Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.3 CRITICAL
CVE-2026-27515 — Binardat 10G08-0800GSM Network Switch Predictable Session Identifiers

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session I…

10g08-0800gsm_firmware 10g08-0800gsm | Remote | Authentication
Feb 24, 2026 Feb 25, 2026
Feb 24, 2026
Feb 25, 2026
9.8 CRITICAL
CVE-2026-27507 — Binardat 10G08-0800GSM Network Switch Hard-coded Credentials

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows fu…

10g08-0800gsm_firmware 10g08-0800gsm | Remote | Authentication
Feb 24, 2026 Feb 25, 2026
Feb 24, 2026
Feb 25, 2026
8.8 HIGH
CVE-2026-23678 — Binardat 10G08-0800GSM Network Switch Traceroute CLI Command Injection

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerability in the traceroute diagnostic function of the affected device web management i…

10g08-0800gsm_firmware 10g08-0800gsm | Remote | Injection
Feb 24, 2026 Feb 25, 2026
Feb 24, 2026
Feb 25, 2026
9.8 CRITICAL
CVE-2025-69985 — FUXA JWT Referer Header Bypass RCE

FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trus…

fuxa | Remote | Authentication
Feb 24, 2026 Feb 26, 2026
Feb 24, 2026
Feb 26, 2026
8.8 HIGH
CVE-2025-63409 — GCOM EPON 1GE C00R371V00B01 Privilege Escalation and Improper Access Control Vulnerability

Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials.

gcom_epon_1ge_firmware gcom_epon_1ge | Remote | Authorization
Feb 24, 2026 Feb 26, 2026
Feb 24, 2026
Feb 26, 2026
5.7 MEDIUM
CVE-2025-47904 — Unsigned upgrade package

Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.

timeprovider_4100_firmware timeprovider_4100 | Supply Chain
Feb 24, 2026 Mar 03, 2026
Feb 24, 2026
Mar 03, 2026
Showing 20 of 6006 Results