🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-1198 | Medium | — |
SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input valid…
|
— | Feb 26, 2026 |
| CVE-2026-1241 | Medium | — |
The Pelco, Inc. Sarix Professional 3 Series Cameras are vulnerable to an authentication bypass issue in their web manage…
|
— | Feb 26, 2026 |
| CVE-2026-1692 | Medium | — |
A missing origin validation in WebSockets vulnerability affects the GraphicalData web services used by the WebVue, WebSc…
|
— | Feb 26, 2026 |
| CVE-2026-1693 | Medium | — |
The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVu…
|
— | Feb 26, 2026 |
| CVE-2026-1694 | Medium | — |
HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of t…
|
— | Feb 26, 2026 |
| CVE-2026-1695 | Medium | — |
An XSS vulnerability affects the OAuth web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of P…
|
— | Feb 26, 2026 |
| CVE-2026-1696 | Medium | — |
Some HTTP security headers are not properly set by the web server when sending responses to the client application.
|
— | Feb 26, 2026 |
| CVE-2026-1697 | Medium | — |
The Secure and SameSite attribute are missing in the GraphicalData web services and WebClient web app of PcVue in versio…
|
— | Feb 26, 2026 |
| CVE-2026-1698 | Medium | — |
A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 throu…
|
— | Feb 26, 2026 |
| CVE-2026-2244 | Medium | — |
A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid …
|
— | Feb 26, 2026 |
| CVE-2026-23939 | Medium | — |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in hexpm hexpm/hexpm ('Elix…
|
— | Feb 26, 2026 |
| CVE-2023-31364 | Medium | — |
Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtu…
|
— | Feb 26, 2026 |
| CVE-2025-11381 | Medium | — |
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
— | Feb 26, 2026 |
| CVE-2025-11382 | Medium | — |
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
— | Feb 26, 2026 |
| CVE-2025-11383 | Medium | — |
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
— | Feb 26, 2026 |
| CVE-2025-11384 | Medium | — |
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
— | Feb 26, 2026 |
| CVE-2022-20775 | Critical | 9.0 |
Cisco SD-WAN Path Traversal Vulnerability — Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an…
|
⚡ Exploit ✅ Patch | Feb 25, 2026 |
| CVE-2026-20127 | Critical | 9.0 |
Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability — Cisco Catalyst SD-WAN Controller, for…
|
⚡ Exploit ✅ Patch | Feb 25, 2026 |
| CVE-2026-22719 | High | 8.1 |
VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this is…
|
⚡ Exploit ✅ Patch | Feb 25, 2026 |
| CVE-2026-25108 | Critical | 9.0 |
Soliton Systems K.K FileZen OS Command Injection Vulnerability — Soliton Systems K.K FileZen contains an OS command inje…
|
⚡ Exploit ✅ Patch | Feb 24, 2026 |