🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-27500 | Medium | — |
Rejected reason: Further research determined the situation described is not a vulnerability.
|
— | Feb 27, 2026 |
| CVE-2026-27501 | Medium | — |
Rejected reason: Further research determined the situation described is not a vulnerability.
|
— | Feb 27, 2026 |
| CVE-2026-27573 | Medium | — |
Rejected reason: Further research determined the situation described is not a vulnerability.
|
— | Feb 27, 2026 |
| CVE-2026-27580 | Medium | — |
Rejected reason: Further research determined the situation described is not a vulnerability.
|
— | Feb 27, 2026 |
| CVE-2026-27581 | Medium | — |
Rejected reason: Further research determined the situation described is not a vulnerability.
|
— | Feb 27, 2026 |
| CVE-2026-27582 | Medium | — |
Rejected reason: Further research determined the situation described is not a vulnerability.
|
— | Feb 27, 2026 |
| CVE-2026-27583 | Medium | — |
Rejected reason: Further research determined the situation described is not a vulnerability.
|
— | Feb 27, 2026 |
| CVE-2026-27832 | Medium | — |
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, an…
|
— | Feb 27, 2026 |
| CVE-2026-27947 | Medium | — |
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.9, 25.0.87, an…
|
— | Feb 27, 2026 |
| CVE-2026-28231 | Medium | — |
pillow_heif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer o…
|
— | Feb 27, 2026 |
| CVE-2026-28288 | Medium | — |
Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify API to existing and non-exi…
|
— | Feb 27, 2026 |
| CVE-2026-2880 | Medium | — |
A vulnerability in @fastify/middie versions < 9.2.0 can result in authentication/authorization bypass when using path-sc…
|
— | Feb 27, 2026 |
| CVE-2026-3223 | Medium | — |
Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer.
|
— | Feb 27, 2026 |
| CVE-2026-3277 | Medium | — |
The OpenID Connect (OIDC) authentication configuration in PowerShell
Universal before 2026.1.3 stores the OIDC client s…
|
— | Feb 27, 2026 |
| CVE-2026-3304 | Medium | — |
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allo…
|
— | Feb 27, 2026 |
| CVE-2026-3327 | Medium | — |
Authenticated Iframe Injection in Dato CMS Web Previews plugin. This vulnerability permits a malicious authenticated use…
|
— | Feb 27, 2026 |
| CVE-2026-28207 | Medium | 6.6 |
Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command inj…
|
⚡ Exploit | Feb 26, 2026 |
| CVE-2026-25963 | Medium | 6.5 |
Fleet is open source device management software. In versions prior to 4.80.1, a broken authorization check in Fleet’s ce…
|
— | Feb 26, 2026 |
| CVE-2026-26077 | Medium | 6.5 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, several webhook en…
|
— | Feb 26, 2026 |
| CVE-2026-26934 | Medium | 6.5 |
Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an authenticated attacker with view-on…
|
— | Feb 26, 2026 |