CVE ID : CVE-2025-8572 Published : Feb. 14, 2026, 9:16 a.m. | 46 minutes ago Description : The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or…
CVE-2026-1306 – midi-Synth <= 1.1.0 – Unauthenticated Arbitrary File Upload via 'export' AJAX Action
CVE ID : CVE-2026-1306 Published : Feb. 14, 2026, 7:16 a.m. | 46 minutes ago Description : The midi-Synth plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type…
CVE-2026-2144 – Magic Login Mail or QR Code <= 2.05 – Unauthenticated Privilege Escalation via Insecure QR Code File Storage
CVE ID : CVE-2026-2144 Published : Feb. 14, 2026, 5:16 a.m. | 45 minutes ago Description : The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in…
CVE-2026-24853 – Caido has an insufficient patch for DNS rebind leading to RCE
CVE ID : CVE-2026-24853 Published : Feb. 13, 2026, 11:16 p.m. | 46 minutes ago Description : Caido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to…
CVE-2026-26273 – Known affected by Account Takeover via Password Reset Token Leakage
CVE ID : CVE-2026-26273 Published : Feb. 13, 2026, 10:16 p.m. | 1 hour, 46 minutes ago Description : Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists…
CVE-2025-15157 – Starfish Review Generation & Marketing for WordPress <= 3.1.19 – Authenticated (Subscriber+) Arbitrary Options Update via srm_restore_options_defaults
CVE ID : CVE-2025-15157 Published : Feb. 13, 2026, 10:16 p.m. | 1 hour, 46 minutes ago Description : The Starfish Review Generation & Marketing for WordPress plugin for WordPress is vulnerable to unauthorized…
CVE-2026-26335 – Calero VeraSMART < 2022 R1 Static IIS Machine Keys Enable ViewState RCE
CVE ID : CVE-2026-26335 Published : Feb. 13, 2026, 9:16 p.m. | 45 minutes ago Description : Calero VeraSMART versions prior to 2022 R1 use static ASP.NET/IIS machineKey values configured for the VeraSMART web…
CVE-2026-26334 – Calero VeraSMART < 2026 R1 Hardcoded Static AES Keys Allow Decryption of Service Credentials
CVE ID : CVE-2026-26334 Published : Feb. 13, 2026, 9:16 p.m. | 45 minutes ago Description : Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll (Veramark.Core.Config class)….
CVE-2026-26333 – Calero VeraSMART < 2022 R1 .NET Remoting Arbitrary File Read Leading to ViewState RCE
CVE ID : CVE-2026-26333 Published : Feb. 13, 2026, 9:16 p.m. | 45 minutes ago Description : Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port…
CVE-2026-2441 – Google Chrome Use After Free Vulnerability in CSS
CVE ID : CVE-2026-2441 Published : Feb. 13, 2026, 7:17 p.m. | 2 hours, 44 minutes ago Description : Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker…