快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359799
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-27476 |
RustFly 2.0.0 Command Injection via UDP Remote Control
|
CRITICAL | 9.3 | 2026-02-19 |
Bixat RustFly
|
CVE NVD | |
| CVE-2026-26282 |
NanaZip has DotNet Single file OOB Heap Read
|
MEDIUM | 5.2 | 2026-02-19 |
M2Team NanaZip
m2team nanazip
|
CVE NVD | |
| CVE-2026-27440 |
WordPress myCred plugin <= 2.9.7.6 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2026-02-19 |
Saad Iqbal myCred
|
CVE NVD | |
| CVE-2026-27387 |
WordPress DirectoryPress plugin <= 3.6.26 - Broken Access Control vulnerability
|
MEDIUM | 5.4 | 2026-02-19 |
designinvento DirectoryPress
|
CVE NVD | |
| CVE-2026-27368 |
WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin <= 6.19.7 - Broken Access Control vulnerability
|
MEDIUM | 5.9 | 2026-02-19 |
SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd
|
CVE NVD | |
| CVE-2026-27360 |
WordPress Photo Gallery by 10Web plugin <= 1.8.37 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 5.9 | 2026-02-19 |
10Web Photo Gallery by 10Web
|
CVE NVD | |
| CVE-2026-27343 |
WordPress Airtifact theme <= 1.2.91 - Local File Inclusion vulnerability
|
HIGH | 7.5 | 2026-02-19 |
VanKarWai Airtifact
|
CVE NVD | |
| CVE-2026-27328 |
WordPress EduBlink theme <= 2.0.7 - Broken Access Control vulnerability
|
MEDIUM | 5.3 | 2026-02-19 |
DevsBlink EduBlink
|
CVE NVD | |
| CVE-2026-27327 |
WordPress YayMail – WooCommerce Email Customizer plugin <= 4.3.2 - Broken Access Control vulnerability
|
MEDIUM | 4.3 | 2026-02-19 |
YayCommerce YayMail – WooCommerce Email Customizer
|
CVE NVD | |
| CVE-2026-2738 |
Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by send...
|
MEDIUM | 5.6 | 2026-02-19 |
OpenVPN ovpn-dco-win
|
CVE NVD | |
| CVE-2026-26318 |
systeminformation has Command Injection via Unsanitized `locate` Output in `versions()`
|
HIGH | 8.8 | 2026-02-19 |
sebhildebrandt systeminformation
systeminformation systeminformation
|
CVE NVD | |
| CVE-2026-26280 |
Systeminformation has a Command Injection via unsanitized interface parameter in wifi.js retry path
|
HIGH | 8.4 | 2026-02-19 |
sebhildebrandt systeminformation
systeminformation systeminformation
|
CVE NVD | |
| CVE-2026-26278 |
fast-xml-parser affected by DoS through entity expansion in DOCTYPE (no expansion limit)
|
HIGH | 7.5 | 2026-02-19 |
NaturalIntelligence fast-xml-parser
naturalintelligence fast-xml-parser
|
CVE NVD | |
| CVE-2026-27013 |
Fabric.js Affected by Stored XSS via SVG Export
|
HIGH | 7.6 | 2026-02-19 |
fabricjs fabric.js
fabricjs fabric.js
|
CVE NVD | |
| CVE-2026-26267 |
rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide
|
HIGH | 7.5 | 2026-02-19 |
stellar rs-soroban-sdk
stellar rs-soroban-sdk
+2个
|
CVE NVD | |
| CVE-2026-26205 |
opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in `input.parsed_path`
|
HIGH | 7.1 | 2026-02-19 |
open-policy-agent opa-envoy-plugin
|
CVE NVD | |
| CVE-2026-26203 |
PJSIP's pjmedia-video has use-after-free in H264 packetizer when packetizing fragmented NAL
|
MEDIUM | 5.1 | 2026-02-19 |
pjsip pjmedia-video
pjsip pjsip
|
CVE NVD | |
| CVE-2026-26202 |
Penpot has Arbitrary File Read via create-font-variant RPC endpoint
|
HIGH | 7.5 | 2026-02-19 |
penpot penpot
kaleidos penpot
|
CVE NVD | |
| CVE-2026-26201 |
emp3r0r Affected by Concurrent Map Access DoS (panic/crash)
|
HIGH | 7.0 | 2026-02-19 |
jm33-m0 emp3r0r
jm33-m0 emp3r0r
|
CVE NVD | |
| CVE-2026-26200 |
HDF5 Affected by H5T__conv_struct_opt Heap Buffer Overflow
|
HIGH | 7.8 | 2026-02-19 |
HDFGroup hdf5
hdfgroup hdf5
|
CVE NVD |