CVE ID : CVE-2026-2144 Published : Feb. 14, 2026, 5:16 a.m. | 45 minutes ago Description : The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in…
CVE-2026-24853 – Caido has an insufficient patch for DNS rebind leading to RCE
CVE ID : CVE-2026-24853 Published : Feb. 13, 2026, 11:16 p.m. | 46 minutes ago Description : Caido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to…
CVE-2026-26273 – Known affected by Account Takeover via Password Reset Token Leakage
CVE ID : CVE-2026-26273 Published : Feb. 13, 2026, 10:16 p.m. | 1 hour, 46 minutes ago Description : Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists…
CVE-2025-15157 – Starfish Review Generation & Marketing for WordPress <= 3.1.19 – Authenticated (Subscriber+) Arbitrary Options Update via srm_restore_options_defaults
CVE ID : CVE-2025-15157 Published : Feb. 13, 2026, 10:16 p.m. | 1 hour, 46 minutes ago Description : The Starfish Review Generation & Marketing for WordPress plugin for WordPress is vulnerable to unauthorized…
CVE-2026-26335 – Calero VeraSMART < 2022 R1 Static IIS Machine Keys Enable ViewState RCE
CVE ID : CVE-2026-26335 Published : Feb. 13, 2026, 9:16 p.m. | 45 minutes ago Description : Calero VeraSMART versions prior to 2022 R1 use static ASP.NET/IIS machineKey values configured for the VeraSMART web…
CVE-2026-26334 – Calero VeraSMART < 2026 R1 Hardcoded Static AES Keys Allow Decryption of Service Credentials
CVE ID : CVE-2026-26334 Published : Feb. 13, 2026, 9:16 p.m. | 45 minutes ago Description : Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll (Veramark.Core.Config class)….
CVE-2026-26333 – Calero VeraSMART < 2022 R1 .NET Remoting Arbitrary File Read Leading to ViewState RCE
CVE ID : CVE-2026-26333 Published : Feb. 13, 2026, 9:16 p.m. | 45 minutes ago Description : Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port…
CVE-2026-2441 – Google Chrome Use After Free Vulnerability in CSS
CVE ID : CVE-2026-2441 Published : Feb. 13, 2026, 7:17 p.m. | 2 hours, 44 minutes ago Description : Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker…
CVE-2026-26190 – Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise
CVE ID : CVE-2026-26190 Published : Feb. 13, 2026, 7:17 p.m. | 44 minutes ago Description : Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10,…
CVE-2026-26187 – lakeFS vulnerable to path traversal in local block adapter allow cross-namespace and sibling directory access
CVE ID : CVE-2026-26187 Published : Feb. 13, 2026, 7:17 p.m. | 44 minutes ago Description : lakeFS is an open-source tool that transforms object storage into a Git-like repositories. Prior to 1.77.0,…