Page 33

CVE-2026-25998 – strongMan vulnerable to private credential recovery due to key and counter reuse

Posted on February 19, 2026

CVE ID : CVE-2026-25998 Published : Feb. 19, 2026, 5:24 p.m. | 38 minutes ago Description : strongMan is a management interface for strongSwan, an OpenSource IPsec-based VPN. When storing credentials in the…

CVE-2026-24834 – Kata Container to Guest micro VM privilege escalation

Posted on February 19, 2026

CVE ID : CVE-2026-24834 Published : Feb. 19, 2026, 5:24 p.m. | 38 minutes ago Description : Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines…

CVE-2026-2274 – Arbitrary File Read and SSRF in Google AppSheet

Posted on February 19, 2026

CVE ID : CVE-2026-2274 Published : Feb. 19, 2026, 3:21 p.m. | 41 minutes ago Description : A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet prior to 2025-11-23…

CVE-2026-25755 – jsPDF has PDF Object Injection via Unsanitized Input in addJS Method

Posted on February 19, 2026

CVE ID : CVE-2026-25755 Published : Feb. 19, 2026, 3:16 p.m. | 46 minutes ago Description : jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the…

CVE-2026-25535 – jsPDF Affected by Client-Side/Server-Side Denial of Service via Malicious GIF Dimensions

Posted on February 19, 2026

CVE ID : CVE-2026-25535 Published : Feb. 19, 2026, 3:16 p.m. | 46 minutes ago Description : jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the…

CVE-2025-71250 – SPIP < 4.4.9 Insecure Deserialization

Posted on February 19, 2026

CVE ID : CVE-2025-71250 Published : Feb. 19, 2026, 2:58 p.m. | 1 hour, 4 minutes ago Description : SPIP before 4.4.9 allows Insecure Deserialization in the public area through the table_valeur filter and…

CVE-2025-71243 – SPIP Saisies Plugin < 5.11.1 Remote Code Execution

Posted on February 19, 2026

CVE ID : CVE-2025-71243 Published : Feb. 19, 2026, 2:58 p.m. | 1 hour, 4 minutes ago Description : The ‘Saisies pour formulaire’ (Saisies) plugin for SPIP versions 5.4.0 through 5.11.0 contains a critical…

CVE-2025-9953 – SQLi in Database Software’s Databank Accreditation Software

Posted on February 19, 2026

CVE ID : CVE-2025-9953 Published : Feb. 19, 2026, 11:55 a.m. | 7 minutes ago Description : Authorization Bypass Through User-Controlled SQL Primary Key vulnerability in DATABASE Software Training Consulting Ltd. Databank Accreditation…

CVE-2025-8350 – Authentication Bypass with Redirect in BiEticaret Software’s BiEticaret CMS

Posted on February 19, 2026

CVE ID : CVE-2025-8350 Published : Feb. 19, 2026, 11:30 a.m. | 32 minutes ago Description : Execution After Redirect (EAR), Missing Authentication for Critical Function vulnerability in Inrove Software and Internet Services…

CVE-2025-13590 – Authenticated arbitrary file upload via a System REST API requiring administrator permission.

Posted on February 19, 2026

CVE ID : CVE-2025-13590 Published : Feb. 19, 2026, 10:05 a.m. | 1 hour, 57 minutes ago Description : A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location…