Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.8

    MEDIUM
    CVE-2026-1744

    A vulnerability was found in D-Link DSL-6641K N8.TR069.20131126. Affected by this issue is the function doSubmitPPP of the file sp_pppoe_user.js. The manipulation of the argument Username results in cross site scripting. The attack may be launched remotel... Read more

    Affected Products : dsl-6641k_firmware dsl-6641k
    • Published: Feb. 02, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Cross-Site Scripting

  • 8.8

    HIGH
    CVE-2026-1596

    A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fota_url causes command injection. The attack is possible to be carried ou... Read more

    Affected Products : dwr-m961_firmware dwr-m961
    • Published: Jan. 29, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Injection

  • 5.3

    MEDIUM
    CVE-2026-24673

    The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, a file upload validation bypass vulnerability allows attackers to upload files with prohibited extensions by embedding them inside ZIP ... Read more

    Affected Products : open_eclass_platform openeclass
    • Published: Feb. 03, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Misconfiguration

  • 3.1

    LOW
    CVE-2025-15289

    Tanium addressed an improper access controls vulnerability in Interact.... Read more

    Affected Products : service_interact interact
    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 5.0

    MEDIUM
    CVE-2025-15328

    Tanium addressed an improper link resolution before file access vulnerability in Enforce.... Read more

    Affected Products : service_enforce enforce
    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Path Traversal

  • 6.5

    MEDIUM
    CVE-2025-15343

    Tanium addressed an incorrect default permissions vulnerability in Enforce.... Read more

    Affected Products : service_enforce enforce
    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 6.6

    MEDIUM
    CVE-2025-15324

    Tanium addressed a documentation issue in Engage.... Read more

    Affected Products : service_engage engage
    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026

  • 8.8

    HIGH
    CVE-2025-15330

    Tanium addressed an improper input validation vulnerability in Deploy.... Read more

    Affected Products : service_deploy deploy
    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026

  • 4.3

    MEDIUM
    CVE-2025-15327

    Tanium addressed an improper access controls vulnerability in Deploy.... Read more

    Affected Products : service_deploy deploy
    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-15331

    Tanium addressed an uncontrolled resource consumption vulnerability in Connect.... Read more

    Affected Products : service_connect connect
    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Denial of Service

  • 6.1

    MEDIUM
    CVE-2026-24674

    The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, a Reflected Cross-Site Scripting (XSS) vulnerability allows remote attackers to execute arbitrary JavaScript in the context of authenti... Read more

    Affected Products : open_eclass_platform openeclass
    • Published: Feb. 03, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Cross-Site Scripting

  • 3.7

    LOW
    CVE-2025-15323

    Tanium addressed an improper certificate validation vulnerability in Tanium Appliance.... Read more

    Affected Products : tanos tanos
    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Misconfiguration

  • 6.5

    MEDIUM
    CVE-2026-0949

    PEM versions prior to 9.8.1 are affected by a stored Cross-site Scripting (XSS) vulnerability that allows users with access to the Manage Charts menu to inject arbitrary JavaScript when creating a new chart, which is then executed by any user accessing th... Read more

    Affected Products : postgres_enterprise_manager
    • Published: Jan. 16, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Cross-Site Scripting

  • 7.5

    HIGH
    CVE-2026-24773

    The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, an Insecure Direct Object Reference (IDOR) vulnerability allows unauthenticated remote attackers to access personal files of other user... Read more

    Affected Products : open_eclass_platform openeclass
    • Published: Feb. 03, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2026-24774

    The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, a business logic vulnerability allows authenticated students to improperly mark themselves as present in attendance activities, includi... Read more

    Affected Products : open_eclass_platform openeclass
    • Published: Feb. 03, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-15326

    Tanium addressed an improper access controls vulnerability in Patch.... Read more

    Affected Products : service_patch patch
    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 9.9

    CRITICAL
    CVE-2026-0863

    Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by... Read more

    Affected Products : n8n
    • Published: Jan. 18, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Injection

  • 4.9

    MEDIUM
    CVE-2025-15329

    Tanium addressed an information disclosure vulnerability in Threat Response.... Read more

    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Information Disclosure

  • 4.3

    MEDIUM
    CVE-2025-15335

    Tanium addressed an information disclosure vulnerability in Threat Response.... Read more

    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Information Disclosure

  • 4.3

    MEDIUM
    CVE-2025-15334

    Tanium addressed an information disclosure vulnerability in Threat Response.... Read more

    • Published: Feb. 05, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Information Disclosure
Showing 20 of 4867 Results