🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-24844 | High | 7.9 |
melange allows users to build apk packages using declarative pipelines. From version 0.3.0 to before 0.40.3, an attacker…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-0536 | High | 7.8 |
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerabil…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-0537 | High | 7.8 |
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A mal…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-0538 | High | 7.8 |
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A …
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-0659 | High | 7.8 |
A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bo…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-0660 | High | 7.8 |
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerabil…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-0661 | High | 7.8 |
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A mal…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-0662 | High | 7.8 |
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitra…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-20979 | High | 7.8 |
Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary act…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-20983 | High | 7.8 |
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attacke…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-25143 | High | 7.8 |
melange allows users to build apk packages using declarative pipelines. From version 0.10.0 to before 0.40.3, an attacke…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-25157 | High | 7.7 |
OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the …
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-20119 | High | 7.5 |
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco Roo…
|
✅ Patch | Feb 4, 2026 |
| CVE-2026-25499 | High | 7.5 |
Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configur…
|
⚡ Exploit ✅ Patch | Feb 4, 2026 |
| CVE-2026-25537 | High | 7.5 |
jsonwebtoken is a JWT lib in rust. Prior to version 10.3.0, there is a Type Confusion vulnerability in jsonwebtoken, spe…
|
⚡ Exploit ✅ Patch | Feb 4, 2026 |
| CVE-2026-25541 | High | 7.5 |
Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer o…
|
⚡ Exploit ✅ Patch | Feb 4, 2026 |
| CVE-2026-25575 | High | 7.5 |
NavigaTUM is a website and API to search for rooms, buildings and other places. Prior to commit 86f34c7, there is a path…
|
⚡ Exploit ✅ Patch | Feb 4, 2026 |
| CVE-2025-15268 | High | 7.5 |
The Infility Global plugin for WordPress is vulnerable to unauthenticated SQL Injection via the 'infility_get_data' API …
|
✅ Patch | Feb 4, 2026 |
| CVE-2025-15285 | High | 7.5 |
The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capa…
|
✅ Patch | Feb 4, 2026 |
| CVE-2025-15555 | High | 7.3 |
A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hss_ogs_diam_…
|
⚡ Exploit ✅ Patch | Feb 4, 2026 |