Export limit exceeded: 76003 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76003 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-27001 | 1 Openclaw | 1 Openclaw | 2026-02-20 | 7.8 High |
| OpenClaw is a personal AI assistant. Prior to version 2026.2.15, OpenClaw embedded the current working directory (workspace path) into the agent system prompt without sanitization. If an attacker can cause OpenClaw to run inside a directory whose name contains control/format characters (for example newlines or Unicode bidi/zero-width markers), those characters could break the prompt structure and inject attacker-controlled instructions. Starting in version 2026.2.15, the workspace path is sanitized before it is embedded into any LLM prompt output, stripping Unicode control/format characters and explicit line/paragraph separators. Workspace path resolution also applies the same sanitization as defense-in-depth. | ||||
| CVE-2026-27343 | 2 Vankarwai, Wordpress | 2 Airtifact, Wordpress | 2026-02-20 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in VanKarWai Airtifact airtifact allows PHP Local File Inclusion.This issue affects Airtifact: from n/a through <= 1.2.91. | ||||
| CVE-2026-25326 | 2 Cmsmasters, Wordpress | 2 Cmsmasters Content Composer, Wordpress | 2026-02-20 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cmsmasters CMSMasters Content Composer cmsmasters-content-composer allows PHP Local File Inclusion.This issue affects CMSMasters Content Composer: from n/a through <= 1.4.5. | ||||
| CVE-2025-68472 | 1 Mindsdb | 1 Mindsdb | 2026-02-20 | 8.1 High |
| MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PUT handler in file.py directly joins user-controlled data into a filesystem path when the request body is JSON and source_type is not "url". Only multipart uploads and URL-sourced uploads receive sanitization; JSON uploads lack any call to clear_filename or equivalent checks. This vulnerability is fixed in 25.11.1. | ||||
| CVE-2025-68121 | 2 Go Standard Library, Golang | 2 Crypto Tls, Go | 2026-02-20 | 7.4 High |
| During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake. | ||||
| CVE-2026-21893 | 1 N8n | 1 N8n | 2026-02-20 | 7.2 High |
| n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users with administrative permissions to execute arbitrary system commands on the n8n host under specific conditions. This issue has been patched in version 1.120.3. | ||||
| CVE-2025-69211 | 1 Nestjs | 1 Nest | 2026-02-20 | 7.4 High |
| Nest is a framework for building scalable Node.js server-side applications. Versions prior to 11.1.11 have a Fastify URL encoding middleware bypass. A NestJS application is vulnerable if it uses `@nestjs/platform-fastify`; relies on `NestMiddleware` (via `MiddlewareConsumer`) for security checks (authentication, authorization, etc.), or through `app.use()`; and applies middleware to specific routes using string paths or controllers (e.g., `.forRoutes('admin')`). Exploitation can result in unauthenticated users accessing protected routes, restricted administrative endpoints becoming accessible to lower-privileged users, and/or middleware performing sanitization or validation being skipped. This issue is patched in `@nestjs/platform-fastify@11.1.11`. | ||||
| CVE-2026-26217 | 2 Kidocode, Unclecode | 2 Crawl4ai, Crawl4ai | 2026-02-20 | 8.6 High |
| Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /execute_js, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem. An attacker can access sensitive files such as /etc/passwd, /etc/shadow, application configuration files, and environment variables via /proc/self/environ, potentially exposing credentials, API keys, and internal application structure. | ||||
| CVE-2026-26064 | 2 Calibre-ebook, Kovidgoyal | 2 Calibre, Calibre | 2026-02-20 | 8.8 High |
| calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below contain a Path Traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows, this leads to Remote Code Execution by writing a payload to the Startup folder, which executes on next login. Function extract_pictures only checks startswith('Pictures'), and does not sanitize '..' sequences. calibre's own ZipFile.extractall() in utils/zipfile.py does sanitize '..' via _get_targetpath(), but extract_pictures() bypasses this by using manual zf.read() + open(). This issue has been fixed in version 9.3.0. | ||||
| CVE-2025-65036 | 2 Xwiki, Xwikisas | 2 Pro Macros, Xwiki-pro-macros | 2026-02-20 | 8.3 High |
| XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to 1.27.1, the macro executes Velocity from the details pages without checking for permissions, which can lead to remote code execution. This vulnerability is fixed in 1.27.1. | ||||
| CVE-2026-26065 | 2 Calibre-ebook, Kovidgoyal | 2 Calibre, Calibre | 2026-02-20 | 8.8 High |
| calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal through PDB readers (both 132-byte and 202-byte header variants) that allow arbitrary file writes with arbitrary extension and arbitrary content anywhere the user has write permissions. Files are written in 'wb' mode, silently overwriting existing files. This can lead to potential code execution and Denial of Service through file corruption. This issue has been fixed in version 9.3.0. | ||||
| CVE-2020-37100 | 2 Flexense, Syncbreeze | 2 Syncbreeze, Sync Breeze | 2026-02-20 | 7.8 High |
| Sync Breeze Enterprise 12.4.18 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path by placing malicious executables in specific file system locations to hijack the service startup process. | ||||
| CVE-2026-26990 | 1 Librenms | 1 Librenms | 2026-02-20 | 8.8 High |
| LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below have a Time-Based Blind SQL Injection vulnerability in address-search.inc.php via the address parameter. When a crafted subnet prefix is supplied, the prefix value is concatenated directly into an SQL query without proper parameter binding, allowing an attacker to manipulate query logic and infer database information through time-based conditional responses. This vulnerability requires authentication and is exploitable by any authenticated user. This issue has been fixedd in version 26.2.0. | ||||
| CVE-2025-47977 | 1 Microsoft | 1 Nuance Digital Engagement Platform | 2026-02-20 | 8.2 High |
| Improper neutralization of input during web page generation ('cross-site scripting') in Nuance Digital Engagement Platform allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-47959 | 1 Microsoft | 2 Visual Studio, Visual Studio 2022 | 2026-02-20 | 7.1 High |
| Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-47174 | 1 Microsoft | 8 365 Apps, Excel, Office and 5 more | 2026-02-20 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-55322 | 1 Microsoft | 1 Omniparser | 2026-02-20 | 7.3 High |
| Binding to an unrestricted ip address in GitHub allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-55238 | 1 Microsoft | 3 365, Dynamics 365, Dynamics 365 Fasttrack Implementation | 2026-02-20 | 7.5 High |
| Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability | ||||
| CVE-2025-47167 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-02-20 | 8.4 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-47164 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-02-20 | 8.4 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||