🔍 Daily CVE Report - 2026-02-23
High-Risk Vulnerabilities Collected from Multiple Sources
📊 Summary
Report Generated: 2026-02-23 13:01:13
220
Total Vulnerabilities
219
High Risk (CVSS > 7.0)
5
In CISA KEV
0
High EPSS (>0.10)
CVE-2026-2959
Critical
A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
d-link
CVE-2026-2958
Critical
A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub_457C5C of the file /boafrm/formWsc. Such manipulation of the argument save_apply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
d-link
CVE-2026-26930
High
SmarterTools SmarterMail before 9526 allows XSS via MAPI requests.
🛡️ CVSS: 7.2
🔄 Recently Updated
/vendors/:
smartertools
CVE-2025-59500
High
No description available
🛡️ CVSS: 7.7
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59503
Critical
No description available
🛡️ CVSS: 10.0
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59273
High
No description available
🛡️ CVSS: 7.3
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59286
Critical
No description available
🛡️ CVSS: 9.3
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-55321
Critical
No description available
🛡️ CVSS: 9.3
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59272
Critical
No description available
🛡️ CVSS: 9.3
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59271
High
No description available
🛡️ CVSS: 8.7
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59252
Critical
No description available
🛡️ CVSS: 9.3
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59247
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59246
Critical
No description available
🛡️ CVSS: 9.8
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59218
Critical
No description available
🛡️ CVSS: 9.6
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59287
Critical
No description available
🛡️ CVSS: 9.8
🇺🇸 CISA KEV
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2025-59278
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59275
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59230
High
No description available
🛡️ CVSS: 7.8
🇺🇸 CISA KEV
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59248
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2025-59241
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2025-59238
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59232
High
No description available
🛡️ CVSS: 7.1
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59227
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59226
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59225
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59224
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59223
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59222
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59213
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59210
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2025-59208
High
No description available
🛡️ CVSS: 7.1
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59192
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59191
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59189
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2025-59187
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-58726
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-58724
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-58720
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-58718
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-58714
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-55698
High
No description available
🛡️ CVSS: 7.7
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2025-55697
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2025-55696
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-55694
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2025-55693
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2025-55692
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-55680
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-55328
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2025-55326
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-55240
High
No description available
🛡️ CVSS: 7.3
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-53768
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-53139
High
No description available
🛡️ CVSS: 7.7
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-50175
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-53150
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-50152
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-25004
High
No description available
🛡️ CVSS: 7.3
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59502
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59494
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59295
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59292
High
No description available
🛡️ CVSS: 8.2
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59291
High
No description available
🛡️ CVSS: 8.2
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59290
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59281
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59277
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59255
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59254
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59250
High
No description available
🛡️ CVSS: 8.1
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-59249
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2025-59243
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-49708
Critical
No description available
🛡️ CVSS: 9.9
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59242
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59237
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2025-59236
High
No description available
🛡️ CVSS: 8.4
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59235
High
No description available
🛡️ CVSS: 7.1
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59234
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59233
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59231
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2025-59228
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2025-59207
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59206
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2025-59201
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59200
High
No description available
🛡️ CVSS: 7.7
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-59199
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-58728
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-58722
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-58716
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-58715
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-55701
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-55687
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-55677
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2025-55339
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2025-55335
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2025-24052
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2025-24990
High
No description available
🛡️ CVSS: 7.8
🇺🇸 CISA KEV
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2025-55315
Critical
No description available
🛡️ CVSS: 9.9
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-55247
High
No description available
🛡️ CVSS: 7.3
🔄 Recently Updated
/vendors/:
microsoft
CVE-2025-53782
High
No description available
🛡️ CVSS: 8.4
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2025-48004
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2026-21509
High
No description available
🛡️ CVSS: 7.8
🇺🇸 CISA KEV
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-21264
Critical
No description available
🛡️ CVSS: 9.3
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-21521
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-21227
High
No description available
🛡️ CVSS: 8.2
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-24307
Critical
No description available
🛡️ CVSS: 9.3
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-24305
Critical
No description available
🛡️ CVSS: 9.3
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-21524
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-24306
Critical
No description available
🛡️ CVSS: 9.8
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-24304
Critical
No description available
🛡️ CVSS: 9.9
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-21520
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-21223
High
No description available
🛡️ CVSS: 7.1
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-21226
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-20941
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2026-20957
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-20952
High
No description available
🛡️ CVSS: 8.4
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-20950
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-20949
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-20948
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-20931
High
No description available
🛡️ CVSS: 8.0
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20929
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20874
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20873
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20871
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20870
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2026-20868
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20867
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20866
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20861
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20854
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2026-20853
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20849
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20848
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20843
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20960
High
No description available
🛡️ CVSS: 8.0
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-20947
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2026-21224
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-20963
High
No description available
🛡️ CVSS: 8.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2026-20956
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-20955
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-20953
High
No description available
🛡️ CVSS: 8.4
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-20951
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2026-20946
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-20944
High
No description available
🛡️ CVSS: 8.4
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2026-20940
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20938
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2026-20934
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20926
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20924
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20923
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20922
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20921
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20920
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2026-20919
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20918
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20877
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20875
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20865
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20864
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20860
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20859
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2026-20858
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20857
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20856
High
No description available
🛡️ CVSS: 8.1
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20852
High
No description available
🛡️ CVSS: 7.7
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20844
High
No description available
🛡️ CVSS: 7.4
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20840
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20837
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20832
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20831
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20826
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20822
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20820
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20817
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20816
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20811
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
CVE-2026-20810
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20809
High
No description available
🛡️ CVSS: 7.8
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20805
Medium
No description available
🛡️ CVSS: 5.5
🇺🇸 CISA KEV
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20804
High
No description available
🛡️ CVSS: 7.7
🔄 Recently Updated
/vendors/:
microsoft
arm64-based systems
x64-based systems
32-bit systems
CVE-2026-20965
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
CVE-2026-20803
High
No description available
🛡️ CVSS: 7.2
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
CVE-2026-0386
High
No description available
🛡️ CVSS: 7.5
🔄 Recently Updated
/vendors/:
microsoft
x64-based systems
32-bit systems
CVE-2019-25462
High
Web Ofisi Rent a Car v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'klima' parameter. Attackers can send GET requests to with malicious 'klima' values to extract sensitive database information or cause denial of service.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
web-ofisi
CVE-2019-25461
High
Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send POST requests to the ajax/productsFilterSearch endpoint with malicious 'q' values using time-based blind SQL injection techniques to extract sensitive database information.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
web-ofisi
CVE-2019-25460
High
Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' GET parameter. Attackers can send requests to the arama endpoint with malicious 'q' values using time-based SQL injection techniques to extract sensitive database information.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
web-ofisi
CVE-2019-25459
High
Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into parameters like emlak_durumu, emlak_tipi, il, ilce, kelime, and semt to extract sensitive database information or perform time-based blind SQL injection attacks.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
web-ofisi
CVE-2019-25458
High
Web Ofisi Firma Rehberi v1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. Attackers can send requests to with malicious payloads in the 'il', 'kat', or 'kelime' parameters to extract sensitive database information or perform time-based blind SQL injection attacks.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
web-ofisi
CVE-2019-25457
High
Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz[]' values using time-based blind SQL injection payloads to extract sensitive database information.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
web-ofisi
CVE-2019-25456
High
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or cause denial of service.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
web-ofisi
CVE-2019-25455
High
Web Ofisi E-Ticaret v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'a' parameter. Attackers can send GET requests to with malicious 'a' parameter values to extract sensitive database information.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
web-ofisi
CVE-2026-2952
High
A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/tree_server.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🛡️ CVSS: 7.5
🆕 New Entry
/vendors/:
n/a
CVE-2019-25391
High
Ashop Shopping Cart Software contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through the blacklistitemid parameter. Attackers can send POST requests to the admin/bannedcustomers.php endpoint with crafted SQL payloads using SLEEP functions to extract sensitive database information.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
ashopsoftware
CVE-2019-25366
High
microASP Portal+ CMS contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the explode_tree parameter. Attackers can send crafted requests to pagina.phtml with SQL injection payloads using extractvalue and concat functions to extract sensitive database information like the current database name.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
microasp
CVE-2019-25440
High
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prod_id parameter. Attackers can send GET requests to product_detail.php with malicious prod_id values to extract sensitive database information.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
webincorp
CVE-2019-25439
High
NoviSmart CMS contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the Referer HTTP header field. Attackers can craft requests with time-based SQL injection payloads in the Referer header to extract sensitive database information or cause denial of service.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
novismart
CVE-2019-25433
High
XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerar_pdf.php endpoint with malicious cid values to extract sensitive database information.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
xoops
CVE-2019-25452
High
Dolibarr ERP/CRM 10.0.1 contains an SQL injection vulnerability in the elemid POST parameter of the viewcat.php endpoint that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit crafted POST requests with malicious SQL payloads in the elemid parameter to extract sensitive database information using error-based or time-based blind SQL injection techniques.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
dolibarr
CVE-2019-25450
High
Dolibarr ERP/CRM 10.0.1 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through POST parameters. Attackers can inject malicious SQL through parameters like actioncode, demand_reason_id, and availability_id in card.php endpoints to extract sensitive database information using boolean-based blind, error-based, and time-based blind techniques.
🛡️ CVSS: 7.1
🆕 New Entry
/vendors/:
dolibarr
CVE-2019-25446
High
DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters. Attackers can send POST requests to /korisnikinfo.php with malicious SQL syntax in these parameters to extract or modify sensitive database information.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
digit-rs
CVE-2019-25443
High
Inventory Webapp contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. Attackers can supply malicious SQL payloads in the name, description, quantity, or cat_id parameters to add-item.php to execute arbitrary database commands.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
edlangley
CVE-2019-25442
High
Web Wiz Forums 12.01 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the PF parameter. Attackers can send GET requests to member_profile.asp with malicious PF values to extract sensitive database information.
🛡️ CVSS: 8.2
🆕 New Entry
/vendors/:
webwiz
CVE-2026-2944
High
A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handler. Performing a manipulation of the argument DevId results in os command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
🛡️ CVSS: 7.5
🆕 New Entry
/vendors/:
tosei
CVE-2026-2940
High
A vulnerability was determined in Zaher1307 tiny_web_server up to 8d77b1044a0ca3a5297d8726ac8aa2cf944d481b. This affects the function tiny_web_server/tiny.c of the file tiny_web_server/tiny.c of the component URL Handler. This manipulation causes out-of-bounds write. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.
🛡️ CVSS: 7.5
🆕 New Entry
/vendors/:
zaher1307
CVE-2026-1615
Critical
Versions of the package jsonpath from 0.0.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path expressions. The library relies on the static-eval module to process JSON Path input, which is not designed to handle untrusted data safely. An attacker can exploit this vulnerability by supplying a malicious JSON Path expression that, when evaluated, executes arbitrary JavaScript code, leading to Remote Code Execution in Node.js environments or Cross-site Scripting (XSS) in browser contexts. This affects all methods that evaluate JSON Paths against objects, including .query, .nodes, .paths, .value, .parent, and .apply.
🛡️ CVSS: 9.2
🔄 Recently Updated
/vendors/:
n/a
CVE-2026-2938
High
A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/update_smtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
🛡️ CVSS: 7.5
🆕 New Entry
/vendors/:
sourcecodester
CVE-2026-2935
High
A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. This issue affects the function strcpy of the file /goform/ConfigExceptMSN. Executing a manipulation of the argument remark can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
🛡️ CVSS: 8.3
🆕 New Entry
/vendors/:
utt
CVE-2026-2871
Critical
A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of the file /goform/SetIpMacBind. This manipulation of the argument list causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks.
🛡️ CVSS: 9.0
🔄 Recently Updated
/vendors/:
tenda
CVE-2026-2883
Critical
A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_427D74 of the file /boafrm/formIpQoS. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
🛡️ CVSS: 9.0
🔄 Recently Updated
/vendors/:
d-link
CVE-2026-2929
Critical
A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
d-link
CVE-2026-2928
Critical
A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
d-link
CVE-2026-21627
Critical
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction.
🛡️ CVSS: 9.5
🔄 Recently Updated
/vendors/:
tassos.gr
CVE-2026-2927
Critical
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_462590 of the file /boafrm/formOpMode of the component Operation Mode Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
d-link
CVE-2026-2926
Critical
A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4237AC of the file /boafrm/formLteSetup of the component LTE Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
d-link
CVE-2026-2925
Critical
A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_42B5A0 of the file /boafrm/formBridgeVlan of the component Bridge VLAN Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
d-link
CVE-2026-2912
High
A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation of the argument test_id results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.
🛡️ CVSS: 7.5
🆕 New Entry
/vendors/:
code-projects
CVE-2026-2911
Critical
A vulnerability has been found in Tenda FH451 up to 1.0.0.9. This issue affects some unknown processing of the file /goform/GstDhcpSetSer. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
tenda
CVE-2026-2910
Critical
A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
tenda
CVE-2026-2909
Critical
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
tenda
CVE-2026-2908
Critical
A security vulnerability has been detected in Tenda HG9 300001138. Affected by this issue is some unknown functionality of the file /boaform/formLoopBack of the component Loopback Detection Configuration Endpoint. Such manipulation of the argument Ethtype leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
tenda
CVE-2026-2907
Critical
A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgpon_loid/fmgpon_loid_password causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
tenda
CVE-2026-2906
Critical
A security flaw has been discovered in Tenda HG9 300001138. Affected is an unknown function of the file /boaform/formSamba of the component Samba Configuration Endpoint. The manipulation of the argument sambaCap results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
tenda
CVE-2026-2905
Critical
A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.
🛡️ CVSS: 9.0
🆕 New Entry
/vendors/:
tenda