🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-3302 | Medium | 4.3 |
A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown f…
|
⚡ Exploit | Feb 27, 2026 |
| CVE-2026-22877 | Low | 3.7 |
An arbitrary file-read vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling unauthenticated attackers to…
|
— | Feb 27, 2026 |
| CVE-2026-3284 | Low | 3.3 |
A vulnerability was found in libvips 8.19.0. Impacted is the function vips_extract_area_build of the file libvips/conver…
|
— | Feb 27, 2026 |
| CVE-2026-3293 | Low | 3.3 |
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner …
|
— | Feb 27, 2026 |
| CVE-2026-3285 | Low | 3.3 |
A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the function scan_string of the …
|
— | Feb 27, 2026 |
| CVE-2026-3283 | Low | 3.3 |
A vulnerability has been found in libvips 8.19.0. This issue affects the function vips_extract_band_build of the file li…
|
— | Feb 27, 2026 |
| CVE-2026-3282 | Low | 3.3 |
A flaw has been found in libvips 8.19.0. This vulnerability affects the function vips_unpremultiply_build of the file li…
|
— | Feb 27, 2026 |
| CVE-2025-12150 | Low | 3.1 |
A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the conf…
|
— | Feb 27, 2026 |
| CVE-2026-22717 | Low | 2.7 |
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administra…
|
— | Feb 27, 2026 |
| CVE-2026-21619 | Medium | — |
Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), …
|
— | Feb 27, 2026 |
| CVE-2026-2359 | Medium | — |
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allo…
|
— | Feb 27, 2026 |
| CVE-2018-25160 | Medium | — |
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code i…
|
— | Feb 27, 2026 |
| CVE-2026-2293 | Medium | — |
A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fas…
|
— | Feb 27, 2026 |
| CVE-2026-3304 | Medium | — |
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allo…
|
— | Feb 27, 2026 |
| CVE-2026-3277 | Medium | — |
The OpenID Connect (OIDC) authentication configuration in PowerShell
Universal before 2026.1.3 stores the OIDC client s…
|
— | Feb 27, 2026 |
| CVE-2026-2880 | Medium | — |
A vulnerability in @fastify/middie versions < 9.2.0 can result in authentication/authorization bypass when using path-sc…
|
— | Feb 27, 2026 |
| CVE-2025-15498 | Medium | — |
Pro3W CMS if vulnerable to SQL injection attacks. Improper neutralization of input provided into a login form allows an …
|
— | Feb 27, 2026 |
| CVE-2025-15509 | Medium | — |
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage.
|
— | Feb 27, 2026 |
| CVE-2025-15567 | Medium | — |
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure.
|
— | Feb 27, 2026 |
| CVE-2026-3223 | Medium | — |
Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer.
|
— | Feb 27, 2026 |