CVE ID : CVE-2025-40538 Published : Feb. 24, 2026, 8:16 a.m. | 31 minutes ago Description : A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the…
CVE-2026-26331 – yt-dlp: Arbitrary Command Injection when using the `–netrc-cmd` option
CVE ID : CVE-2026-26331 Published : Feb. 24, 2026, 3:16 a.m. | 1 hour, 31 minutes ago Description : yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21,…
CVE-2026-26198 – ormar is vulnerable to SQL Injection through aggregate functions min() and max()
CVE ID : CVE-2026-26198 Published : Feb. 24, 2026, 3:16 a.m. | 1 hour, 31 minutes ago Description : Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing…
CVE-2025-13943 – Zyxel EX3301-T0 Post-Authentication Command Injection Vulnerability
CVE ID : CVE-2025-13943 Published : Feb. 24, 2026, 3:16 a.m. | 1 hour, 31 minutes ago Description : A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0…
CVE-2025-13942 – Zyxel EX3510-B0 UPnP Command Injection
CVE ID : CVE-2025-13942 Published : Feb. 24, 2026, 3:16 a.m. | 1 hour, 31 minutes ago Description : A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through…
CVE-2026-25965 – ImageMagick’s policy bypass through path traversal allows reading restricted content despite secured policy
CVE ID : CVE-2026-25965 Published : Feb. 24, 2026, 2:16 a.m. | 31 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions…
CVE-2026-25794 – ImageMagick has heap-buffer-overflow via signed integer overflow in `WriteUHDRImage` when writing UHDR images with large dimensions
CVE ID : CVE-2026-25794 Published : Feb. 24, 2026, 1:16 a.m. | 1 hour, 31 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. `WriteUHDRImage` in…
CVE-2026-3044 – Tenda AC8 Httpd Service UploadCfg webCgiGetUploadFile stack-based overflow
CVE ID : CVE-2026-3044 Published : Feb. 24, 2026, 12:16 a.m. | 31 minutes ago Description : A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the…
CVE-2025-9120 – RCE vulnerability has been discovered in OpenText™ Carbonite Safe Server Backup.
CVE ID : CVE-2025-9120 Published : Feb. 24, 2026, 12:03 a.m. | 44 minutes ago Description : Improper Control of Generation of Code (‘Code Injection’) vulnerability in OpenText™ Carbonite Safe Server Backup allows…
CVE-2026-25648 – Traccar Vulnerable to Stored Cross-Site Scripting (XSS) via Malicious SVG File Upload
CVE ID : CVE-2026-25648 Published : Feb. 23, 2026, 9:19 p.m. | 1 hour, 28 minutes ago Description : Versions of the Traccar open-source GPS tracking system starting with 6.11.1 contain an issue in…