🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-1696 | Medium | — |
Some HTTP security headers are not properly set by the web server when sending responses to the client application.
|
— | Feb 26, 2026 |
| CVE-2026-1697 | Medium | — |
The Secure and SameSite attribute are missing in the GraphicalData web services and WebClient web app of PcVue in versio…
|
— | Feb 26, 2026 |
| CVE-2026-1698 | Medium | — |
A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 throu…
|
— | Feb 26, 2026 |
| CVE-2026-2244 | Medium | — |
A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid …
|
— | Feb 26, 2026 |
| CVE-2026-23939 | Medium | — |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in hexpm hexpm/hexpm ('Elix…
|
— | Feb 26, 2026 |
| CVE-2026-2930 | Medium | 6.3 |
A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the…
|
— | Feb 22, 2026 |
| CVE-2026-2945 | Medium | 6.3 |
A weakness has been identified in JeecgBoot 3.9.0. Affected by this vulnerability is an unknown functionality of the fil…
|
— | Feb 22, 2026 |
| CVE-2026-2954 | Medium | 6.3 |
A vulnerability was found in Dromara UJCMS 10.0.2. Impacted is the function importChanel of the file /api/backend/ext/im…
|
— | Feb 22, 2026 |
| CVE-2026-2956 | Medium | 6.3 |
A security flaw has been discovered in qinming99 dst-admin up to 1.5.0. This affects the function revertBackup of the fi…
|
⚡ Exploit | Feb 22, 2026 |
| CVE-2026-2898 | Medium | 5.5 |
A vulnerability was detected in funadmin up to 7.1.0-rc4. This issue affects the function getMember of the file app/comm…
|
⚡ Exploit | Feb 22, 2026 |
| CVE-2026-2953 | Medium | 5.4 |
A vulnerability has been found in Dromara UJCMS 101.2. This issue affects the function deleteDirectory of the file WebFi…
|
⚡ Exploit | Feb 22, 2026 |
| CVE-2026-2957 | Medium | 5.4 |
A weakness has been identified in qinming99 dst-admin up to 1.5.0. This impacts the function deleteBackup of the file sr…
|
⚡ Exploit | Feb 22, 2026 |
| CVE-2026-2385 | Medium | 5.3 |
The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for Wor…
|
— | Feb 22, 2026 |
| CVE-2026-1369 | Medium | 4.3 |
The Conditional CAPTCHA WordPress plugin through 4.0.0 does not validate a parameter before redirecting the user to its …
|
— | Feb 22, 2026 |
| CVE-2026-2943 | Medium | 4.3 |
A vulnerability was identified in SapneshNaik Student Management System up to f4b4f0928f0b5551a28ee81ae7e7fe47d9345318. …
|
— | Feb 22, 2026 |
| CVE-2025-14339 | Medium | 6.5 |
The weMail - Email Marketing, Lead Generation, Optin Forms, Email Newsletters, A/B Testing, and Automation plugin for Wo…
|
— | Feb 21, 2026 |
| CVE-2026-27469 | Medium | 6.1 |
Isso is a lightweight commenting server written in Python and JavaScript. In commits before 0afbfe0691ee237963e8fb0b2ee0…
|
— | Feb 21, 2026 |
| CVE-2026-27482 | Medium | 5.9 |
Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-origin POST/PUT but d…
|
⚡ Exploit ✅ Patch | Feb 21, 2026 |
| CVE-2026-2864 | Medium | 5.4 |
A vulnerability has been found in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07…
|
— | Feb 21, 2026 |
| CVE-2026-27480 | Medium | 5.3 |
Static Web Server (SWS) is a production-ready web server suitable for static web files or assets. In versions 2.1.0 thro…
|
⚡ Exploit ✅ Patch | Feb 21, 2026 |