Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.2 HIGH
CVE-2026-2213 — code-projects Online Music Site AdminAddAlbum.php unrestricted upload

A security flaw has been discovered in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminAddAlbum.php. The manipulation of …

online_music_site | Remote | Misconfiguration
Feb 09, 2026 Feb 10, 2026
Feb 09, 2026
Feb 10, 2026
9.8 CRITICAL
CVE-2026-1615 — Jsonpath Arbitrary Code Injection Vulnerability

Versions of the package jsonpath before 1.2.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path expressions. The library relies on the static-eval module to …

Remote | Injection
Feb 09, 2026 Feb 23, 2026
Feb 09, 2026
Feb 23, 2026
7.5 HIGH
CVE-2025-66598 — Yokogawa Electric Corporation FAST/TOOLS SSL/TLS Decryption Vulnerability

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports old SSL/TLS versions, potentially allowing an attacker to decrypt communications with …

fast\/tools | Remote | Cryptography
Feb 09, 2026 Mar 06, 2026
Feb 09, 2026
Mar 06, 2026
8.8 HIGH
CVE-2025-66597 — Yokogawa Electric Corporation FAST/TOOLS Weak Cryptography Vulnerability

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports weak cryptographic algorithms, potentially allowing an attacker to decrypt communicati…

fast\/tools | Remote | Cryptography
Feb 09, 2026 Mar 06, 2026
Feb 09, 2026
Mar 06, 2026
6.9 MEDIUM
CVE-2025-66596 — Yokogawa Electric Corporation FAST/TOOLS Host Header Injection Vulnerability

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate request headers. When an attacker inserts an invalid host header, us…

fast\/tools | Remote | Misconfiguration
Feb 09, 2026 Mar 06, 2026
Feb 09, 2026
Mar 06, 2026
6.3 MEDIUM
CVE-2025-66595 — Yokogawa Electric Corporation FAST/TOOLS CSRF Vulnerability

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product is vulnerable to Cross-Site Request Forgery (CSRF). When a user accesses a link crafted by an a…

fast\/tools | Remote | Cross-Site Request Forgery
Feb 09, 2026 Mar 06, 2026
Feb 09, 2026
Mar 06, 2026
6.9 MEDIUM
CVE-2025-66594 — Yokogawa Electric Corporation FAST/TOOLS Information Disclosure Vulnerability

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are displayed on the error page. This information could be exploited by an attacker for othe…

fast\/tools | Remote | Information Disclosure
Feb 09, 2026 Mar 06, 2026
Feb 09, 2026
Mar 06, 2026
Showing 20 of 5387 Results