🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-26682 | High | 7.8 |
An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java compo…
|
⚡ Exploit ✅ Patch | Feb 26, 2026 |
| CVE-2026-3261 | High | 7.3 |
A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settin…
|
⚡ Exploit ✅ Patch | Feb 26, 2026 |
| CVE-2026-27638 | High | 7.1 |
Actual is a local-first personal finance tool. Prior to version 26.2.1, in multi-user mode (OpenID), the sync API endpoi…
|
⚡ Exploit ✅ Patch | Feb 26, 2026 |
| CVE-2026-28207 | Medium | 6.6 |
Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command inj…
|
⚡ Exploit | Feb 26, 2026 |
| CVE-2026-3262 | Medium | 6.3 |
A vulnerability has been found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected is…
|
⚡ Exploit | Feb 26, 2026 |
| CVE-2026-3263 | Medium | 6.3 |
A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this…
|
⚡ Exploit | Feb 26, 2026 |
| CVE-2026-28208 | Medium | 5.9 |
Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in `…
|
⚡ Exploit ✅ Patch | Feb 26, 2026 |
| CVE-2026-27963 | Medium | 4.8 |
Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting (XSS) vulnerability exists i…
|
⚡ Exploit ✅ Patch | Feb 26, 2026 |
| CVE-2026-27839 | Medium | 4.3 |
wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, three `nutritional_values`…
|
⚡ Exploit ✅ Patch | Feb 26, 2026 |
| CVE-2026-27835 | Medium | 4.3 |
wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, `RepetitionsConfigViewSet`…
|
⚡ Exploit ✅ Patch | Feb 26, 2026 |
| CVE-2026-27838 | Low | 3.1 |
wger is a free, open-source workout and fitness manager. Five routine detail action endpoints check a cache before calli…
|
⚡ Exploit ✅ Patch | Feb 26, 2026 |
| CVE-2026-20127 | Critical | 9.0 |
Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability — Cisco Catalyst SD-WAN Controller, for…
|
⚡ Exploit ✅ Patch | Feb 25, 2026 |
| CVE-2022-20775 | Critical | 9.0 |
Cisco SD-WAN Path Traversal Vulnerability — Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an…
|
⚡ Exploit ✅ Patch | Feb 25, 2026 |
| CVE-2026-22719 | High | 8.1 |
VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this is…
|
⚡ Exploit ✅ Patch | Feb 25, 2026 |
| CVE-2026-25108 | Critical | 9.0 |
Soliton Systems K.K FileZen OS Command Injection Vulnerability — Soliton Systems K.K FileZen contains an OS command inje…
|
⚡ Exploit ✅ Patch | Feb 24, 2026 |
| CVE-2026-2958 | High | 8.8 |
A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub_457C5C of the file /…
|
⚡ Exploit ✅ Patch | Feb 23, 2026 |
| CVE-2026-2959 | High | 8.8 |
A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of th…
|
⚡ Exploit ✅ Patch | Feb 23, 2026 |
| CVE-2026-2904 | High | 8.8 |
A vulnerability was determined in UTT HiPER 810G 1.7.7-171114. This affects the function strcpy of the file /goform/Conf…
|
⚡ Exploit ✅ Patch | Feb 22, 2026 |
| CVE-2026-2906 | High | 8.8 |
A security flaw has been discovered in Tenda HG9 300001138. Affected is an unknown function of the file /boaform/formSam…
|
⚡ Exploit ✅ Patch | Feb 22, 2026 |
| CVE-2026-2905 | High | 8.8 |
A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSet…
|
⚡ Exploit ✅ Patch | Feb 22, 2026 |