Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.8 CRITICAL
CVE-2026-26705 — Sourcecodester Pharmacy Point of Sale System SQL Injection Vulnerability

sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/view_product.php.

pharmacy_point_of_sale_system | Remote | Injection
Mar 02, 2026 Mar 03, 2026
Mar 02, 2026
Mar 03, 2026
9.8 CRITICAL
CVE-2026-26704 — Sourcecodester Pharmacy Point of Sale System SQL Injection

sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/view_category.php.

pharmacy_point_of_sale_system | Remote | Injection
Mar 02, 2026 Mar 03, 2026
Mar 02, 2026
Mar 03, 2026
8.0 HIGH
CVE-2026-0655 — Path Traversal on TP-Link Deco BE25

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TP-Link Deco BE25 v1.0 (web modules) allows authenticated adjacent attacker to read arbitrary files or …

deco_be25_firmware deco_be25 | Path Traversal
Mar 02, 2026 Mar 06, 2026
Mar 02, 2026
Mar 06, 2026
8.5 HIGH
CVE-2026-0654 — Command injection on TP-Link Deco BE25

Improper input handling in the administration web interface on TP-Link Deco BE25 v1.0 allows crafted input to be executed as part of an OS command. An authenticated adjacent attacker may execute arb…

deco_be25_firmware deco_be25 | Injection
Mar 02, 2026 Mar 06, 2026
Mar 02, 2026
Mar 06, 2026
Showing 20 of 6244 Results