CVE ID : CVE-2026-3272 Published : Feb. 27, 2026, 12:16 a.m. | 33 minutes ago Description : A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromDhcpListClient of the file…
CVE-2026-3271 – Tenda F453 httpd P2pListFilterof fromP2pListFilter buffer overflow
CVE ID : CVE-2026-3271 Published : Feb. 27, 2026, 12:16 a.m. | 33 minutes ago Description : A vulnerability was found in Tenda F453 1.0.0.3. This impacts the function fromP2pListFilter of the file…
CVE-2026-27772 – EV Energy ev.energy Missing Authentication for Critical Function
CVE ID : CVE-2026-27772 Published : Feb. 27, 2026, 12:16 a.m. | 33 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data…
CVE-2026-27767 – SWITCH EV swtchenergy.com Missing Authentication for Critical Function
CVE ID : CVE-2026-27767 Published : Feb. 27, 2026, 12:16 a.m. | 33 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data…
CVE-2026-25851 – Chargemap chargemap.com Missing Authentication for Critical Function
CVE ID : CVE-2026-25851 Published : Feb. 27, 2026, 12:16 a.m. | 33 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data…
CVE-2026-27976 – Zed Extension Sandbox Escape via Tar Symlink Following
CVE ID : CVE-2026-27976 Published : Feb. 26, 2026, 12:16 a.m. | 32 minutes ago Description : Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the…
CVE-2026-27818 – TerriaJS-Server has a domain validation bypass vulnerability in its proxy allowlist
CVE ID : CVE-2026-27818 Published : Feb. 26, 2026, 12:16 a.m. | 32 minutes ago Description : TerriaJS-Server is a NodeJS Express server for TerriaJS, a library for building web-based geospatial data explorers….
CVE-2026-27812 – Sub2API Vulnerable to Password Reset Poisoning via Host Header Trust Issue, Leading to Account Takeover
CVE ID : CVE-2026-27812 Published : Feb. 26, 2026, 12:16 a.m. | 32 minutes ago Description : Sub2API is an AI API gateway platform designed to distribute and manage API quotas from AI…
CVE-2026-27804 – Parse Server: Account takeover via JWT algorithm confusion in Google auth adapter
CVE ID : CVE-2026-27804 Published : Feb. 26, 2026, 12:16 a.m. | 32 minutes ago Description : Parse Server is an open source backend that can be deployed to any infrastructure that can…
CVE-2026-27633 – TinyWeb has Unbounded Content-Length Memory Exhaustion (DoS)
CVE ID : CVE-2026-27633 Published : Feb. 26, 2026, 12:16 a.m. | 32 minutes ago Description : TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version…