Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.8 CRITICAL
CVE-2025-6830 — SQLi in Xpoda Türkiye Information Technology's Password Module

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpoda Türkiye Information Technology Inc. Password Module allows SQL Injection.This issue affects…

Remote | Injection
Feb 09, 2026 Feb 11, 2026
Feb 09, 2026
Feb 11, 2026
7.3 HIGH
CVE-2025-10463 — Improper Authentication in Birtech Information Technologies' Sensaway

Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse.This issue affects Senseway: through 09022026.  NOTE: Becau…

Remote | Authentication
Feb 09, 2026 Mar 09, 2026
Feb 09, 2026
Mar 09, 2026
9.8 CRITICAL
CVE-2026-25848 — JetBrains Hub Authentication Bypass Vulnerability

In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible

hub | Remote | Authentication
Feb 09, 2026 Feb 18, 2026
Feb 09, 2026
Feb 18, 2026
8.2 HIGH
CVE-2026-25847 — JetBrains PyCharm DOM-based XSS Vulnerability

In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible

pycharm | Remote | Cross-Site Scripting
Feb 09, 2026 Feb 18, 2026
Feb 09, 2026
Feb 18, 2026
6.5 MEDIUM
CVE-2026-25846 — JetBrains YouTrack Mailbox Token Exposure Vulnerability

In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logs

youtrack | Remote | Information Disclosure
Feb 09, 2026 Feb 18, 2026
Feb 09, 2026
Feb 18, 2026
6.5 MEDIUM
CVE-2026-24098 — Apache Airflow: Assigning single DAG permission leaked all DAGs Import Errors

Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with permission to one or more specific Dags to view import errors generated by other Dags they did not hav…

airflow | Remote | Information Disclosure
Feb 09, 2026 Mar 10, 2026
Feb 09, 2026
Mar 10, 2026
6.5 MEDIUM
CVE-2026-22922 — Apache Airflow: Airflow externalLogUrl Permission Bypass

Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log…

airflow | Remote | Authorization
Feb 09, 2026 Feb 11, 2026
Feb 09, 2026
Feb 11, 2026
Showing 20 of 5387 Results