| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-3025 | ShuoRen Smart Heating Integrated Management Platform ExampleNodeService.asmx unrestricted upload | ShuoRen | Smart Heating Integrated Management Platform | High | 7.3 | 2026-02-23 20:02:07 | Deep Dive |
| CVE-2026-27579 | CollabPlatform : CORS Misconfiguration Allows Arbitrary Origin With Credentials Leading to Authenticated Account Data Exposure | karnop | realtime-collaboration-platform | High | 7.4 | 2026-02-21 10:22:16 | Deep Dive |
| CVE-2026-2821 | Fujian Smart Integrated Management Platform System XCamera.ashx sql injection | Fujian | Smart Integrated Management Platform System | High | 7.3 | 2026-02-20 02:32:07 | Deep Dive |
| CVE-2026-2820 | Fujian Smart Integrated Management Platform System XAccessPermissionPlus.ashx sql injection | Fujian | Smart Integrated Management Platform System | High | 7.3 | 2026-02-20 02:02:08 | Deep Dive |
| CVE-2026-2243 | Qemu-kvm: heap buffer out-of-bounds read in vmdk compressed grain parsing | - | - | Medium | 5.1 | 2026-02-19 17:47:01 | Deep Dive |
| CVE-2026-2733 | Org.keycloak/keycloak-services: keycloak: missing check on disabled client for docker registry protocol | Red Hat | Red Hat build of Keycloak 26.4 | Low | 3.8 | 2026-02-19 07:48:09 | Deep Dive |
| CVE-2026-2669 | Rongzhitong Visual Integrated Command and Dispatch Platform User delete access control | Rongzhitong | Visual Integrated Command and Dispatch Platform | Medium | 6.5 | 2026-02-18 21:02:07 | Deep Dive |
| CVE-2026-0665 | Qemu-kvm: heap off-by-one in kvm xen physdevop_map_pirq | - | - | Medium | 6.5 | 2026-02-18 20:50:04 | Deep Dive |
| CVE-2025-8860 | Qemu-kvm: uefi-vars: information disclosure vulnerability in uefi_vars_write callback | - | - | Low | 3.3 | 2026-02-18 20:49:06 | Deep Dive |
| CVE-2025-14876 | Qemu-kvm: unbounded allocation in virtio-crypto | - | - | Medium | 5.5 | 2026-02-18 20:47:54 | Deep Dive |
| CVE-2026-2668 | Rongzhitong Visual Integrated Command and Dispatch Platform User add access control | Rongzhitong | Visual Integrated Command and Dispatch Platform | High | 7.3 | 2026-02-18 20:32:09 | Deep Dive |
| CVE-2026-2667 | Rongzhitong Visual Integrated Command and Dispatch Platform api access control | Rongzhitong | Visual Integrated Command and Dispatch Platform | Medium | 5.3 | 2026-02-18 20:32:07 | Deep Dive |
| CVE-2025-1272 | Kernel: secure boot does not automatically enable kernel lockdown | Fedora Project | Fedora Linux | High | 7.7 | 2026-02-18 20:29:15 | Deep Dive |
| CVE-2026-20139 | Client-Side Denial of Service (DoS) through ''/splunkd/__raw/services/authentication/users/username'' REST API endpoint in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 4.3 | 2026-02-18 16:45:32 | Deep Dive |
| CVE-2026-20144 | Sensitive Information Disclosure in ''_internal'' index in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 6.8 | 2026-02-18 16:45:24 | Deep Dive |
| CVE-2026-20137 | Risky Commands Safeguards Bypass through preloaded Data Models due to Path Traversal vulnerability in Splunk Enterprise | Splunk | Splunk Enterprise | Low | 3.5 | 2026-02-18 16:45:18 | Deep Dive |
| CVE-2025-14340 | Admin Account Takeover via malicious URL payload | Payara Platform | Payara Server | - | - | 2026-02-18 13:39:11 | Deep Dive |
| CVE-2025-33135 | IBM Financial Transaction Manager for ACH Services and Check Services is impacted by multiple vulnerabilities | IBM | Financial Transaction Manager for ACH Services and Check Services for Multi-Platform | Medium | 6.1 | 2026-02-17 21:37:06 | Deep Dive |
| CVE-2026-2247 | SQL Injection in Clickedu's SaaS platform | Clickedu | SaaS platform | - | - | 2026-02-17 11:35:50 | Deep Dive |
| CVE-2026-26000 | XWiki Platform affected by click-jacking through CSS injection in comments | xwiki | xwiki-platform | - | - | 2026-02-12 20:30:07 | Deep Dive |