Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.8 HIGH
CVE-2026-25037 — Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by configuring a maliciously c…

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Injection
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
7.5 HIGH
CVE-2026-24498 — EFM-Networks, Inc. IpTIME T5008, AX2004M, AX3000Q, AX6000M Authentication Bypass Exposure…

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. I…

ax2004m_firmware ax2004m t5008_firmware t5008 ax3000q_firmware ax3000q +2 more | Remote | Authentication
Feb 27, 2026 Mar 17, 2026
Feb 27, 2026
Mar 17, 2026
9.8 CRITICAL
CVE-2026-24497 — SimTech Systems, Inc. ThinkWise Stack-based Buffer Overflow Remote Code Inclusion

Stack-based Buffer Overflow vulnerability in SimTech Systems, Inc. ThinkWise allows Remote Code Inclusion.This issue affects ThinkWise: from 7 through 23.

thinkwise | Remote | Memory Corruption
Feb 27, 2026 Mar 17, 2026
Feb 27, 2026
Mar 17, 2026
8.8 HIGH
CVE-2026-24452 — Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by supplying a crafted templat…

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Injection
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
8.8 HIGH
CVE-2026-23702 — Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by sending malicious input inje…

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Injection
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
9.1 CRITICAL
CVE-2026-22877 — Copeland XWEB and XWEB Pro Path Traversal

An arbitrary file-read vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to read arbitrary files on the system, and potentially causing a denial-of-servi…

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Path Traversal
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
9.8 CRITICAL
CVE-2026-20797 — Copeland XWEB and XWEB Pro Stack-based Buffer Overflow

A stack based buffer overflow exists in an API route of XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to cause stack corruption and a termination of the program.

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Memory Corruption
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
8.8 HIGH
CVE-2026-20764 — Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by providing malicious input vi…

xweb_300d_pro_firmware xweb_300d_pro xweb_500d_pro_firmware xweb_500d_pro xweb_500b_pro_firmware xweb_500b_pro | Remote | Injection
Feb 27, 2026 Feb 27, 2026
Feb 27, 2026
Feb 27, 2026
Showing 20 of 5968 Results