🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-21385 | High | 7.8 |
Memory corruption while using alignments for memory allocation.
|
⚡ Exploit ✅ Patch | Mar 2, 2026 |
| CVE-2025-64427 | High | 7.1 |
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prio…
|
⚡ Exploit ✅ Patch | Mar 2, 2026 |
| CVE-2026-3275 | High | 8.8 |
A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromAddressNat of the file /goform/addre…
|
⚡ Exploit ✅ Patch | Feb 27, 2026 |
| CVE-2026-3274 | High | 8.8 |
A security flaw has been discovered in Tenda F453 1.0.0.3. Affected by this issue is the function frmL7ProtForm of the f…
|
⚡ Exploit ✅ Patch | Feb 27, 2026 |
| CVE-2026-28426 | High | 8.7 |
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS …
|
✅ Patch | Feb 27, 2026 |
| CVE-2025-69437 | High | 8.7 |
PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass …
|
✅ Patch | Feb 27, 2026 |
| CVE-2026-26861 | High | 8.3 |
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripting (XSS) via window.postMessage. The han…
|
✅ Patch | Feb 27, 2026 |
| CVE-2026-26862 | High | 8.3 |
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Site Scripting (XSS) via window.postMessag…
|
✅ Patch | Feb 27, 2026 |
| CVE-2026-2751 | High | 8.3 |
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web …
|
✅ Patch | Feb 27, 2026 |
| CVE-2026-0980 | High | 8.3 |
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An…
|
✅ Patch | Feb 27, 2026 |
| CVE-2019-25493 | High | 8.2 |
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database querie…
|
✅ Patch | Feb 27, 2026 |
| CVE-2019-25489 | High | 8.2 |
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries…
|
✅ Patch | Feb 27, 2026 |
| CVE-2019-25491 | High | 8.2 |
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database querie…
|
✅ Patch | Feb 27, 2026 |
| CVE-2019-25495 | High | 8.2 |
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database q…
|
✅ Patch | Feb 27, 2026 |
| CVE-2019-25497 | High | 8.2 |
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database q…
|
✅ Patch | Feb 27, 2026 |
| CVE-2019-25492 | High | 8.2 |
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database querie…
|
✅ Patch | Feb 27, 2026 |
| CVE-2019-25496 | High | 8.2 |
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database q…
|
✅ Patch | Feb 27, 2026 |
| CVE-2019-25490 | High | 8.2 |
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries…
|
✅ Patch | Feb 27, 2026 |
| CVE-2019-25494 | High | 8.2 |
Homey BNB V4 contains an SQL injection vulnerability in the administration panel login that allows unauthenticated attac…
|
✅ Patch | Feb 27, 2026 |
| CVE-2026-28272 | High | 8.1 |
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway…
|
✅ Patch | Feb 27, 2026 |