🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2020-37211 | High | 7.5 |
SpotIM 2.2 contains a denial of service vulnerability that allows attackers to crash the application by inputting a larg…
|
⚡ Exploit ✅ Patch | Feb 11, 2026 |
| CVE-2020-37212 | High | 7.5 |
SpotMSN 2.4.6 contains a denial of service vulnerability in the registration name input field that allows attackers to c…
|
⚡ Exploit ✅ Patch | Feb 11, 2026 |
| CVE-2020-37213 | High | 7.5 |
TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sendi…
|
✅ Patch | Feb 11, 2026 |
| CVE-2020-37214 | High | 7.5 |
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by man…
|
✅ Patch | Feb 11, 2026 |
| CVE-2020-37215 | High | 7.5 |
MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the applica…
|
✅ Patch | Feb 11, 2026 |
| CVE-2026-25869 | High | 7.5 |
MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The app…
|
✅ Patch | Feb 11, 2026 |
| CVE-2025-57713 | High | 7.5 |
A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit th…
|
✅ Patch | Feb 11, 2026 |
| CVE-2025-14541 | High | 7.2 |
The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and includin…
|
✅ Patch | Feb 11, 2026 |
| CVE-2025-15440 | High | 7.2 |
The iONE360 configurator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Form Paramet…
|
✅ Patch | Feb 11, 2026 |
| CVE-2026-26158 | High | 7.0 |
A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction di…
|
✅ Patch | Feb 11, 2026 |
| CVE-2026-20617 | High | 7.0 |
A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe…
|
✅ Patch | Feb 11, 2026 |
| CVE-2026-26157 | High | 7.0 |
A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craf…
|
✅ Patch | Feb 11, 2026 |
| CVE-2026-21533 | Critical | 9.0 |
Microsoft Windows Improper Privilege Management Vulnerability — Microsoft Windows Remote Desktop Services contains an im…
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-21525 | Critical | 9.0 |
Microsoft Windows NULL Pointer Dereference Vulnerability — Microsoft Windows Remote Access Connection Manager contains a…
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-21519 | Critical | 9.0 |
Microsoft Windows Type Confusion Vulnerability — Microsoft Desktop Windows Manager contains a type confusion vulnerabili…
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-21514 | Critical | 9.0 |
Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability — Microsoft Office Word contains…
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-21513 | Critical | 9.0 |
Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability — Microsoft MSHTML Framework contains a protection…
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-21510 | Critical | 9.0 |
Microsoft Windows Shell Protection Mechanism Failure Vulnerability — Microsoft Windows Shell contains a protection mecha…
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-0652 | High | 8.8 |
On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters …
|
✅ Patch | Feb 10, 2026 |
| CVE-2025-7636 | High | 8.8 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ergosis Security S…
|
✅ Patch | Feb 10, 2026 |