Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.8 HIGH
CVE-2026-28193 — JetBrains YouTrack Unvalidated Request Vulnerability

In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint

youtrack | Remote | Server-Side Request Forgery
Feb 25, 2026 Feb 26, 2026
Feb 25, 2026
Feb 26, 2026
9.8 CRITICAL
CVE-2026-2624 — Authentication Bypass in ePati's Antikor NGFW

Missing Authentication for Critical Function vulnerability in ePati Cyber ​​Security Technologies Inc. Antikor Next Generation Firewall (NGFW) allows Authentication Bypass.This issue affects Antikor …

antikor_next_generation_firewall | Remote | Authentication
Feb 25, 2026 Feb 26, 2026
Feb 25, 2026
Feb 26, 2026
2.6 LOW
CVE-2026-21725 — Authorization Bypass via TOCTOU in Grafana Datasource Deletion by Name

A time-of-create-to-time-of-use (TOCTOU) vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to…

grafana | Remote | Race Condition
Feb 25, 2026 Feb 27, 2026
Feb 25, 2026
Feb 27, 2026
9.1 CRITICAL
CVE-2026-0704 — Octopus Deploy File Traversal Vulnerability

In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to…

linux_kernel windows octopus_server | Remote | Path Traversal
Feb 25, 2026 Feb 27, 2026
Feb 25, 2026
Feb 27, 2026
6.5 MEDIUM
CVE-2026-3118 — Rhdh: graphql injection leading to platform-wide denial of service (dos) in rh developer …

A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user …

developer_hub | Remote | Injection
Feb 25, 2026 Feb 27, 2026
Feb 25, 2026
Feb 27, 2026
7.0 HIGH
CVE-2026-25701 — openSUSE sdbootutil Temporary File Insecure Directory Creation Vulnerability

An Insecure Temporary File vulnerability in openSUSE sdbootutil allows local users to pre-create a directory to achieve various effects like: * gain access to possible private information found in…

| Information Disclosure
Feb 25, 2026 Feb 25, 2026
Feb 25, 2026
Feb 25, 2026
Showing 20 of 6066 Results