Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

0.3

LOW

CVE-2025-61647

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda0...

Affected Products :
Published: Feb. 03, 2026

Modified: Feb. 03, 2026
0.0

NONE

CVE-2025-61642

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/...

Affected Products : mediawiki
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Cross-Site Scripting
0.0

NONE

CVE-2025-61640

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/RclToOrFromWidget.Js. Th...

Affected Products : mediawiki
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Cross-Site Scripting
0.0

NONE

CVE-2025-67484

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1....

Affected Products : mediawiki
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Information Disclosure
9.8

CRITICAL

CVE-2026-22778

vLLM is an inference and serving engine for large language models (LLMs). From 0.8.3 to before 0.14.1, when an invalid image is sent to vLLM's multimodal endpoint, PIL throws an error. vLLM returns this error to the client, leaking a heap address. With th...

Affected Products : vllm
Published: Feb. 02, 2026

Modified: Feb. 03, 2026

Vuln Type: Information Disclosure
1.3

LOW

CVE-2025-61658

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from * before 1.43.4, 1.44.1....

Affected Products :
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Information Disclosure
8.2

HIGH

CVE-2026-1778

Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model is imported, incorrectly allowing for requests with invalid and self-signed certificates to su...

Affected Products :
Published: Feb. 02, 2026

Modified: Feb. 03, 2026

Vuln Type: Misconfiguration
0.0

NONE

CVE-2025-61651

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser/checkuser/checkUserHelper/buildUserEleme...

Affected Products :
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Cross-Site Scripting
0.0

NONE

CVE-2025-61657

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/stickyHeader.Js. This issue affects Ve...

Affected Products :
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Cross-Site Scripting
0.0

NONE

CVE-2025-67475

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php. This issue affec...

Affected Products : mediawiki
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Cross-Site Scripting
0.0

NONE

CVE-2025-11261

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Language/mediawiki.Language.Js. This ...

Affected Products : mediawiki
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Cross-Site Scripting
1.3

LOW

CVE-2025-67476

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter.Php. This issue affects MediaWiki: from * before 1.44.3, 1.45.1....

Affected Products : mediawiki
Published: Feb. 03, 2026

Modified: Feb. 03, 2026
7.5

HIGH

CVE-2025-8590

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Directory Indexing.This issue affects SKSPro: through 07012026....

Affected Products :
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Information Disclosure
7.6

HIGH

CVE-2025-7760

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ofisimo Web-Based Software Technologies Association Web Package Flora allows XSS Through HTTP Headers.This issue affects Association Web Package F...

Affected Products :
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Cross-Site Scripting
0.0

NONE

CVE-2025-67478

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1....

Affected Products :
Published: Feb. 03, 2026

Modified: Feb. 03, 2026
0.0

NONE

CVE-2025-67477

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js...

Affected Products : mediawiki
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Cross-Site Scripting
0.0

NONE

CVE-2025-67481

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. Thi...

Affected Products : mediawiki
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Cross-Site Scripting
8.5

HIGH

CVE-2019-25261

AnyDesk 5.4.0 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially inject malicious executables. Attackers can exploit the unquoted binary path to place malicious files in service ...

Affected Products : anydesk
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Misconfiguration
7.1

HIGH

CVE-2025-12773

A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of SANnav database password in the system audit logs. The vulnerability could allow a remote authenticated attacker with access ...

Affected Products : sannav brocade_sannav
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Information Disclosure
5.1

MEDIUM

CVE-2026-24449

For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information....

Affected Products : wrc-x1500gs-b_firmware wrc-x1500gsa-b_firmware
Published: Feb. 03, 2026

Modified: Feb. 03, 2026

Vuln Type: Authentication

Showing 20 of 5169 Results

Browse by Apps

Latest CVE Feed

0.3

0.0

0.0

0.0

9.8

1.3

8.2

0.0

0.0

0.0

0.0

1.3

7.5

7.6

0.0

0.0

0.0

8.5

7.1

5.1

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable