CVE ID : CVE-2025-14577 Published : Feb. 24, 2026, 2:16 p.m. | 31 minutes ago Description : Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injection. An unauthenticated remote attacker is able to…
CVE-2025-11165 – DotCMS Velocity Sandbox Escape Vulnerability
CVE ID : CVE-2025-11165 Published : Feb. 24, 2026, 8:27 a.m. | 20 minutes ago Description : A sandbox escape vulnerability exists in dotCMS’s Velocity scripting engine (VTools) that allows authenticated users with…
CVE-2025-40541 – SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability
CVE ID : CVE-2025-40541 Published : Feb. 24, 2026, 8:16 a.m. | 31 minutes ago Description : An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious…
CVE-2025-40540 – SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability
CVE ID : CVE-2025-40540 Published : Feb. 24, 2026, 8:16 a.m. | 31 minutes ago Description : A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability…
CVE-2025-40539 – SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability
CVE ID : CVE-2025-40539 Published : Feb. 24, 2026, 8:16 a.m. | 31 minutes ago Description : A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability…
CVE-2025-40538 – SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability
CVE ID : CVE-2025-40538 Published : Feb. 24, 2026, 8:16 a.m. | 31 minutes ago Description : A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the…
CVE-2026-26331 – yt-dlp: Arbitrary Command Injection when using the `–netrc-cmd` option
CVE ID : CVE-2026-26331 Published : Feb. 24, 2026, 3:16 a.m. | 1 hour, 31 minutes ago Description : yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21,…
CVE-2026-26198 – ormar is vulnerable to SQL Injection through aggregate functions min() and max()
CVE ID : CVE-2026-26198 Published : Feb. 24, 2026, 3:16 a.m. | 1 hour, 31 minutes ago Description : Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing…
CVE-2025-13943 – Zyxel EX3301-T0 Post-Authentication Command Injection Vulnerability
CVE ID : CVE-2025-13943 Published : Feb. 24, 2026, 3:16 a.m. | 1 hour, 31 minutes ago Description : A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0…
CVE-2025-13942 – Zyxel EX3510-B0 UPnP Command Injection
CVE ID : CVE-2025-13942 Published : Feb. 24, 2026, 3:16 a.m. | 1 hour, 31 minutes ago Description : A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through…