Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.8 CRITICAL
CVE-2026-2166 — code-projects Online Reviewer System Login index.php sql injection

A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulati…

online_reviewer_system | Remote | Injection
Feb 08, 2026 Feb 10, 2026
Feb 08, 2026
Feb 10, 2026
9.8 CRITICAL
CVE-2026-2165 — detronetdip E-commerce Account Creation Endpoint add_seller.php missing authentication

A weakness has been identified in detronetdip E-commerce 1.0.0. Impacted is an unknown function of the file /Admin/assets/backend/seller/add_seller.php of the component Account Creation Endpoint. Exe…

e-commerce | Remote | Authentication
Feb 08, 2026 Feb 19, 2026
Feb 08, 2026
Feb 19, 2026
9.8 CRITICAL
CVE-2026-2164 — detronetdip E-commerce addadhar.php unrestricted upload

A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some unknown processing of the file /seller/assets/backend/profile/addadhar.php. Performing a manipulation of t…

e-commerce | Remote | Authentication
Feb 08, 2026 Feb 19, 2026
Feb 08, 2026
Feb 19, 2026
7.2 HIGH
CVE-2026-2163 — D-Link DIR-600 ssdp.cgi command injection

A vulnerability was identified in D-Link DIR-600 up to 2.15WWb02. This vulnerability affects unknown code of the file ssdp.cgi. Such manipulation of the argument HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVE…

dir-600_firmware dir-600 | Remote | Injection
Feb 08, 2026 Feb 11, 2026
Feb 08, 2026
Feb 11, 2026
Showing 20 of 5064 Results