CVE ID : CVE-2025-70830 Published : Feb. 17, 2026, 4:20 p.m. | 1 hour, 42 minutes ago Description : A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows…
CVE-2025-70828 – Datart Unvalidated Parameter Remote Code Execution Vulnerability
CVE ID : CVE-2025-70828 Published : Feb. 17, 2026, 4:20 p.m. | 1 hour, 42 minutes ago Description : An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter…
CVE-2025-70397 – Jizhicms SQL Injection Vulnerability
CVE ID : CVE-2025-70397 Published : Feb. 17, 2026, 4:20 p.m. | 1 hour, 42 minutes ago Description : jizhicms 2.5.6 is vulnerable to SQL Injection in Article/deleteAll and Extmolds/deleteAll via the data parameter….
CVE-2026-2616 – Beetel 777VR1 Web Management hard-coded credentials
CVE ID : CVE-2026-2616 Published : Feb. 17, 2026, 3:16 p.m. | 46 minutes ago Description : A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an…
CVE-2026-22208 – OpenS100 Portrayal Engine Unrestricted Lua Standard Library Access
CVE ID : CVE-2026-22208 Published : Feb. 17, 2026, 3:16 p.m. | 46 minutes ago Description : OpenS100 (the reference implementation S-100 viewer) prior to commit 753cf29 contain a remote code execution vulnerability…
CVE-2026-2615 – Wavlink WL-NU516U1 firewall.cgi singlePortForwardDelete command injection
CVE ID : CVE-2026-2615 Published : Feb. 17, 2026, 1:16 p.m. | 46 minutes ago Description : A flaw has been found in Wavlink WL-NU516U1 up to 20251208. The affected element is the…
CVE-2025-7631 – Time-Based Blind SQLi in Tumeva Internet Technologies’ Tumeva News Software
CVE ID : CVE-2025-7631 Published : Feb. 17, 2026, 11:36 a.m. | 25 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Tumeva Internet…
CVE-2026-2247 – SQL Injection in Clickedu’s SaaS platform
CVE ID : CVE-2026-2247 Published : Feb. 17, 2026, 11:35 a.m. | 26 minutes ago Description : SQL injection vulnerability (SQLi) in Clicldeu SaaS, specifically in the generation of reports, which occurs when…
CVE-2026-25903 – Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates
CVE ID : CVE-2026-25903 Published : Feb. 17, 2026, 10:15 a.m. | 1 hour, 46 minutes ago Description : Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components…
CVE-2026-26220 – LightLLM <= 1.1.0 PD Mode Unsafe Deserialization RCE
CVE ID : CVE-2026-26220 Published : Feb. 17, 2026, 3:16 a.m. | 46 minutes ago Description : LightLLM version 1.1.0 and prior contain an unauthenticated remote code execution vulnerability in PD (prefill-decode) disaggregation…