Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.8 HIGH
CVE-2026-24452 — Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by supplying a crafted templat…

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Injection
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
8.8 HIGH
CVE-2026-23702 — Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by sending malicious input inje…

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Injection
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
9.1 CRITICAL
CVE-2026-22877 — Copeland XWEB and XWEB Pro Path Traversal

An arbitrary file-read vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to read arbitrary files on the system, and potentially causing a denial-of-servi…

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Path Traversal
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
9.8 CRITICAL
CVE-2026-20797 — Copeland XWEB and XWEB Pro Stack-based Buffer Overflow

A stack based buffer overflow exists in an API route of XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to cause stack corruption and a termination of the program.

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Memory Corruption
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
8.8 HIGH
CVE-2026-20764 — Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by providing malicious input vi…

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Injection
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
Showing 20 of 5965 Results