🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2025-58382 | High | 7.2 |
A vulnerability in the secure configuration of authentication and
management services in Brocade Fabric OS before Fabri…
|
✅ Patch | Feb 3, 2026 |
| CVE-2025-58383 | High | 7.2 |
A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind…
|
✅ Patch | Feb 3, 2026 |
| CVE-2026-0617 | High | 7.2 |
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-S…
|
✅ Patch | Feb 3, 2026 |
| CVE-2020-37081 | High | 7.1 |
Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calend…
|
✅ Patch | Feb 3, 2026 |
| CVE-2020-37105 | High | 7.1 |
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers…
|
✅ Patch | Feb 3, 2026 |
| CVE-2020-37108 | High | 7.1 |
PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of product_detail.php that allows r…
|
✅ Patch | Feb 3, 2026 |
| CVE-2026-1058 | High | 7.1 |
The Form Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via hidden field values in all versions…
|
✅ Patch | Feb 3, 2026 |
| CVE-2026-23515 | Critical | 9.9 |
Signal K Server is a server application that runs on a central hub in a boat. Prior to 1.5.0, a command injection vulner…
|
⚡ Exploit ✅ Patch | Feb 2, 2026 |
| CVE-2026-25134 | High | 8.8 |
Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5…
|
⚡ Exploit ✅ Patch | Feb 2, 2026 |
| CVE-2022-50975 | High | 8.8 |
An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the…
|
✅ Patch | Feb 2, 2026 |
| CVE-2024-5386 | High | 8.8 |
In lunary-ai/lunary version 1.2.2, an account hijacking vulnerability exists due to a password reset token leak. A user …
|
⚡ Exploit ✅ Patch | Feb 2, 2026 |
| CVE-2025-8587 | High | 8.6 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AKCE Software Tech…
|
✅ Patch | Feb 2, 2026 |
| CVE-2026-1530 | High | 8.1 |
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) atta…
|
✅ Patch | Feb 2, 2026 |
| CVE-2026-1531 | High | 8.1 |
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification…
|
✅ Patch | Feb 2, 2026 |
| CVE-2026-25221 | High | 8.1 |
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for …
|
⚡ Exploit ✅ Patch | Feb 2, 2026 |
| CVE-2026-22221 | High | 8.0 |
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent
authenticated
attack…
|
✅ Patch | Feb 2, 2026 |
| CVE-2026-22222 | High | 8.0 |
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent
authenticated
attack…
|
✅ Patch | Feb 2, 2026 |
| CVE-2026-22223 | High | 8.0 |
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent
authenticated
attack…
|
✅ Patch | Feb 2, 2026 |
| CVE-2026-0630 | High | 8.0 |
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent
authenticated
attack…
|
✅ Patch | Feb 2, 2026 |
| CVE-2026-0631 | High | 8.0 |
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows an adjacent
authenticated
att…
|
✅ Patch | Feb 2, 2026 |