Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
4.8 MEDIUM
CVE-2026-1971 — Edimax BR-6288ACL wiz_WISP24gmanual.asp wiz_WISP24gmanual cross site scripting

A vulnerability has been found in Edimax BR-6288ACL up to 1.12. Impacted is the function wiz_WISP24gmanual of the file wiz_WISP24gmanual.asp. Such manipulation of the argument manualssid leads to cro…

br-6288acl_firmware br-6288acl | Remote | Cross-Site Scripting
Feb 06, 2026 Feb 20, 2026
Feb 06, 2026
Feb 20, 2026
5.3 MEDIUM
CVE-2026-23623 — Collabora Online vulnerable to Authorization Bypass

Collabora Online is a collaborative online office suite based on LibreOffice technology. Prior to Collabora Online Development Edition version 25.04.08.2 and prior to Collabora Online versions 23.05.…

online | Remote | Authorization
Feb 06, 2026 Feb 06, 2026
Feb 06, 2026
Feb 06, 2026
9.8 CRITICAL
CVE-2026-24302 — Azure Arc Elevation of Privilege Vulnerability

Azure Arc Elevation of Privilege Vulnerability

azure_arc | Remote
Feb 05, 2026 Feb 12, 2026
Feb 05, 2026
Feb 12, 2026
9.8 CRITICAL
CVE-2026-24300 — Azure Front Door Elevation of Privilege Vulnerability

Azure Front Door Elevation of Privilege Vulnerability

azure_front_door
Feb 05, 2026 Feb 12, 2026
Feb 05, 2026
Feb 12, 2026
8.2 HIGH
CVE-2026-21532 — Azure Function Information Disclosure Vulnerability

Azure Function Information Disclosure Vulnerability

azure_functions
Feb 05, 2026 Feb 12, 2026
Feb 05, 2026
Feb 12, 2026
6.5 MEDIUM
CVE-2026-0391 — Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.

edge_chromium
Feb 05, 2026 Feb 18, 2026
Feb 05, 2026
Feb 18, 2026
3.7 LOW
CVE-2025-68458 — webpack buildHttp: allowedUris allow-list bypass via URL userinfo (@) leading to build-ti…

Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) can be bypassed to fetch resources from hosts out…

webpack | Remote | Server-Side Request Forgery
Feb 05, 2026 Feb 13, 2026
Feb 05, 2026
Feb 13, 2026
3.7 LOW
CVE-2025-68157 — webpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirects

Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) enforces allowedUris only for the initial URL, bu…

webpack | Remote | Server-Side Request Forgery
Feb 05, 2026 Feb 13, 2026
Feb 05, 2026
Feb 13, 2026
8.7 HIGH
CVE-2025-32393 — AutoGPT has a DoS vulnerability in ReadRSSFeedBlock

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS…

autogpt_platform | Remote | Denial of Service
Feb 05, 2026 Feb 17, 2026
Feb 05, 2026
Feb 17, 2026
Showing 20 of 5089 Results