Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.8

    LOW
    CVE-2025-0029

    Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Denial of Service

  • 6.9

    MEDIUM
    CVE-2025-29939

    Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentiality and... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 5.9

    MEDIUM
    CVE-2025-29948

    Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 1.8

    LOW
    CVE-2025-48509

    Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Memory Corruption

  • 4.0

    MEDIUM
    CVE-2025-48514

    Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 6.7

    MEDIUM
    CVE-2025-22849

    Incorrect default permissions for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_01.00.00.3584, CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged soft... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 6.7

    MEDIUM
    CVE-2025-36522

    Incorrect default permissions for some Intel(R) Chipset Software before version 10.1.20266.8668 or later. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high comp... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 7.9

    HIGH
    CVE-2025-35998

    Missing protection mechanism for alternate hardware interface in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a ... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 6.8

    MEDIUM
    CVE-2025-32735

    Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of ser... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Denial of Service

  • 5.7

    MEDIUM
    CVE-2025-35992

    Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of se... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Denial of Service

  • 2.9

    LOW
    CVE-2026-1762

    A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions.... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Path Traversal

  • 1.8

    LOW
    CVE-2021-26410

    Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosur... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Information Disclosure

  • 7.7

    HIGH
    CVE-2026-25506

    MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daemon) to leak cryptographic key material from process mem... Read more

    Affected Products : munge
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Memory Corruption

  • 6.9

    MEDIUM
    CVE-2026-2302

    Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.from_hash may allow for executing arbitrary Ruby code.... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Injection

  • 5.9

    MEDIUM
    CVE-2025-29952

    Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Memory Corruption

  • 5.4

    MEDIUM
    CVE-2025-48515

    Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Memory Corruption

  • 4.6

    MEDIUM
    CVE-2025-48517

    Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-52534

    Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity.... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Memory Corruption

  • 4.6

    MEDIUM
    CVE-2026-1763

    Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions.... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Misconfiguration

  • 8.7

    HIGH
    CVE-2026-25611

    A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server.... Read more

    Affected Products : mongodb
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Denial of Service
Showing 20 of 4605 Results