Latest CVE Vulnerabilities

9.8 CRITICAL

CVE-2026-2624 — Authentication Bypass in ePati's Antikor NGFW

Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall (NGFW) allows Authentication Bypass.This issue affects Antikor …

antikor_next_generation_firewall | Remote | Authentication

Feb 25, 2026 Feb 26, 2026

Feb 25, 2026

Feb 26, 2026

2.6 LOW

CVE-2026-21725 — Authorization Bypass via TOCTOU in Grafana Datasource Deletion by Name

A time-of-create-to-time-of-use (TOCTOU) vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to…

grafana | Remote | Race Condition

Feb 25, 2026 Feb 27, 2026

Feb 25, 2026

Feb 27, 2026

9.1 CRITICAL

CVE-2026-0704 — Octopus Deploy File Traversal Vulnerability

In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to…

linux_kernel windows octopus_server | Remote | Path Traversal

Feb 25, 2026 Feb 27, 2026

Feb 25, 2026

Feb 27, 2026

6.5 MEDIUM

CVE-2026-3118 — Rhdh: graphql injection leading to platform-wide denial of service (dos) in rh developer …

A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user …

developer_hub | Remote | Injection

Feb 25, 2026 Feb 27, 2026

Feb 25, 2026

Feb 27, 2026

7.0 HIGH

CVE-2026-25701 — openSUSE sdbootutil Temporary File Insecure Directory Creation Vulnerability

An Insecure Temporary File vulnerability in openSUSE sdbootutil allows local users to pre-create a directory to achieve various effects like: * gain access to possible private information found in…

| Information Disclosure

Feb 25, 2026 Feb 25, 2026

Feb 25, 2026

5.5 MEDIUM

CVE-2026-26104 — Udisks: missing authorization check allows unprivileged users to back up luks headers via…

A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method re…

enterprise_linux udisks grub2 gix-date | Authorization

Feb 25, 2026 Mar 25, 2026

Feb 25, 2026

Mar 25, 2026

7.1 HIGH

CVE-2026-26103 — Udisks: missing authorization check allows unprivileged users to restore luks headers via…

A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unpriv…

enterprise_linux udisks grub2 gix-date | Authorization

Feb 25, 2026 Mar 25, 2026

Feb 25, 2026

Mar 25, 2026

3.8 LOW

CVE-2025-67860 — NeuVector scanner insecurely handles passwords as command arguments

A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credential…

| Information Disclosure

Feb 25, 2026 Feb 25, 2026

Feb 25, 2026

8.3 HIGH

CVE-2025-67601 — Rancher CLI skips TLS verification on Rancher CLI login command

A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert…

rancher rancher | Remote | Misconfiguration

Feb 25, 2026 Mar 03, 2026

Feb 25, 2026

Mar 03, 2026

9.9 CRITICAL

CVE-2025-62878 — Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern

A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended…

rancher | Remote | Path Traversal

Feb 25, 2026 Feb 25, 2026

Feb 25, 2026

Browse by Apps

Latest CVE Feed

Cookie Preferences