Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.1 CRITICAL
CVE-2026-23552 — Apache Camel: Camel-Keycloak: Cross-Realm Token Acceptance Bypass in KeycloakSecurityPoli…

Cross-Realm Token Acceptance Bypass in KeycloakSecurityPolicy Apache Camel Keycloak component.  The Camel-Keycloak KeycloakSecurityPolicy does not validate the iss (issuer) claim of JWT tokens again…

camel | Remote | Authentication
Feb 23, 2026 Feb 26, 2026
Feb 23, 2026
Feb 26, 2026
8.8 HIGH
CVE-2026-2978 — FastApiAdmin Scheduled Task API controller.py upload_file_controller unrestricted upload

A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function upload_file_controller of the file /backend/app/api/v1/module_system/params/controller.py of the comp…

fastapi-admin fastapiadmin | Remote | Misconfiguration
Feb 23, 2026 Mar 05, 2026
Feb 23, 2026
Mar 05, 2026
8.8 HIGH
CVE-2026-2977 — FastApiAdmin Scheduled Task API controller.py upload_controller unrestricted upload

A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function upload_controller of the file /backend/app/api/v1/module_common/file/controller.py of the component S…

fastapi-admin fastapiadmin | Remote | Misconfiguration
Feb 23, 2026 Mar 05, 2026
Feb 23, 2026
Mar 05, 2026
8.3 HIGH
CVE-2026-1367 — SQL Injection

Zohocorp ManageEngine ADSelfService Plus versions 6522 and below are vulnerable to authenticated SQL Injection in the search report option.

manageengine_adselfservice_plus | Remote | Injection
Feb 23, 2026 Feb 23, 2026
Feb 23, 2026
Feb 23, 2026
6.5 MEDIUM
CVE-2026-2976 — FastApiAdmin Download Endpoint controller.py download_controller information disclosure

A weakness has been identified in FastApiAdmin up to 2.2.0. Affected by this issue is the function download_controller of the file /backend/app/api/v1/module_common/file/controller.py of the componen…

fastapi-admin fastapiadmin | Remote | Information Disclosure
Feb 23, 2026 Mar 05, 2026
Feb 23, 2026
Mar 05, 2026
5.5 MEDIUM
CVE-2026-2975 — FastApiAdmin Custom Documentation Endpoint init_app.py reset_api_docs information disclos…

A security flaw has been discovered in FastApiAdmin up to 2.2.0. Affected by this vulnerability is the function reset_api_docs of the file /backend/app/plugin/init_app.py of the component Custom Docu…

fastapi-admin fastapiadmin | Remote | Information Disclosure
Feb 23, 2026 Mar 05, 2026
Feb 23, 2026
Mar 05, 2026
2.5 LOW
CVE-2026-2974 — AliasVault App Backup aliasvault.xml backup

A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file shared_prefs/aliasvault.xml of the component Backup Handler. The mani…

aliasvault | Information Disclosure
Feb 23, 2026 Mar 12, 2026
Feb 23, 2026
Mar 12, 2026
5.4 MEDIUM
CVE-2026-2972 — a466350665 Smart-SSO Role Edit UserController.java save cross site scripting

A vulnerability was determined in a466350665 Smart-SSO up to 2.1.1. This affects the function Save of the file smart-sso-server/src/main/java/openjoe/smart/sso/server/controller/admin/UserController.…

smart-sso | Remote | Cross-Site Scripting
Feb 23, 2026 Feb 25, 2026
Feb 23, 2026
Feb 25, 2026
6.1 MEDIUM
CVE-2026-2971 — a466350665 Smart-SSO Login login.html cross site scripting

A vulnerability was found in a466350665 Smart-SSO up to 2.1.1. Affected by this issue is some unknown functionality of the file smart-sso-server/src/main/resources/templates/login.html of the compone…

smart-sso | Remote | Cross-Site Scripting
Feb 23, 2026 Feb 25, 2026
Feb 23, 2026
Feb 25, 2026
7.5 HIGH
CVE-2026-2970 — datapizza-labs datapizza-ai cache.py RedisCache deserialization

A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py. Suc…

datapizza_ai datapizza-ai | Information Disclosure
Feb 23, 2026 Mar 03, 2026
Feb 23, 2026
Mar 03, 2026
7.2 HIGH
CVE-2026-2969 — datapizza-labs datapizza-ai Jinja2 Template prompt.py ChatPromptTemplate special elements…

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Templa…

datapizza_ai datapizza-ai | Remote | Injection
Feb 23, 2026 Feb 24, 2026
Feb 23, 2026
Feb 24, 2026
Showing 20 of 5591 Results