Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2026-27471

    ERP is a free and open source Enterprise Resource Planning tool. In versions up to 15.98.0 and 16.0.0-rc.1 and through 16.6.0, certain endpoints lacked access validation which allowed for unauthorized document access. This issue has been fixed in versions... Read more

    Affected Products : erpnext
    • Published: Feb. 21, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Authorization

  • 8.8

    HIGH
    CVE-2026-27470

    ZoneMinder is a free, open source closed-circuit television software application. In versions 1.36.37 and below and 1.37.61 through 1.38.0, there is a second-order SQL Injection vulnerability in the web/ajax/status.php file within the getNearEvents() func... Read more

    Affected Products : zoneminder
    • Published: Feb. 21, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2020-37162

    Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability in the registration key input that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload of 1608 bytes to trigger a stack-based buff... Read more

    Affected Products : wedding_slideshow_studio
    • Published: Feb. 07, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Memory Corruption

  • 7.7

    HIGH
    CVE-2026-27479

    Wallos is an open-source, self-hostable personal subscription tracker. Versions 4.6.0 and below contain a Server-Side Request Forgery (SSRF) vulnerability in the subscription and payment logo/icon upload functionality. The application validates the IP add... Read more

    Affected Products : wallos
    • Published: Feb. 21, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Server-Side Request Forgery

  • 9.8

    CRITICAL
    CVE-2026-2183

    A security vulnerability has been detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This affects an unknown part of the file /restructured/csv.php. The manipulation leads to unrestricted upload. Rem... Read more

    Affected Products : certificate
    • Published: Feb. 08, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2026-2184

    A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affects unknown code of the file /restructured/csv.php. The manipulation of the argument photo results in os ... Read more

    Affected Products : certificate
    • Published: Feb. 08, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 6.9

    MEDIUM
    CVE-2026-1996

    Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection.... Read more

    • Published: Feb. 10, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2026-3102

    A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the argument DateTimeOriginal causes os command in... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026

  • 0.0

    NA
    CVE-2026-3101

    A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and co... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2026-27567

    Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery (SSRF) vulnerability exists in Payload's external file upload functionality. When processing external URLs for file uploads, insufficient ... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Server-Side Request Forgery

  • 0.0

    NA
    CVE-2026-2807

    Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-2806

    Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-2805

    Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-2804

    Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-2803

    Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Information Disclosure

  • 0.0

    NA
    CVE-2026-2802

    Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2026-2801

    Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-2800

    Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Authentication

  • 0.0

    NA
    CVE-2026-2799

    Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-2798

    Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.... Read more

    Affected Products :
    • Published: Feb. 24, 2026
    • Modified: Feb. 24, 2026
    • Vuln Type: Memory Corruption
Showing 20 of 4774 Results