CVE ID : CVE-2026-26101 Published : Feb. 20, 2026, 5:25 p.m. | 37 minutes ago Description : Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted…
CVE-2026-26099 – Uncontrolled Search Path Element in Owl opds
CVE ID : CVE-2026-26099 Published : Feb. 20, 2026, 5:25 p.m. | 37 minutes ago Description : Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a…
CVE-2026-20761 – EnOcean SmartServer IoT Command Injection
CVE ID : CVE-2026-20761 Published : Feb. 20, 2026, 3:32 p.m. | 30 minutes ago Description : A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers,…
CVE-2026-21627 – Extension – tassos.gr – SQL injection and Unauthenticated File Read in Novarain/Tassos Framework v4.10.14 – v6.0.37 for Joomla
CVE ID : CVE-2026-21627 Published : Feb. 20, 2026, 3:20 p.m. | 42 minutes ago Description : The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s…
CVE-2025-10970 – SQLi in Kolay Software’s Talentics
CVE ID : CVE-2025-10970 Published : Feb. 20, 2026, 11:27 a.m. | 35 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Kolay Software…
CVE-2026-26050 – RICOH Joblog Analysis Tool DLL Search Path Loading Vulnerability
CVE ID : CVE-2026-26050 Published : Feb. 20, 2026, 9:15 a.m. | 47 minutes ago Description : The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search…
CVE-2026-26996 – minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern
CVE ID : CVE-2026-26996 Published : Feb. 20, 2026, 3:16 a.m. | 46 minutes ago Description : minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0…
CVE-2026-26990 – LibreNMS has Time-Based Blind SQL Injection in address-search.inc.php
CVE ID : CVE-2026-26990 Published : Feb. 20, 2026, 2:16 a.m. | 1 hour, 46 minutes ago Description : LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below have a…
CVE-2026-26988 – LibreNMS: SQL Injection in ajax_table.php spreads through a covert data stream
CVE ID : CVE-2026-26988 Published : Feb. 20, 2026, 2:16 a.m. | 1 hour, 46 minutes ago Description : LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below contain an…
CVE-2026-26980 – Ghost has a SQL Injection in its Content API
CVE ID : CVE-2026-26980 Published : Feb. 20, 2026, 2:16 a.m. | 1 hour, 46 minutes ago Description : Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to…