Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-1461 — Simple Membership <= 4.7.0 - Unauthenticated Improper Handling of Missing Values

The Simple Membership plugin for WordPress is vulnerable to Improper Handling of Missing Values in all versions up to, and including, 4.7.0 via the Stripe webhook handler. This is due to the plugin o…

simple_membership | Remote | Authentication
Feb 19, 2026 Feb 19, 2026
Feb 19, 2026
Feb 19, 2026
5.3 MEDIUM
CVE-2026-1219 — MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar 4.0 - 5.10 - Unauthenti…

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 4.0 to 5.10 via the 'load_track_note_ajax' due…

mp3_audio_player_for_music\,_radio_\&_podcast | Remote | Information Disclosure
Feb 19, 2026 Feb 19, 2026
Feb 19, 2026
Feb 19, 2026
9.1 CRITICAL
CVE-2025-13590 — Authenticated arbitrary file upload via a System REST API requiring administrator permiss…

A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location within the deployment via a system REST API. Successful uploads may lead to remote code exe…

api_manager api_control_plane wso2_api_control_plane wso2_api_manager wso2_universal_gateway wso2_traffic_manager +3 more | Remote | Authentication
Feb 19, 2026 Feb 20, 2026
Feb 19, 2026
Feb 20, 2026
10.0 CRITICAL
CVE-2025-12107 — Potential authenticated Server-Side Template Injection (SSTI) vulnerability.

Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successfu…

identity_server wso2_identity_server | Remote | Injection
Feb 19, 2026 Mar 06, 2026
Feb 19, 2026
Mar 06, 2026
Showing 20 of 5604 Results