CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-27966 Langflow has Remote Code Execution in CSV Agent 26.02.2026 9.8
CVE-2026-27969 Vitess users with backup storage access can write to arbitrary file paths on restore 26.02.2026 9.3
CVE-2026-27941 OpenLIT Vulnerable to Remote Code Execution and Secret Exposure via Misuse of `pull_request_target` in GitHub Actions Workflows 26.02.2026 10
CVE-2026-27804 Parse Server: Account takeover via JWT algorithm confusion in Google auth adapter 25.02.2026 9.3
CVE-2026-27613 CGI Parameter Injection (Bypass of STRICT_CGI_PARAMS and EscapeShellParam) 25.02.2026 10
CVE-2026-27498 n8n has Arbitrary Command Execution via File Write and Git Operations 25.02.2026 9
CVE-2026-27497 n8n has Potential Remote Code Execution via Merge Node 25.02.2026 9.4
CVE-2026-27577 n8n: Expression Sandbox Escape Leads to RCE 25.02.2026 9.4
CVE-2026-27493 n8n has Unauthenticated Expression Evaluation via Form Node 25.02.2026 9.5
CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner 25.02.2026 9.4
CVE-2026-27575 Vijkunja has Weak Password Policy Combined with Persistent Sessions After Password Change 25.02.2026 9.1
CVE-2026-0542 Remote Code Execution in ServiceNow AI Platform 25.02.2026 9.2
CVE-2026-24908 OpenEMR has SQL Injection in Patient API Sort Parameter 25.02.2026 10
CVE-2026-21902 Junos OS Evolved: PTX Series: A vulnerability allows a unauthenticated, network-based attacker to execute code as root 26.02.2026 9.3
CVE-2026-27739 Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline 25.02.2026 9.2
CVE-2026-20127 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability 26.02.2026 10
CVE-2026-20129 Cisco Catayst SD-WAN Authentication Bypass Vulnerability 26.02.2026 9.8
CVE-2026-27728 OneUptime: OS Command Injection in Probe NetworkPathMonitor via unsanitized destination in traceroute exec() 25.02.2026 10
CVE-2025-1242 Administrative Credentials Can Be Extracted Through Gardyn API Responses 25.02.2026 9.3
CVE-2026-27702 Budibase Vulnerable to Remote Code Execution via Unsafe eval() in View Filter Map Function (Budibase Cloud) 25.02.2026 9.9
CVE-2026-27699 Basic FTP has Path Traversal Vulnerability in its downloadToDir() method 25.02.2026 9.1
CVE-2026-2624 Authentication Bypass in ePati's Antikor NGFW 25.02.2026 9.8
CVE-2025-62878 Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern 26.02.2026 9.9
CVE-2026-25785 25.02.2026 9.3
CVE-2026-3179 A path traversal vulnerability was found in the FTP Backup on the ADM. 25.02.2026 9.2
CVE-2026-27597 @enclave-vm/core is vulnerable to Sandbox Escape 25.02.2026 10
CVE-2026-27637 FreeScout's Predictable Authentication Token Enables Account Takeover 25.02.2026 9.8
CVE-2026-27641 Flask-Reuploaded vulnerable to Remote Code Execution via Server-Side Template Injection 25.02.2026 9.8
CVE-2026-27743 SPIP referer_spam <= 1.2.1 Unauthenticated SQL Injection 25.02.2026 9.3
CVE-2026-27744 SPIP tickets < 4.3.3 Unauthenticated RCE 25.02.2026 9.3
CVE-2026-27595 Parse Dashboard has incomplete authentication on AI Agent endpoint 25.02.2026 9.9
CVE-2026-27608 Parse Dashboard Missing Authorization on Agent Endpoint 25.02.2026 9.3
CVE-2026-27614 Bugsink is vulnerable to Stored XSS via Pygments fallback in stacktrace rendering 25.02.2026 9.3
CVE-2026-27626 OliveTin vulnerable to OS Command Injection via `password` argument type and webhook JSON extraction bypasses shell safety checks 25.02.2026 10
CVE-2026-27822 Rust has Critical Stored XSS in Preview Modal, leading to Administrative Account Takeover 25.02.2026 9.1
CVE-2026-24849 OpenEMR Arbitrary File Read Vulnerability 25.02.2026 10
CVE-2026-27593 Statamic is vulnerable to account takeover via password reset link injection 24.02.2026 9.3
CVE-2026-21410 InSAT MasterSCADA BUK-TS SQL Injection 24.02.2026 9.3
CVE-2026-22553 InSAT MasterSCADA BUK-TS OS Command Injection 24.02.2026 9.3
CVE-2026-26341 Tattile Smart+ / Vega / Basic <= 1.181.5 Default Credentials 24.02.2026 9.3
CVE-2026-26222 DocLink .NET Remoting Unauthenticated Arbitrary File Read/Write RCE 24.02.2026 10
CVE-2026-27507 Binardat 10G08-0800GSM Network Switch Hard-coded Credentials 24.02.2026 9.3
CVE-2026-27515 Binardat 10G08-0800GSM Network Switch Predictable Session Identifiers 24.02.2026 9.3
CVE-2026-27584 ActualBudget server is Missing Authentication for SimpleFIN and Pluggy AI bank sync endpoints 24.02.2026 9.2
CVE-2026-27208 api-gateway-deploy Affected by Exploitable Command Injection via Unprivileged Root Execution 24.02.2026 9.2
CVE-2025-14577 PHP Function Injection in Slican NPC/IPL/IPM/IPU 24.02.2026 9.3
CVE-2025-11165 24.02.2026 9.4
CVE-2025-40541 SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability 26.02.2026 9.1
CVE-2025-40538 SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability 26.02.2026 9.1
CVE-2025-40539 SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability 26.02.2026 9.1
CVE-2025-40540 SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability 26.02.2026 9.1
CVE-2025-13942 26.02.2026 9.8
CVE-2026-26198 ormar is vulnerable to SQL Injection through aggregate functions min() and max() 24.02.2026 9.8
CVE-2026-23693 ElementsKit Elementor Addons < 3.7.9 Unauthenticated Mailchimp REST Endpoint 25.02.2026 9.3
CVE-2025-41002 SQL injection in Infoticketing 24.02.2026 9.3
CVE-2026-24494 SQL injection vulnerability in Order Up Online Ordering System 23.02.2026 9.8
CVE-2026-27574 OneUptime: node:vm sandbox escape in probe allows any project member to achieve RCE 24.02.2026 10
CVE-2026-27452 ASN.1 TypeScript Library: Decoding an INTEGER could leak the underlying ArrayBuffer 24.02.2026 9.2
CVE-2026-27471 ERP: Document access through endpoints due to missing validation 24.02.2026 9.3
CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse 25.02.2026 9.1
CVE-2026-27212 Swiper has a Prototype Pollution Vulnerability 24.02.2026 9.4
CVE-2026-27197 Sentry: Improper Authentication on SAML SSO process allows user identity linking 24.02.2026 9.1
CVE-2019-25441 thesystem 1.0 Command Injection via run_command endpoint 24.02.2026 9.3
CVE-2026-2635 MLflow Use of Default Password Authentication Bypass Vulnerability 24.02.2026 9.8
CVE-2026-27112 Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints 24.02.2026 9.4
CVE-2026-25896 fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names 23.02.2026 9.3
CVE-2021-35402 23.02.2026 10
CVE-2026-2333 Improper Neutralization of Special Elements used in a Command ('Command Injection') in Owl opds 20.02.2026 9.2
CVE-2026-25715 Jinan USR IOT Technology Limited (PUSR) USR-W610 Weak Password Requirements 20.02.2026 9.8
CVE-2026-21627 Extension - tassos.gr - SQL injection and Unauthenticated File Read in Novarain/Tassos Framework v4.10.14 – v6.0.37 for Joomla 23.02.2026 9.5
CVE-2025-10970 SQLi in Kolay Software's Talentics 20.02.2026 9.8
CVE-2026-26064 calibre: Path Traversal Vulnerability Enables Arbitrary File Write and Remote Code Execution 20.02.2026 9.3
CVE-2026-26065 calibre: Path Traversal can Lead to Arbitrary File Write and Potential Code Execution 20.02.2026 9.3
CVE-2026-26980 Ghost has a SQL Injection in its Content API 20.02.2026 9.4
CVE-2026-26988 LibreNMS: SQL Injection in ajax_table.php spreads through a covert data stream 20.02.2026 9.3
CVE-2025-30410 26.02.2026 9.8
CVE-2025-30411 26.02.2026 10
CVE-2025-30412 26.02.2026 10
CVE-2025-30416 26.02.2026 10

Latest Updates

CVE Title Updated Score
CVE-2025-56605 26.02.2026
CVE-2026-26228 VLC for Android < 3.7.0 Remote Access Path Traversal 26.02.2026
CVE-2026-28295 Gvfs: gvfs ftp backend: information disclosure via untrusted pasv responses 26.02.2026
CVE-2025-71057 26.02.2026
CVE-2026-26078 Discourse has authentication bypass vulnerability in the Patreon plugin webhook endpoint 26.02.2026 7.5
CVE-2026-26207 DIscourse's discourse-policy plugin lacks post access check 26.02.2026 5.4
CVE-2026-26265 Discourse has IDOR vulnerability in the directory items endpoint 26.02.2026 7.5
CVE-2026-28296 Gvfs: ftp gvfs backend: arbitrary ftp command injection via crlf sequences in file paths 26.02.2026
CVE-2026-26077 Discourse doesn't ensure webhooks require a token 26.02.2026 6.5
CVE-2026-3071 26.02.2026 8.4
CVE-2026-2244 Sensitive Data Exposure in Google Cloud Vertex AI Workbench 26.02.2026
CVE-2025-14343 Reflected XSS in Dokuzsoft Technology's E-Commerce Product 26.02.2026 7.6
CVE-2026-2677 Multiple vulnerabilities in A3factura software 26.02.2026
CVE-2026-2678 Multiple vulnerabilities in A3factura software 26.02.2026
CVE-2026-2679 Multiple vulnerabilities in A3factura software 26.02.2026
CVE-2026-2680 Multiple vulnerabilities in A3factura software 26.02.2026
CVE-2026-1198 SQL Injection in SIMPLE.ERP 26.02.2026
CVE-2025-64999 Cross-site scripting in HTML logs of Synthetic Monitoring test services 26.02.2026
CVE-2026-28083 WordPress Flatsome theme <= 3.20.1 - Cross Site Scripting (XSS) vulnerability 26.02.2026
CVE-2026-28131 WordPress Elementor Addon Elements plugin <= 1.14.4 - Sensitive Data Exposure vulnerability 26.02.2026
CVE-2026-28132 WordPress WooCommerce Photo Reviews plugin <= 1.4.4 - Content Injection vulnerability 26.02.2026
CVE-2026-28136 WordPress WP SMS plugin <= 6.9.12 - SQL Injection vulnerability 26.02.2026
CVE-2026-28138 WordPress uListing plugin <= 2.2.0 - PHP Object Injection vulnerability 26.02.2026
CVE-2026-1692 Missing origin validation in GraphicalData web service requests 26.02.2026
CVE-2026-1693 Use of vulnerable Resource Owner Password Credentials flow 26.02.2026
CVE-2026-1694 Server configuration details in HTTP headers 26.02.2026
CVE-2026-1695 XSS vulnerability upon unsuccessful authentication 26.02.2026
CVE-2026-1696 Missing security HTTP headers 26.02.2026
CVE-2026-1697 Use of unsecure cookies for GraphicalData web service and WebClient web app 26.02.2026
CVE-2026-1698 HTTP Host header vulnerability in WebClient and WebScheduler web apps 26.02.2026
CVE-2026-23703 26.02.2026
CVE-2026-25191 26.02.2026
CVE-2026-1311 Worry Proof Backup <= 0.2.4 - Authenticated (Subscriber+) Path Traversal via Backup Upload 26.02.2026 8.8
CVE-2026-1779 User Registration & Membership <= 5.1.2 - Authentication Bypass 26.02.2026 8.1
CVE-2026-23999 Fleet: Device lock PIN can be predicted if lock time is known 26.02.2026
CVE-2026-24004 Fleet: Unauthenticated Android device disenrollment vulnerability via Pub/Sub endpoint 26.02.2026
CVE-2026-25963 Fleet: Authorization Bypass in certificate template batch deletion for team administrators 26.02.2026
CVE-2026-27465 Fleet: Sensitive Google Calendar credentials disclosed to low-privileged users 26.02.2026
CVE-2026-27963 Audiobookshelf has Stored XSS in Tooltip.vue via Audiobook Metadata 26.02.2026 4.8
CVE-2026-27974 Audiobooksheld VUlnerable to Stored XSS in WrappingMarquee.js via Audiobook Metadata (Mobile App Audio Player) 26.02.2026 4.8
CVE-2026-27975 Ajenti has a potential Remote Code Execution 26.02.2026
CVE-2026-2356 User Registration & Membership <= 5.1.2 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion 26.02.2026 5.3
CVE-2026-1557 WP Responsive Images <= 1.0 - Unauthenticated Path Traversal to Arbitrary File Read via src 26.02.2026 7.5
CVE-2026-27942 fast-xml-parser has stack overflow in XMLBuilder with preserveOrder 26.02.2026
CVE-2026-27943 OpenEMR's Eye Exam View Trusts form_id Without Verifying Patient/Encounter Ownership 26.02.2026 6.5
CVE-2026-27948 Copyparty vulnerable to eflected cross-site scripting via setck parameter 26.02.2026 5.4
CVE-2026-27952 Agenta has Python Sandbox Escape, Leading to Remote Code Execution (RCE) 26.02.2026 8.8
CVE-2026-27954 LiveHelperChat has department-level authorization bypass in holdaction, blockuser, and transferchat endpoints 26.02.2026
CVE-2026-27959 Koa has Host Header Injection via `ctx.hostname` 26.02.2026 7.5
CVE-2026-27961 Agenta's Server-Side Template Injection (SSTI) via custom evaluator Jinja2 templates allows RCE 26.02.2026 8.8
CVE-2026-27965 Vitess users with backup storage access can gain unauthorized access to production deployment environments 26.02.2026
CVE-2026-27966 Langflow has Remote Code Execution in CSV Agent 26.02.2026 9.8
CVE-2026-27968 Packistry accepts expired access tokens 26.02.2026 4.3
CVE-2026-27969 Vitess users with backup storage access can write to arbitrary file paths on restore 26.02.2026
CVE-2026-27970 Angular i18n vulnerable to Cross-Site Scripting (XSS) 26.02.2026
CVE-2026-27973 Audiobookshelf has Stored XSS in ItemSearchCard.vue via Audiobook Metadata (Search Results on Mobile App) 26.02.2026 4
CVE-2026-2029 Livemesh Addons for Beaver Builder <= 3.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' and 'value' Shortcode Attributes 26.02.2026 6.4
CVE-2026-2489 TP2WP Importer <= 1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Watched domains' Textarea 26.02.2026 4.4
CVE-2026-2498 WP Social Meta <= 1.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Settings 26.02.2026 4.4
CVE-2026-2499 Custom Logo <= 2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via Logo Path Setting 26.02.2026 4.4
CVE-2026-2506 EM Cost Calculator <= 2.3.1 - Unauthenticated Stored Cross-Site Scripting via 'customer_name' 26.02.2026 6.1
CVE-2026-22728 sealed-secrets /v1/rotate can widen sealing scope to cluster-wide via attacker-controlled template annotations 26.02.2026 4.9
CVE-2026-27887 Spin has memory leaks in various WIT interfaces 26.02.2026
CVE-2026-27899 WireGuard Portal Vulnerable to Privilege Escalation to Admin via User Self-Update 26.02.2026 8.8
CVE-2026-27900 Terraform Provider Debug Logs Vulnerable to Sensitive Information Exposure 26.02.2026 5
CVE-2026-27901 Svelte vulnerable to XSS during SSR with contenteditable `bind:innerText` and `bind:textContent` 26.02.2026
CVE-2026-27902 Svelte Vulnerable to XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers 26.02.2026
CVE-2026-27903 minimatch has a ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments 26.02.2026 7.5
CVE-2026-27904 minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions 26.02.2026 7.5
CVE-2026-27938 WPGraphQL Repo Vulnerable to Command Injection via Unsanitized GitHub Actions Expression in Release Workflow 26.02.2026 7.7
CVE-2026-27941 OpenLIT Vulnerable to Remote Code Execution and Secret Exposure via Misuse of `pull_request_target` in GitHub Actions Workflows 26.02.2026 10
CVE-2026-27829 Astro is vulnerable to SSRF due to missing allowlist enforcement in remote image inferSize 26.02.2026 6.5
CVE-2026-27830 c3p0 vulnerable to Remote Code Execution via unsafe deserialization of userOverridesAsString property 26.02.2026
CVE-2026-27831 rldns Vulnerable to Heap-based Out-of-Bounds Read 26.02.2026 7.5
CVE-2026-27837 Dottie vulnerable to prototype pollution bypass via non-first path segments in set() and transform() 26.02.2026 6.3
CVE-2026-27840 ZITADEL's truncated opaque tokens are still valid 26.02.2026 4.3
CVE-2026-27884 NetExec vulnerable to arbitrary file write via path traversal in spider_plus module 26.02.2026 5.3
CVE-2026-27888 pypdf: Manipulated FlateDecode XFA streams can exhaust RAM 26.02.2026
CVE-2026-27896 MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity 26.02.2026
CVE-2026-27945 ZITADEL has potential SSRF via Actions 26.02.2026
CVE-2026-27946 ZITADEL Users Can Self-Verify Email/Phone via UpdateHumanUser API 26.02.2026
CVE-2026-26186 Fleet has a SQL injection via backtick escape in ORDER BY parameter 26.02.2026
CVE-2026-27809 psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps 26.02.2026
CVE-2026-27812 Sub2API Vulnerable to Password Reset Poisoning via Host Header Trust Issue, Leading to Account Takeover 26.02.2026
CVE-2026-27818 TerriaJS-Server has a domain validation bypass vulnerability in its proxy allowlist 26.02.2026
CVE-2026-27821 GPAC NHML Demuxer (dmx_nhml.c) Vulnerable to Stack Buffer Overflow 26.02.2026
CVE-2026-27735 mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries 25.02.2026
CVE-2026-27804 Parse Server: Account takeover via JWT algorithm confusion in Google auth adapter 25.02.2026
CVE-2026-27808 Mailpit is Vulnerable to Server-Side Request Forgery (SSRF) via Link Check API 25.02.2026 5.8
CVE-2026-27709 NanaZip .NET Single-File Manifest Parser Vulnerable to Out-of-Bounds Read via Unchecked RelativePathLength 25.02.2026
CVE-2026-27710 NanaZip .NET Single-File Parser Integer Underflow Leads to Unbounded Allocation (DoS) 25.02.2026
CVE-2026-27711 NanaZip UFS Archive Parser Memory Corruption via Unvalidated Directory Record Length 26.02.2026
CVE-2026-27967 Symlink Escape in Agent File Tools 25.02.2026 7.1
CVE-2026-27976 Zed Extension Sandbox Escape via Tar Symlink Following 25.02.2026 8.8
CVE-2026-27798 ImageMagick: Heap Buffer Over-read in WaveletDenoise when processing small images 25.02.2026 4
CVE-2026-27799 ImageMagick has a heap Buffer Over-read in its DJVU image format handler 25.02.2026 4
CVE-2026-27800 Zed has Zip Slip Path Traversal in Extension Archive Extraction 25.02.2026 7.4
CVE-2026-27630 TinyWeb vulnerable to Remote Denial of Service via Thread/Connection Exhaustion (Slowloris) 25.02.2026
CVE-2026-27633 TinyWeb has Unbounded Content-Length Memory Exhaustion (DoS) 25.02.2026
CVE-2026-27635 Manyfold vulnerable to OS command injection via ZIP filename in f3d render 25.02.2026 7.5
CVE-2026-27933 Manyfold vulnerable to session hijack via cookie leakage in proxy caches 25.02.2026 6.8
CVE-2026-27613 CGI Parameter Injection (Bypass of STRICT_CGI_PARAMS and EscapeShellParam) 25.02.2026
CVE-2026-3209 fosrl Pangolin Role verifyApiKeyRoleAccess access control 25.02.2026
CVE-2026-27498 n8n has Arbitrary Command Execution via File Write and Git Operations 25.02.2026
CVE-2026-27578 n8n Vulnerable to Stored XSS via Various Nodes 25.02.2026
CVE-2026-27497 n8n has Potential Remote Code Execution via Merge Node 25.02.2026
CVE-2026-27577 n8n: Expression Sandbox Escape Leads to RCE 25.02.2026
CVE-2026-27493 n8n has Unauthenticated Expression Evaluation via Form Node 25.02.2026
CVE-2026-27494 n8n has Arbitrary File Read via Python Code Node Sandbox Escape 25.02.2026
CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner 25.02.2026
CVE-2026-27148 Storybook Dev Server Vulnerable to WebSocket Hijacking 25.02.2026
CVE-2026-27575 Vijkunja has Weak Password Policy Combined with Persistent Sessions After Password Change 25.02.2026 9.1
CVE-2026-27616 Vikunja Vulnerable to Stored Cross-Site Scripting (XSS) via Unsanitized SVG Attachment Upload Leading to Token Exposure 25.02.2026 7.3
CVE-2026-27819 Vikunja has Path Traversal in CLI Restore 25.02.2026 7.2
CVE-2026-26985 LORIS vulnerable to path traversal in electrophysiology_browser 25.02.2026 8.1
CVE-2026-27116 Vikunja has Reflected HTML Injection via filter Parameter in Projects Module 25.02.2026 6.1
CVE-2026-2694 The Events Calendar <= 6.15.16 - Improper Authorization to Authenticated (Contributor+) Event/Organizer/Venue Update/Trash via REST API 25.02.2026 5.4
CVE-2026-26984 LORIS media module vulnerable to remote code execution 25.02.2026
CVE-2026-26986 FreeRDP has heap-use-after-free in rail_window_free 25.02.2026
CVE-2026-27950 FreeRDP heap-use-after-free in update_pointer_new(SDL): Fix Applied in the Wrong File 25.02.2026
CVE-2026-27951 FreeRDP has possible Integer overflow in Stream_EnsureCapacity 25.02.2026 5.3