8.2

CVSS3.1

CVE-2026-23857 - Improper Handling of Insufficient Permissions in Dell Update Package Framework

Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

πŸ“… Published: Feb. 12, 2026, 2:05 a.m. πŸ”„ Last Modified: April 17, 2026, 8:15 p.m.

7.8

CVSS3.1

CVE-2026-23856 - Improper Access Control in Dell iDRAC Service Module Enables Local Privilege Escalation

Dell iDRAC Service Module (iSM) for Windows, versions prior to 6.0.3.1, and Dell iDRAC Service Module (iSM) for Linux, versions prior to 5.4.1.1, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to El…

πŸ“… Published: Feb. 12, 2026, 1:46 a.m. πŸ”„ Last Modified: April 18, 2026, 6:15 p.m.

8.8

CVSS3.1

CVE-2026-0969 - Arbitrary code execution in React server-side rendering of untrusted MDX content

The serialize function used to compile MDX in next-mdx-remote is vulnerable to arbitrary code execution due to insufficient sanitization of MDX content. This vulnerability, CVE-2026-0969, is fixed in next-mdx-remote 6.0.0.

πŸ“… Published: Feb. 12, 2026, 1:35 a.m. πŸ”„ Last Modified: April 18, 2026, 12:45 p.m.

9.8

CVSS3.1

CVE-2026-1729 - AdForest <= 6.0.12 - Authentication Bypass

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it possible for unauthe…

πŸ“… Published: Feb. 12, 2026, 1:23 a.m. πŸ”„ Last Modified: April 16, 2026, 1 a.m.

9

CVSS3.1

CVE-2025-69634 -

Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker to escalate privileges via the notes field in perms.php NOTE: this is disputed by a third party who indicates that exploitation can only occur if an unprivileged user knows the token of an admin user.

πŸ“… Published: Feb. 12, 2026, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2025-67432 -

A stack overflow in the ZBarcode_Encode function of Monkeybread Software MBS DynaPDF Plugin v21.3.1.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.

πŸ“… Published: Feb. 12, 2026, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2025-69807 -

p2r3 Bareiron commit: 8e4d4020d is vulnerable to Buffer Overflow, which allows unauthenticated remote attackers to cause a denial of service via a packet sent to the server.

πŸ“… Published: Feb. 12, 2026, midnight πŸ”„ Last Modified: Feb. 23, 2026, 5:20 p.m.

7.5

CVSS3.1

CVE-2025-69806 -

p2r3 bareiron commit: 8e4d4020d contains an Out-of-bounds Read, which allows unauthenticated remote attackers to get relative information leakage via a packet sent to the server

πŸ“… Published: Feb. 12, 2026, midnight πŸ”„ Last Modified: Feb. 23, 2026, 5:21 p.m.

8.8

CVSS3.1

CVE-2025-61880 -

In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution.

πŸ“… Published: Feb. 12, 2026, midnight πŸ”„ Last Modified: Feb. 19, 2026, 3:55 p.m.

7.7

CVSS3.1

CVE-2025-61879 -

In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism.

πŸ“… Published: Feb. 12, 2026, midnight πŸ”„ Last Modified: Feb. 19, 2026, 3:55 p.m.
Total resulsts: 349182
Page 1663 of 34,919
Β« previous page Β» next page
Filters