🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-2677 | Medium | 6.1 |
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', in 'a3factura-app.wolterskluwer…
|
— | Feb 26, 2026 |
| CVE-2026-2678 | Medium | 6.1 |
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', parameter 'name', in 'a3factura…
|
— | Feb 26, 2026 |
| CVE-2026-2679 | Medium | 6.1 |
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in 'a3factura-app.wolte…
|
— | Feb 26, 2026 |
| CVE-2026-2680 | Medium | 6.1 |
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.…
|
— | Feb 26, 2026 |
| CVE-2026-27154 | Medium | 6.1 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, a user full name c…
|
— | Feb 26, 2026 |
| CVE-2026-22715 | Medium | 5.9 |
VMWare Workstation and Fusion contain a logic flaw in the management of network packets.
Known attack vectors: A malic…
|
— | Feb 26, 2026 |
| CVE-2026-28208 | Medium | 5.9 |
Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in `…
|
⚡ Exploit ✅ Patch | Feb 26, 2026 |
| CVE-2026-26932 | Medium | 5.7 |
Improper Validation of Array Index (CWE-129) in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service …
|
— | Feb 26, 2026 |
| CVE-2026-23999 | Medium | 5.5 |
Fleet is open source device management software. In versions prior to 4.80.1, Fleet generated device lock and wipe PINs …
|
— | Feb 26, 2026 |
| CVE-2026-26207 | Medium | 5.4 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, `discourse-policy`…
|
— | Feb 26, 2026 |
| CVE-2026-28218 | Medium | 5.4 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, fail-open access c…
|
— | Feb 26, 2026 |
| CVE-2025-56605 | Medium | 5.4 |
A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of PuneethReddyHC Event M…
|
— | Feb 26, 2026 |
| CVE-2025-64999 | Medium | 5.4 |
Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker…
|
— | Feb 26, 2026 |
| CVE-2026-2356 | Medium | 5.3 |
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vuln…
|
— | Feb 26, 2026 |
| CVE-2026-24004 | Medium | 5.3 |
Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub…
|
— | Feb 26, 2026 |
| CVE-2026-27021 | Medium | 5.3 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoin…
|
— | Feb 26, 2026 |
| CVE-2026-28132 | Medium | 5.3 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Ph…
|
— | Feb 26, 2026 |
| CVE-2026-26228 | Medium | 4.9 |
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server rout…
|
— | Feb 26, 2026 |
| CVE-2026-26936 | Medium | 4.9 |
Inefficient Regular Expression Complexity (CWE-1333) in the AI Inference Anonymization Engine in Kibana can lead Denial …
|
— | Feb 26, 2026 |
| CVE-2026-27162 | Medium | 4.9 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, `posts_nearby` was…
|
— | Feb 26, 2026 |