🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-21514 | Critical | 9.0 |
Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability — Microsoft Office Word contains…
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-21519 | Critical | 9.0 |
Microsoft Windows Type Confusion Vulnerability — Microsoft Desktop Windows Manager contains a type confusion vulnerabili…
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-21525 | Critical | 9.0 |
Microsoft Windows NULL Pointer Dereference Vulnerability — Microsoft Windows Remote Access Connection Manager contains a…
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-21533 | Critical | 9.0 |
Microsoft Windows Improper Privilege Management Vulnerability — Microsoft Windows Remote Desktop Services contains an im…
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-0652 | High | 8.8 |
On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters …
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-2094 | High | 8.8 |
Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbi…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-2097 | High | 8.8 |
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to u…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21256 | High | 8.8 |
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio …
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21516 | High | 8.8 |
Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthor…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21537 | High | 8.8 |
Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacke…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-23687 | High | 8.8 |
SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtai…
|
✅ Patch | Feb 10, 2026 |
| CVE-2025-7347 | High | 8.8 |
Authorization Bypass Through User-Controlled Key vulnerability in Dinibh Puzzle Software Solutions Dinibh Patrol Trackin…
|
✅ Patch | Feb 10, 2026 |
| CVE-2025-7636 | High | 8.8 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ergosis Security S…
|
✅ Patch | Feb 10, 2026 |
| CVE-2025-6967 | High | 8.7 |
Execution After Redirect (EAR) vulnerability in Sarman Soft Software and Technology Services Industry and Trade Ltd. Co.…
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-1603 | High | 8.6 |
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to …
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21228 | High | 8.1 |
Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network.
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-25646 | High | 8.1 |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) …
|
⚡ Exploit ✅ Patch | Feb 10, 2026 |
| CVE-2026-21229 | High | 8.0 |
Improper input validation in Power BI allows an authorized attacker to execute code over a network.
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-21257 | High | 8.0 |
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio …
|
✅ Patch | Feb 10, 2026 |
| CVE-2026-0651 | High | 7.8 |
On TP-Link Tapo C260 v1, path traversal is possible due to improper handling of specific GET request paths via https, al…
|
✅ Patch | Feb 10, 2026 |