Total
169 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-25961 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2026-02-20 | N/A | 7.5 HIGH |
| SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification (INTERNET_FLAG_IGNORE_CERT_CN_INVALID) and executes installers without signature checks. A network attacker with any valid TLS certificate (e.g., Let's Encrypt) can intercept the update check request, inject a malicious installer URL, and achieve arbitrary code execution. | |||||
| CVE-2026-27180 | 1 Mjdm | 1 Majordomo | 2026-02-20 | N/A | 9.8 CRITICAL |
| MajorDoMo (aka Major Domestic Module) is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin() method through the /objects/?module=saverestore endpoint without authentication because it uses gr('mode') (which reads directly from $_REQUEST) instead of the framework's $this->mode. An attacker can poison the system update URL via the auto_update_settings mode handler, then trigger the force_update handler to initiate the update chain. The autoUpdateSystem() method fetches an Atom feed from the attacker-controlled URL with trivial validation, downloads a tarball via curl with TLS verification disabled (CURLOPT_SSL_VERIFYPEER set to FALSE), extracts it using exec('tar xzvf ...'), and copies all extracted files to the document root using copyTree(). This allows an attacker to deploy arbitrary PHP files, including webshells, to the webroot with two GET requests. | |||||
| CVE-2026-22816 | 1 Gradle | 1 Gradle | 2026-02-18 | N/A | 7.4 HIGH |
| Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these exceptions, Gradle would continue to the next repository in the list and potentially resolve dependencies from a different repository. If a Gradle build used an unresolvable host name, Gradle would continue to work as long as all dependencies could be resolved from another repository. An unresolvable host name could be caused by allowing a repository's domain name registration to lapse or typo-ing the real domain name. This behavior could allow an attacker to register a service under the host name used by the build and serve malicious artifacts. The attack requires the repository to be listed before others in the build configuration. Gradle has introduced a change in behavior in Gradle 9.3.0 to stop searching other repositories when encountering these errors. | |||||
| CVE-2026-22865 | 1 Gradle | 1 Gradle | 2026-02-18 | N/A | 7.4 HIGH |
| Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these exceptions, Gradle would continue to the next repository in the list and potentially resolve dependencies from a different repository. An exception like NoHttpResponseException can indicate transient errors. If the errors persist after a maximum number of retries, Gradle would continue to the next repository. This behavior could allow an attacker to disrupt the service of a repository and leverage another repository to serve malicious artifacts. This attack requires the attacker to have control over a repository after the disrupted repository. Gradle has introduced a change in behavior in Gradle 9.3.0 to stop searching other repositories when encountering these errors. | |||||
| CVE-2025-15556 | 1 Notepad-plus-plus | 1 Notepad\+\+ | 2026-02-13 | N/A | 7.5 HIGH |
| Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download and execute an attacker-controlled installer, resulting in arbitrary code execution with the privileges of the user. | |||||
| CVE-2025-15575 | 2026-02-12 | N/A | 5.3 MEDIUM | ||
| The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality does not show any cryptographic checks (e.g. digital signature checks) on the supplied firmware update files. Furthermore, ESP32 security features such as secure boot are not used. | |||||
| CVE-2026-20056 | 2026-02-05 | N/A | 4.0 MEDIUM | ||
| A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is due to improper handling of certain archive files. An attacker could exploit this vulnerability by sending a crafted archive file, which should be blocked, through an affected device. A successful exploit could allow the attacker to bypass the anti-malware scanner and download malware onto an end user workstation. The downloaded malware will not automatically execute unless the end user extracts and launches the malicious file. | |||||
| CVE-2025-14265 | 1 Connectwise | 1 Screenconnect | 2026-01-16 | N/A | 9.1 CRITICAL |
| In versions of ScreenConnectâ„¢ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of custom code on the server or unauthorized access to application configuration data. This issue affects only the ScreenConnect server component; host and guest clients are not impacted. ScreenConnect 25.8 introduces enhanced server-side configuration handling and integrity checks to ensure only trusted extensions can be installed. | |||||
| CVE-2025-63215 | 1 Sound4 | 2 Impact, Impact Firmware | 2026-01-15 | N/A | 7.2 HIGH |
| The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and repackaging the firmware. | |||||
| CVE-2025-69263 | 1 Pnpm | 1 Pnpm | 2026-01-12 | N/A | 7.5 HIGH |
| pnpm is a package manager. Versions 10.26.2 and below store HTTP tarball dependencies (and git-hosted tarballs) in the lockfile without integrity hashes. This allows the remote server to serve different content on each install, even when a lockfile is committed. An attacker who publishes a package with an HTTP tarball dependency can serve different code to different users or CI/CD environments. The attack requires the victim to install a package that has an HTTP/git tarball in its dependency tree. The victim's lockfile provides no protection. This issue is fixed in version 10.26.0. | |||||
| CVE-2025-63220 | 1 Sound4 | 2 First, First Firmware | 2026-01-08 | N/A | 7.2 HIGH |
| The Sound4 FIRST web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and repackaging the firmware. | |||||
| CVE-2025-65855 | 1 Netun | 2 Helpflash Iot, Helpflash Iot Firmware | 2026-01-06 | N/A | 6.6 MEDIUM |
| The OTA firmware update mechanism in Netun Solutions HelpFlash IoT (firmware v18_178_221102_ASCII_PRO_1R5_50) uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signatures. An attacker with brief physical access can activate OTA mode (8-second button press), create a malicious WiFi AP using the known credentials, and serve malicious firmware via unauthenticated HTTP to achieve arbitrary code execution on this safety-critical emergency signaling device. | |||||
| CVE-2025-55310 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-12-18 | N/A | 7.3 HIGH |
| An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in information disclosure, unauthorized data access, or other security impacts. | |||||
| CVE-2025-68109 | 1 Churchcrm | 1 Churchcrm | 2025-12-18 | N/A | 9.1 CRITICAL |
| ChurchCRM is an open-source church management system. In versions prior to 6.5.3, the Database Restore functionality does not validate the content or file extension of uploaded files. As a result, an attacker can upload a web shell file and subsequently upload a .htaccess file to enable direct access to it. Once accessed, the uploaded web shell allows remote code execution (RCE) on the server. Version 6.5.3 fixes the issue. | |||||
| CVE-2025-40604 | 1 Sonicwall | 10 Email Security Appliance 5000, Email Security Appliance 5000 Firmware, Email Security Appliance 5050 and 7 more | 2025-12-12 | N/A | 9.8 CRITICAL |
| Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution. | |||||
| CVE-2025-66331 | 1 Huawei | 1 Harmonyos | 2025-12-08 | N/A | 3.3 LOW |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-66332 | 1 Huawei | 1 Harmonyos | 2025-12-08 | N/A | 3.3 LOW |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-66333 | 1 Huawei | 1 Harmonyos | 2025-12-08 | N/A | 3.3 LOW |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-66334 | 1 Huawei | 1 Harmonyos | 2025-12-08 | N/A | 3.3 LOW |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-61228 | 1 Shirt-pocket | 1 Superduper\! | 2025-12-05 | N/A | 7.8 HIGH |
| An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism | |||||