Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
4.3 MEDIUM
CVE-2025-15331 — Tanium addressed an uncontrolled resource consumption vulnerability in Connect.

Tanium addressed an uncontrolled resource consumption vulnerability in Connect.

service_connect connect | Remote | Denial of Service
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
8.8 HIGH
CVE-2025-15330 — Tanium addressed an improper input validation vulnerability in Deploy.

Tanium addressed an improper input validation vulnerability in Deploy.

service_deploy deploy | Remote
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
4.9 MEDIUM
CVE-2025-15329 — Tanium addressed an information disclosure vulnerability in Threat Response.

Tanium addressed an information disclosure vulnerability in Threat Response.

service_threatresponse threat_response | Remote | Information Disclosure
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
5.0 MEDIUM
CVE-2025-15328 — Tanium addressed an improper link resolution before file access vulnerability in Enforce.

Tanium addressed an improper link resolution before file access vulnerability in Enforce.

service_enforce enforce | Path Traversal
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
4.3 MEDIUM
CVE-2025-15327 — Tanium addressed an improper access controls vulnerability in Deploy.

Tanium addressed an improper access controls vulnerability in Deploy.

service_deploy deploy | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
4.3 MEDIUM
CVE-2025-15326 — Tanium addressed an improper access controls vulnerability in Patch.

Tanium addressed an improper access controls vulnerability in Patch.

service_patch patch | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
6.3 MEDIUM
CVE-2025-15325 — Tanium addressed an improper input validation vulnerability in Discover.

Tanium addressed an improper input validation vulnerability in Discover.

service_discover discover | Remote
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
6.6 MEDIUM
CVE-2025-15324 — Tanium addressed a local privilege escalation vulnerability in Engage.

Tanium addressed a documentation issue in Engage.

service_engage engage
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
3.7 LOW
CVE-2025-15323 — Tanium addressed an improper certificate validation vulnerability in Tanium Appliance.

Tanium addressed an improper certificate validation vulnerability in Tanium Appliance.

tanos tanos | Remote | Misconfiguration
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
2.7 LOW
CVE-2025-15321 — Tanium addressed an improper input validation vulnerability in Tanium Appliance.

Tanium addressed an improper input validation vulnerability in Tanium Appliance.

tanos tanos | Remote
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
7.2 HIGH
CVE-2025-15312 — Tanium addressed an improper output sanitization vulnerability in TanOS.

Tanium addressed an improper output sanitization vulnerability in Tanium Appliance.

tanos tanos | Remote | Information Disclosure
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
7.8 HIGH
CVE-2025-15311 — Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.

Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.

tanos tanos | Misconfiguration
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
3.1 LOW
CVE-2025-15289 — Tanium addressed an improper access controls vulnerability in Interact.

Tanium addressed an improper access controls vulnerability in Interact.

service_interact interact | Remote | Authorization
Feb 05, 2026 Feb 10, 2026
Feb 05, 2026
Feb 10, 2026
7.4 HIGH
CVE-2026-1707 — Restore restriction bypass via key disclosure vulnerability (pgAdmin 4)

pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An at…

pgadmin pgadmin_4 | Remote | Information Disclosure
Feb 05, 2026 Feb 26, 2026
Feb 05, 2026
Feb 26, 2026
9.8 CRITICAL
CVE-2025-70073 — ChestnutCMS Remote Code Execution

An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function

chestnutcms | Remote
Feb 05, 2026 Feb 12, 2026
Feb 05, 2026
Feb 12, 2026
10.0 CRITICAL
CVE-2025-68121 — Unexpected session resumption in crypto/tls

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succee…

go | Remote | Cryptography
Feb 05, 2026 Feb 20, 2026
Feb 05, 2026
Feb 20, 2026
5.3 MEDIUM
CVE-2025-58190 — Infinite parsing loop in golang.org/x/net

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML …

networking html | Remote | Denial of Service
Feb 05, 2026 Feb 18, 2026
Feb 05, 2026
Feb 18, 2026
5.3 MEDIUM
CVE-2025-47911 — Quadratic parsing complexity in golang.org/x/net/html

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted H…

networking html | Remote | Denial of Service
Feb 05, 2026 Feb 18, 2026
Feb 05, 2026
Feb 18, 2026
8.8 HIGH
CVE-2025-15557 — Improper Certificate Validation in TP-Link Tapo H100 and P100 Allows Man-in-the-Middle At…

An Improper Certificate Validation vulnerability in TP-Link Tapo H100 v1 and Tapo P100 v1 allows an on-path attacker on the same network segment to intercept and modify encrypted device-cloud communi…

tapo_h100_firmware tapo_h100 tapo_p100_firmware tapo_p100 | Cryptography
Feb 05, 2026 Feb 12, 2026
Feb 05, 2026
Feb 12, 2026
5.9 MEDIUM
CVE-2025-15551 — LAN Code Execution on TP-Link Archer MR200, Archer C20, TL-WR850N and TL-WR845N

The response coming from TP-Link Archer MR200 v5.2, C20 v6, TL-WR850N v3, and TL-WR845N v4 for any request is getting executed by the JavaScript function like eval directly without any check. Attacke…

archer_c20_firmware archer_c20 tl-wr845n_firmware tl-wr845n archer_mr200_firmware archer_mr200 +2 more | Injection
Feb 05, 2026 Feb 12, 2026
Feb 05, 2026
Feb 12, 2026
Showing 20 of 5141 Results