Latest CVE Feed
-
9.3
CRITICALCVE-2026-27471
ERP is a free and open source Enterprise Resource Planning tool. In versions up to 15.98.0 and 16.0.0-rc.1 and through 16.6.0, certain endpoints lacked access validation which allowed for unauthorized document access. This issue has been fixed in versions... Read more
Affected Products : erpnext- Published: Feb. 21, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Authorization
-
8.8
HIGHCVE-2026-27470
ZoneMinder is a free, open source closed-circuit television software application. In versions 1.36.37 and below and 1.37.61 through 1.38.0, there is a second-order SQL Injection vulnerability in the web/ajax/status.php file within the getNearEvents() func... Read more
Affected Products : zoneminder- Published: Feb. 21, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Injection
-
9.8
CRITICALCVE-2020-37162
Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability in the registration key input that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload of 1608 bytes to trigger a stack-based buff... Read more
Affected Products : wedding_slideshow_studio- Published: Feb. 07, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Memory Corruption
-
7.7
HIGHCVE-2026-27479
Wallos is an open-source, self-hostable personal subscription tracker. Versions 4.6.0 and below contain a Server-Side Request Forgery (SSRF) vulnerability in the subscription and payment logo/icon upload functionality. The application validates the IP add... Read more
Affected Products : wallos- Published: Feb. 21, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Server-Side Request Forgery
-
9.8
CRITICALCVE-2026-2183
A security vulnerability has been detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This affects an unknown part of the file /restructured/csv.php. The manipulation leads to unrestricted upload. Rem... Read more
Affected Products : certificate- Published: Feb. 08, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Misconfiguration
-
9.8
CRITICALCVE-2026-2184
A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affects unknown code of the file /restructured/csv.php. The manipulation of the argument photo results in os ... Read more
Affected Products : certificate- Published: Feb. 08, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Injection
-
6.9
MEDIUMCVE-2026-1996
Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection.... Read more
Affected Products : d9l18a_firmware j6x76a_firmware j6x80a_firmware k7s37a_firmware m9l65a_firmware m9l70a_firmware m9l66a_firmware m9l67a_firmware t0g46a_firmware j6x78a_firmware +24 more products- Published: Feb. 10, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2026-3102
A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the argument DateTimeOriginal causes os command in... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
-
0.0
NACVE-2026-3101
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and co... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Injection
-
0.0
NACVE-2026-27567
Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery (SSRF) vulnerability exists in Payload's external file upload functionality. When processing external URLs for file uploads, insufficient ... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Server-Side Request Forgery
-
0.0
NACVE-2026-2807
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-2806
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148.... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-2805
Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-2804
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-2803
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148.... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Information Disclosure
-
0.0
NACVE-2026-2802
Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148.... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-2801
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-2800
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148.... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Authentication
-
0.0
NACVE-2026-2799
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-2798
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.... Read more
Affected Products :- Published: Feb. 24, 2026
- Modified: Feb. 24, 2026
- Vuln Type: Memory Corruption