Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.8 HIGH
CVE-2026-23719 — Simcenter Femap/Simcenter Nastran Heap-Based Buffer Overflow Vulnerability

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected application is vulnerable to heap-based buffer overflow while par…

simcenter_femap simcenter_nastran | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-23718 — Simcenter Femap/Simcenter Nastran Out-of-Bounds Read Vulnerability

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while p…

simcenter_femap simcenter_nastran | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-23717 — Femap Nastran Out of Bounds Read Arbitrary Code Execution

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while p…

simcenter_femap simcenter_nastran | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-23716 — Simcenter Femap/Femapid Simcenter Nastran/Nastrapid Out-of-Bounds Read

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while p…

simcenter_femap simcenter_nastran | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-23715 — Simcenter Femap/Simcenter Nastran Out-of-Bounds Write Vulnerability

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds write vulnerability while …

simcenter_femap simcenter_nastran | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-22923 — "NX PDF Export Data Validation Remote Code Execution Vulnerability"

A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attac…

nx nx | Information Disclosure
Feb 10, 2026 Mar 10, 2026
Feb 10, 2026
Mar 10, 2026
6.4 MEDIUM
CVE-2026-1922 — The Events Calendar Shortcode & Block <= 3.1.2 - Authenticated (Contributor+) Stored Cros…

The The Events Calendar Shortcode & Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `ecs-list-events` shortcode `message` attribute in all versions up to, and…

Remote | Cross-Site Scripting
Feb 10, 2026 Feb 10, 2026
Feb 10, 2026
Feb 10, 2026
7.2 HIGH
CVE-2026-1866 — Name Directory <= 1.32.0 - Unauthenticated Stored Cross-Site Scripting via Double HTML-En…

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via double HTML-entity encoding in all versions up to, and including, 1.32.0. This is due to the plugin's sanitiza…

name_directory | Remote | Cross-Site Scripting
Feb 10, 2026 Feb 10, 2026
Feb 10, 2026
Feb 10, 2026
7.6 HIGH
CVE-2025-40587 — Polarion Stored Cross-Site Scripting Vulnerability

A vulnerability has been identified in Polarion V2404 (All versions < V2404.5), Polarion V2410 (All versions < V2410.2). The affected application allows arbitrary JavaScript code be included in docum…

Remote | Cross-Site Scripting
Feb 10, 2026 Feb 10, 2026
Feb 10, 2026
Feb 10, 2026
5.4 MEDIUM
CVE-2025-14895 — PopupKit <= 2.2.0 - Missing Authorization to Sensitive Information Disclosure and Data De…

The PopupKit plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.0. This is due to the plugin not properly verifying that a user is authorized to acce…

Remote | Authorization
Feb 10, 2026 Feb 10, 2026
Feb 10, 2026
Feb 10, 2026
6.3 MEDIUM
CVE-2024-52334 — "Siemens syngo.plaza Password Decryption Vulnerability"

A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. This could allow an attacker to recover the or…

Remote | Cryptography
Feb 10, 2026 Feb 10, 2026
Feb 10, 2026
Feb 10, 2026
9.8 CRITICAL
CVE-2025-11242 — SSRF in Teknolist Computer's Okulistik

Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: t…

Remote | Server-Side Request Forgery
Feb 10, 2026 Feb 10, 2026
Feb 10, 2026
Feb 10, 2026
Showing 20 of 5512 Results