CVE ID : CVE-2026-2036 Published : Feb. 20, 2026, 11:16 p.m. | 46 minutes ago Description : GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers…
CVE-2026-2033 – MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability
CVE ID : CVE-2026-2033 Published : Feb. 20, 2026, 11:16 p.m. | 46 minutes ago Description : MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers…
CVE-2019-25441 – thesystem 1.0 Command Injection via run_command endpoint
CVE ID : CVE-2019-25441 Published : Feb. 20, 2026, 11:16 p.m. | 47 minutes ago Description : thesystem 1.0 contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands…
CVE-2026-2857 – D-Link DWR-M960 Port Forwarding Configuration Endpoint formPortFw sub_423E00 stack-based overflow
CVE ID : CVE-2026-2857 Published : Feb. 20, 2026, 9:19 p.m. | 43 minutes ago Description : A vulnerability was determined in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_423E00…
CVE-2026-2856 – D-Link DWR-M960 Filter Configuration Endpoint formFilter sub_424AFC stack-based overflow
CVE ID : CVE-2026-2856 Published : Feb. 20, 2026, 9:19 p.m. | 43 minutes ago Description : A vulnerability was found in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_424AFC…
CVE-2026-27190 – Deno has a Command Injection via Incomplete shell metacharacter blocklist in node:child_process
CVE ID : CVE-2026-27190 Published : Feb. 20, 2026, 9:19 p.m. | 43 minutes ago Description : Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.6.8, a command injection vulnerability exists…
CVE-2026-25896 – fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names
CVE ID : CVE-2026-25896 Published : Feb. 20, 2026, 9:19 p.m. | 43 minutes ago Description : fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS…
CVE-2026-2855 – D-Link DWR-M960 DDNS Settings formDdns sub_4648F0 stack-based overflow
CVE ID : CVE-2026-2855 Published : Feb. 20, 2026, 8:25 p.m. | 1 hour, 37 minutes ago Description : A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub_4648F0 of…
CVE-2026-2472 – Stored Cross-Site Scripting (XSS) in Vertex AI Python SDK Visualization
CVE ID : CVE-2026-2472 Published : Feb. 20, 2026, 7:29 p.m. | 39 minutes ago Description : Stored Cross-Site Scripting (XSS) in the _genai/_evals_visualization component of Google Cloud Vertex AI SDK (google-cloud-aiplatform) versions…
CVE-2021-35402 – PROLiNK PRC2402M Command Injection Vulnerability
CVE ID : CVE-2021-35402 Published : Feb. 20, 2026, 7:23 p.m. | 44 minutes ago Description : PROLiNK PRC2402M 20190909 before 2021-06-13 allows live_api.cgi?page=satellite_list OS command injection via shell metacharacters in the ip…