Critical FortiClientEMS Vulnerability Let Attackers Execute Malicious Code Remotely FortiClientEMS RCE Vulnerability Fortinet has issued a critical security advisory warning administrators to immediately patch instances of FortiClientEMS, its central management solution for…
CVE-2025-7799 – Reflected XSS in Zirve Information Technologies’ e-Taxpayer Accounting Website
CVE ID : CVE-2025-7799 Published : Feb. 9, 2026, 9:16 a.m. | 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Zirve Information…
CVE-2026-2234 – HGiga|C&Cm@il – Missing Authentication
CVE ID : CVE-2026-2234 Published : Feb. 9, 2026, 8:16 a.m. | 1 hour, 43 minutes ago Description : C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read…
CVE-2026-22906 – Hardcoded Key Allows Credential Disclosure
CVE ID : CVE-2026-22906 Published : Feb. 9, 2026, 8:16 a.m. | 1 hour, 43 minutes ago Description : User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker…
CVE-2026-22904 – Stack Overflow via Oversized Cookie Fields in lighttpd
CVE ID : CVE-2026-22904 Published : Feb. 9, 2026, 8:16 a.m. | 1 hour, 43 minutes ago Description : Improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker…
CVE-2026-22903 – Stack Overflow via SESSIONID Cookie in lighttpd
CVE ID : CVE-2026-22903 Published : Feb. 9, 2026, 8:16 a.m. | 1 hour, 43 minutes ago Description : An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID…