2026-02-20
2026-02-20 22:16Z
HIGH

CVE-2026-0797 — Gimp Gimp: ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-0797

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICO files. The issue results from the lack of proper validation of the length of user-supplied data prior to c CVSSv3.1 8.8 (HIGH)

CWECWE 120CWECWE 787CWECWE 122VNDGimpTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-02-20
2026-02-20 21:19Z
CRIT

CVE-2026-25896 — Naturalintelligence Fast-xml-parser: allows users to validate XML, parse XML to JS object, or build XML

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-25896

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. From 4.1.3to before 5.3.5, a dot (.) in a DOCTYPE entity name is treated as a regex wildcard during entity replacement, allowing an attacker to shadow built-in XML entities (<, >, &, ", ') with arbitrary values. This bypasses entity encoding and leads to XSS when parsed output is rendered. This vulnerability is fi CVSSv3.1 9.3 (CRITICAL)

CWECWE 79CWECWE 185VNDNaturalintelligenceTYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2026-02-20
2026-02-20 20:25Z
HIGH

CVE-2026-2472 — Stored: Cross-Site Scripting (XSS) in the _genai/_evals_visualization component of Google Cloud Vertex AI SDK

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-2472

Stored Cross-Site Scripting (XSS) in the _genai/_evals_visualization component of Google Cloud Vertex AI SDK (google-cloud-aiplatform) versions from 1.98.0 up to (but not including) 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim's Jupyter or Colab environment via injecting script escape sequences into model evaluation results or dataset JSON data. CVSSv3.1 8.1 (HIGH)

CWECWE 79VNDStoredTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-02-20
2026-02-20 17:25Z
HIGH

CVE-2026-2818 — A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-2818

A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only. CVSSv3.1 8.2 (HIGH)

CWECWE 22CWECWE 23TYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-02-20
2026-02-20 17:25Z
CRIT

CVE-2026-26725 — Edubusinesssolutions Print_shop_pro_webdesk: An issue in edu Business Solutions Print Shop Pro WebDesk v.18.34 (fixed in 19.76)

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-26725

An issue in edu Business Solutions Print Shop Pro WebDesk v.18.34 (fixed in 19.76) allows a remote attacker to escalate privileges via the AccessID parameter. CVSSv3.1 9.8 (CRITICAL) · EPSS 46th percentile

CWECWE 269VNDBusinessVNDEdubusinesssolutionsTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-02-20
2026-02-20 16:22Z
CRIT

CVE-2026-22384 — Deserialization: of Untrusted Data vulnerability in leafcolor Applay - Shortcodes applay-shortcodes allows Object Injection.This

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-22384

Deserialization of Untrusted Data vulnerability in leafcolor Applay - Shortcodes applay-shortcodes allows Object Injection.This issue affects Applay - Shortcodes: from n/a through <= 3.7. CVSSv3.1 9.8 (CRITICAL)

CWECWE 502TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-02-20
2026-02-20 16:22Z
HIGH

CVE-2026-22365 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-22365

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Soleng soleng allows PHP Local File Inclusion.This issue affects Soleng: from n/a through <= 1.0.5. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
728 × 90 / responsive · programmatic ad slot
2026-02-20
2026-02-20 16:22Z
HIGH

CVE-2025-69063 — Authorization: Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-69063

Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through <= 3.2.0. CVSSv3.1 8.6 (HIGH)

CWECWE 862TYPVulnerability
8.6
CVSS v3.1
93
Edit Score
2026-02-20
2026-02-20 16:22Z
HIGH

CVE-2025-68853 — Deserialization: of Untrusted Data vulnerability in Kleor Contact Manager contact-manager allows Object Injection.This issue

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68853

Deserialization of Untrusted Data vulnerability in Kleor Contact Manager contact-manager allows Object Injection.This issue affects Contact Manager: from n/a through <= 9.1.1. CVSSv3.1 8.8 (HIGH)

CWECWE 502TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-02-20
2026-02-20 16:22Z
HIGH

CVE-2025-68545 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68545

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through <= 1.2.14. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-02-20
2026-02-20 16:22Z
HIGH

CVE-2025-67977 — Authorization: Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-67977

Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through <= 1.0.8. CVSSv3.1 8.2 (HIGH)

CWECWE 862TYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-02-20
2026-02-20 16:00Z
HIGH

Using threat modeling and prompt injection to audit Comet

Trail of Bits·blog.trailofbits.com

Trail of Bits disclosed a pre-launch security audit of Perplexity's Comet AI-powered browser, demonstrating four prompt injection techniques that could extract private Gmail data by exploiting the browser's AI assistant. The vulnerabilities exploited the assistant's failure to treat external web content as untrusted input, allowing attackers to inject fake system messages, security mechanisms, and user requests. The findings led to five security recommendations for AI-integrated products, including ML-centered threat modeling, clear trust boundaries, systematic red-teaming, least-privilege capabilities, and input validation.

TACTA0001TACTA0006TACTA0009SRFBrowserSRFAiVNDPerplexityTYPResearchTYPWriteup
82
Edit Score
2026-02-20
2026-02-20 12:16Z
CRIT

CVE-2025-10970 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-10970

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kolay Software Inc. Talentics allows Blind SQL Injection. This issue affects Talentics: through 20022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. CVSSv3.1 9.8 (CRITICAL) · EPSS 15th percentile

CWECWE 89TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-02-20
2026-02-20 02:16Z
CRIT

CVE-2026-26980 — Ghost Ghost: Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-26980

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1. CVSSv3.1 9.4 (CRITICAL) · EPSS 97th percentile

CWECWE 89VNDGhostTYPVulnerability
9.4
CVSS v3.1
100
Edit Score
2026-02-19
2026-02-19 21:24Z
HIGH

CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad

Zero Day Initiative·thezdi.comCVE-2026-20841

CVE-2026-20841 is a command injection vulnerability in Windows Notepad's Markdown renderer that allows arbitrary code execution through maliciously crafted links in .md files. The flaw stems from insufficient validation of protocol URIs (file://, ms-appinstaller://) passed to ShellExecuteExW(), enabling remote attackers to execute arbitrary commands in the victim's security context via social engineering. Microsoft patched the vulnerability in February 2026.

SRFApplicationSRFOsTACTA0001TACTA0002VNDMicrosoftTYPWriteupTYPVulnerabilitySTGExecution
72
Edit Score
2026-02-19
2026-02-19 20:25Z
HIGH

CVE-2026-26318 — Systeminformation Systeminformation: Versions prior to 5.31.0 are vulnerable to command injection via unsanitized `locate` output in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-26318

systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are vulnerable to command injection via unsanitized `locate` output in `versions()`. Version 5.31.0 fixes the issue. CVSSv3.1 8.8 (HIGH)

CWECWE 78VNDSysteminformationTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-02-19
2026-02-19 20:25Z
HIGH

CVE-2026-26280 — Systeminformation Systeminformation: In versions prior to 5.30.8, a command injection vulnerability in the `wifiNetworks()` function allows

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-26280

systeminformation is a System and OS information library for node.js. In versions prior to 5.30.8, a command injection vulnerability in the `wifiNetworks()` function allows an attacker to execute arbitrary OS commands via an unsanitized network interface parameter in the retry code path. In `lib/wifi.js`, the `wifiNetworks()` function sanitizes the `iface` parameter on the initial call (line 437). However, when the initial scan returns empty results, a `setTimeout` retry (lin CVSSv3.1 8.4 (HIGH)

CWECWE 78VNDSysteminformationTYPVulnerability
8.4
CVSS v3.1
92
Edit Score
2026-02-19
2026-02-19 17:24Z
CRIT

CVE-2026-24834 — Katacontainers Kata_containers: In versions prior to 3.27.0, an issue in Kata with Cloud Hypervisor allows a

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-24834

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In versions prior to 3.27.0, an issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root in said VM. The current understanding is this doesn’t impact the security of the Host or of other containers / VMs running on CVSSv3.1 9.3 (CRITICAL)

CWECWE 732CWECWE 281VNDKatacontainersVNDKataTYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2026-02-19
2026-02-19 17:00Z
HIGH

Mapping Deception Solutions With BloodHound OpenGraph  – Configuration Manager

SpecterOps·specterops.io

SpecterOps published a comprehensive guide on implementing deception solutions within System Center Configuration Manager (SCCM) infrastructure using BloodHound OpenGraph. The research details three canary deception techniques: canary Network Access Accounts (NAA), fake PXE media, and poisoned SC_UserAccount database entries, designed to detect adversaries exploiting SCCM for lateral movement and credential theft. The methodology integrates ConfigManBearPig (SCCM collector) and deceptionClone (node modification) tools to map and visualize deception solutions within attack graphs.

SRFApplicationTACTA0006TACTA0007SRFIdentityVNDMicrosoftVNDSpecteropsTYPResearchTYPTechnique
78
Edit Score
2026-02-19
2026-02-19 16:27Z
HIGH

CVE-2026-25940 — Parall Jspdf: Prior to 4.2.0, user control of properties and methods of the Acroform module allows

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-25940

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following property, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim hovers over the radio option. The vulnerability has been fixed in jsPDF@4.2.0. As a work CVSSv3.1 8.1 (HIGH)

CWECWE 116VNDParallTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-02-19
2026-02-19 15:16Z
HIGH

CVE-2026-25755 — Parall Jspdf: Prior to 4.2.0, user control of the argument of the `addJS` method allows an

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-25755

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the argument of the `addJS` method allows an attacker to inject arbitrary PDF objects into the generated document. By crafting a payload that escapes the JavaScript string delimiter, an attacker can execute malicious actions or alter the document structure, impacting any user who opens the generated PDF. The vulnerability has been fixed in jspdf@4.2.0. As a workaround, escape parentheses in use CVSSv3.1 8.1 (HIGH)

CWECWE 94CWECWE 116VNDParallTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-02-19
2026-02-19 13:37Z
HIGH

CVE-2026-20817 — Windows Error Reporting ALPC Elevation of Privilege (CVE-2026-20817) - Proof-of-Concept exploit demonstrating local priv

GitHub · LPE exploits·github.comGITHUB POCCVE-2026-20817

Public PoC exploit for CVE-2026-20817, a Windows Error Reporting (WER) service ALPC privilege escalation affecting Windows 10, 11, Server 2019/2022 pre-January 2026. The vulnerability allows authenticated low-privilege users to execute arbitrary code as SYSTEM by sending malformed ALPC messages to the WER service with crafted shared memory payloads, exploiting insufficient validation in the SvcElevatedLaunch method.

SRFOsTACTA0004VNDMicrosoftTYPWriteupTYPExploitSTGPrivescTECT1548EXPPrivilege Escalation
78
Edit Score
2026-02-19
2026-02-19 12:16Z
CRIT

CVE-2025-9953 — Authorization: Bypass Through User-Controlled SQL Primary Key vulnerability in DATABASE Software Training Consulting Ltd.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-9953

Authorization Bypass Through User-Controlled SQL Primary Key vulnerability in DATABASE Software Training Consulting Ltd. Databank Accreditation Software allows SQL Injection. This issue affects Databank Accreditation Software: through 19022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. CVSSv3.1 9.8 (CRITICAL) · EPSS 4th percentile

CWECWE 566TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-02-19
2026-02-19 12:16Z
CRIT

CVE-2025-8350 — Execution: After Redirect (EAR), Missing Authentication for Critical Function vulnerability in Inrove Software and

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-8350

Execution After Redirect (EAR), Missing Authentication for Critical Function vulnerability in Inrove Software and Internet Services BiEticaret CMS allows Authentication Bypass, HTTP Response Splitting. This issue affects BiEticaret CMS: from 2.1.13 through 19022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. CVSSv3.1 9.8 (CRITICAL) · EPSS 15th percentile

CWECWE 306CWECWE 698VNDExecutionTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-02-19
2026-02-19 10:16Z
CRIT

CVE-2025-13590 — Wso2 Api_control_plane: A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-13590

A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location within the deployment via a system REST API. Successful uploads may lead to remote code execution. By leveraging the vulnerability, a malicious actor may perform Remote Code Execution by uploading a specially crafted payload. CVSSv3.1 9.1 (CRITICAL) · EPSS 47th percentile

CWECWE 434VNDWso2TYPVulnerability
9.1
CVSS v3.1
96
Edit Score