CVE ID : CVE-2026-27593 Published : Feb. 24, 2026, 10:16 p.m. | 2 hours, 32 minutes ago Description : Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 6.3.3…
CVE-2026-24443 – EventSentry < 6.0.1.20 Web Reports Unverified Password Change
CVE ID : CVE-2026-24443 Published : Feb. 24, 2026, 9:16 p.m. | 3 hours, 32 minutes ago Description : EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the account management functionality…
CVE-2026-22553 – InSAT MasterSCADA BUK-TS OS Command Injection
CVE ID : CVE-2026-22553 Published : Feb. 24, 2026, 9:16 p.m. | 3 hours, 32 minutes ago Description : All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field…
CVE-2026-21410 – InSAT MasterSCADA BUK-TS SQL Injection
CVE ID : CVE-2026-21410 Published : Feb. 24, 2026, 9:16 p.m. | 3 hours, 32 minutes ago Description : InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious users…
CVE-2026-26342 – Tattile Smart+ / Vega / Basic <= 1.181.5 Insufficient Session Token Expiration
CVE ID : CVE-2026-26342 Published : Feb. 24, 2026, 8:27 p.m. | 4 hours, 20 minutes ago Description : Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication…
CVE-2026-26222 – DocLink .NET Remoting Unauthenticated Arbitrary File Read/Write RCE
CVE ID : CVE-2026-26222 Published : Feb. 24, 2026, 6:29 p.m. | 18 minutes ago Description : Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes insecure .NET Remoting endpoints over…
CVE-2026-27590 – Caddy: Unicode case-folding length expansion causes incorrect split_path index (SCRIPT_NAME/PATH_INFO confusion) in FastCGI transport
CVE ID : CVE-2026-27590 Published : Feb. 24, 2026, 5:29 p.m. | 1 hour, 19 minutes ago Description : Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1,…
CVE-2026-27586 – Caddy’s mTLS client authentication silently fails open when CA certificate file is missing or malformed
CVE ID : CVE-2026-27586 Published : Feb. 24, 2026, 5:29 p.m. | 1 hour, 19 minutes ago Description : Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1,…
CVE-2025-13776 – Hard-coded database credentials in Finka software
CVE ID : CVE-2025-13776 Published : Feb. 24, 2026, 5:29 p.m. | 1 hour, 19 minutes ago Description : Multiple Finka programs use hard-coded Firebird database credentials (shared across all instances of this software)….
CVE-2026-27520 – Binardat 10G08-0800GSM Network Switch Base64-encoded Password Stored in Cookie
CVE ID : CVE-2026-27520 Published : Feb. 24, 2026, 4:24 p.m. | 23 minutes ago Description : Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as…