🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-21537 | High | 8.8 |
Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacke…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-0652 | High | 8.8 |
On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters …
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21256 | High | 8.8 |
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio …
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-2094 | High | 8.8 |
Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbi…
|
✅ Patch | Feb 10, 2026 |
| CVE-2025-7347 | High | 8.8 |
Authorization Bypass Through User-Controlled Key vulnerability in Dinibh Puzzle Software Solutions Dinibh Patrol Trackin…
|
✅ Patch | Feb 10, 2026 |
| CVE-2025-7636 | High | 8.8 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ergosis Security S…
|
✅ Patch | Feb 10, 2026 |
| CVE-2025-6967 | High | 8.7 |
Execution After Redirect (EAR) vulnerability in Sarman Soft Software and Technology Services Industry and Trade Ltd. Co.…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-1603 | High | 8.6 |
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to …
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21228 | High | 8.1 |
Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network.
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-25646 | High | 8.1 |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) …
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-21229 | High | 8.0 |
Improper input validation in Power BI allows an authorized attacker to execute code over a network.
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21257 | High | 8.0 |
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio …
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21240 | High | 7.8 |
Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privilege…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21321 | High | 7.8 |
After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could resul…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21320 | High | 7.8 |
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary co…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21318 | High | 7.8 |
After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitr…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21312 | High | 7.8 |
Audition versions 25.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary c…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21323 | High | 7.8 |
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary co…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-0651 | High | 7.8 |
On TP-Link Tapo C260 v1, path traversal is possible due to improper handling of specific GET request paths via https, al…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21324 | High | 7.8 |
After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file,…
|
✅ Patch | Feb 10, 2026 |