CVE ID : CVE-2026-25922 Published : Feb. 12, 2026, 8:16 p.m. | 1 hour, 45 minutes ago Description : authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a…
CVE-2026-25767 – LavinMQ has incomplete shovel configuration validation
CVE ID : CVE-2026-25767 Published : Feb. 12, 2026, 8:16 p.m. | 1 hour, 45 minutes ago Description : LavinMQ is a high-performance message queue & streaming server. Before 2.6.8, an authenticated user, with…
CVE-2026-26219 – newbee-mall Unsalted MD5 Password Hashing Enables Offline Credential Cracking
CVE ID : CVE-2026-26219 Published : Feb. 12, 2026, 7:15 p.m. | 46 minutes ago Description : newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not…
CVE-2026-26218 – newbee-mall Default Seeded Administrator Credentials Allow Account Takeover
CVE ID : CVE-2026-26218 Published : Feb. 12, 2026, 7:15 p.m. | 46 minutes ago Description : newbee-mall includes pre-seeded administrator accounts in its database initialization script. These accounts are provisioned with a…
CVE-2019-25345 – RTK IIS Codec Service 6.4.10041.133 – ‘RtkI2SCodec’ Unquote Service Path
CVE ID : CVE-2019-25345 Published : Feb. 12, 2026, 7:02 p.m. | 59 minutes ago Description : Realtek IIS Codec Service 6.4.10041.133 contains an unquoted service path vulnerability that allows local attackers to…
CVE-2019-25344 – MobileGo 8.5.0 – Insecure File Permissions
CVE ID : CVE-2019-25344 Published : Feb. 12, 2026, 7:02 p.m. | 59 minutes ago Description : Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable…
CVE-2019-25343 – NextVPN 4.10 – Insecure File Permissions
CVE ID : CVE-2019-25343 Published : Feb. 12, 2026, 7:02 p.m. | 59 minutes ago Description : NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files…
CVE-2025-54756 – BrightSign Players Use of Default Credentials
CVE ID : CVE-2025-54756 Published : Feb. 12, 2026, 5:16 p.m. | 46 minutes ago Description : BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166…
CVE-2025-52533 – Xilinx Spartan Debug Interface Privilege Escalation
CVE ID : CVE-2025-52533 Published : Feb. 12, 2026, 5:11 p.m. | 51 minutes ago Description : Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a…
CVE-2026-26217 – Crawl4AI < 0.8.0 Docker API Local File Inclusion via file URL Handling
CVE ID : CVE-2026-26217 Published : Feb. 12, 2026, 3:33 p.m. | 28 minutes ago Description : Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment….