🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-25793 | High | 8.1 |
Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates (which is n…
|
✅ Patch | Feb 6, 2026 |
| CVE-2019-25266 | High | 7.8 |
Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local at…
|
✅ Patch | Feb 6, 2026 |
| CVE-2019-25292 | High | 7.8 |
Alps HID Monitor Service 8.1.0.10 contains an unquoted service path vulnerability that allows local attackers to potenti…
|
✅ Patch | Feb 6, 2026 |
| CVE-2019-25293 | High | 7.8 |
BlueStacks App Player 2.4.44.62.57 contains an unquoted service path vulnerability in the BstHdLogRotatorSvc service tha…
|
✅ Patch | Feb 6, 2026 |
| CVE-2019-25302 | High | 7.8 |
Acer Launch Manager 6.1.7600.16385 contains an unquoted service path vulnerability in the DsiWMIService that allows loca…
|
✅ Patch | Feb 6, 2026 |
| CVE-2019-25304 | High | 7.8 |
SecurOS Enterprise 10.2 contains an unquoted service path vulnerability in the SecurosCtrlService that allows local user…
|
✅ Patch | Feb 6, 2026 |
| CVE-2019-25305 | High | 7.8 |
JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privi…
|
✅ Patch | Feb 6, 2026 |
| CVE-2026-21626 | High | 7.5 |
Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violatio…
|
✅ Patch | Feb 6, 2026 |
| CVE-2026-25556 | High | 7.5 |
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fz_fill_pixmap_from_display_list() when an e…
|
⚡ Exploit ✅ Patch | Feb 6, 2026 |
| CVE-2026-25650 | High | 7.5 |
MCP Salesforce Connector is a Model Context Protocol (MCP) server implementation for Salesforce integration. Prior to 0.…
|
✅ Patch | Feb 6, 2026 |
| CVE-2026-25724 | High | 7.5 |
Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configu…
|
✅ Patch | Feb 6, 2026 |
| CVE-2026-25751 | High | 7.5 |
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An information disclosure vulnerability in FUX…
|
✅ Patch | Feb 6, 2026 |
| CVE-2026-25758 | High | 7.5 |
Spree is an open source e-commerce solution built with Ruby on Rails. A critical IDOR vulnerability exists in Spree Comm…
|
⚡ Exploit ✅ Patch | Feb 6, 2026 |
| CVE-2019-25299 | High | 7.1 |
RimbaLinux AhadPOS 1.11 contains a SQL injection vulnerability in the 'alamatCustomer' parameter that allows attackers t…
|
✅ Patch | Feb 6, 2026 |
| CVE-2019-25300 | High | 7.1 |
thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries th…
|
✅ Patch | Feb 6, 2026 |
| CVE-2019-25303 | High | 7.1 |
TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate databas…
|
✅ Patch | Feb 6, 2026 |
| CVE-2026-2103 | High | 7.1 |
Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, da…
|
⚡ Exploit ✅ Patch | Feb 6, 2026 |
| CVE-2020-37117 | High | 8.8 |
jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated adm…
|
⚡ Exploit ✅ Patch | Feb 5, 2026 |
| CVE-2025-15557 | High | 8.8 |
An Improper Certificate Validation vulnerability in TP-Link Tapo H100 v1 and Tapo P100 v1 allows an on-path attacker on …
|
✅ Patch | Feb 5, 2026 |
| CVE-2025-13379 | High | 8.6 |
IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQ…
|
✅ Patch | Feb 5, 2026 |