allows an attacker to mislead the administrator to change the admin password via URL Payl…

Remote | Cross-Site Scripting
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
4.3 MEDIUM
CVE-2026-2386 — The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu,…

The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and incl…

Remote | Authorization
Feb 18, 2026 Feb 18, 2026
Feb 18, 2026
Feb 18, 2026
Showing 20 of 5381 Results