7.7

CVSS4.0

CVE-2025-9293 - Insufficient Certificate Validation in Multiple Mobile Applications Allows Man in the Middle Interc…

A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position themselves within the commu…

📅 Published: Feb. 13, 2026, 12:22 a.m. 🔄 Last Modified: Feb. 13, 2026, 12:22 a.m.

2

CVSS4.0

CVE-2025-9292 - Permissive Web Security Policy Allows Cross-Origin Access Control Bypass on Omada Cloud Controllers

A permissive web security configuration may allow cross-origin restrictions enforced by modern browsers to be bypassed under specific circumstances. Exploitation requires the presence of an existing client-side injection vulnerability and user access to the affected web interface. Successful expl…

📅 Published: Feb. 13, 2026, 12:21 a.m. 🔄 Last Modified: Feb. 13, 2026, 12:21 a.m.

6

CVSS4.0

CVE-2024-21961 -

Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability.

📅 Published: Feb. 12, 2026, 11:45 p.m. 🔄 Last Modified: Feb. 12, 2026, 11:45 p.m.

0.0

CVE-2025-40905 - WWW::OAuth 1.000 and earlier for Perl uses insecure rand() function for cryptographic functions

WWW::OAuth 1.000 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.

📅 Published: Feb. 12, 2026, 11:39 p.m. 🔄 Last Modified: Feb. 12, 2026, 11:39 p.m.

5.1

CVSS4.0

CVE-2026-26188 - Solspace Freeform plugin affected by Stored Cross-Site Scripting (XSS) in Freeform Craft Plugin CP …

Solspace Freeform plugin for Craft CMS 5.x is a super flexible form-building tool. An authenticated, low-privilege user (able to create/edit forms) can inject arbitrary HTML/JS into the Craft Control Panel (CP) builder and integrations views. User-controlled form labels and integration metadata are…

📅 Published: Feb. 12, 2026, 10:55 p.m. 🔄 Last Modified: Feb. 12, 2026, 10:55 p.m.
Load More Vulnerability
avatar

Mehmet Ince

@mdisec

CVE stats coming here

avatar

Nuri Çilengir

@ncilengir

CVE stats coming here

avatar

@aydinnyunus

CVE stats coming here

avatar

Onurcan Genç

@onurcangnc

CVE stats coming here

avatar

Seyit Sigirci

@h3xecute

CVE stats coming here

avatar

Ali İltizar

@iltosec

CVE stats coming here

avatar

@b3rsec

CVE stats coming here

avatar

@furkank

CVE stats coming here

avatar

kutaysec

@kutaysec

CVE stats coming here