Recent Vulnerabilities (Page 2 of 3)

Showing 11-20 of 28 vulnerabilities

Sort by:

SolarWinds Web Help Desk Security Control Bypass Vulnerability - CVE-2025-40536

February 12, 2026 CRITICAL CVSS: 9.0

SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted functionality.

SolarWinds Web Help Desk

auto-generated

Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability - CVE-2026-21513

February 10, 2026 CRITICAL CVSS: 9.0

Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

Microsoft Windows

auto-generated

Microsoft Windows NULL Pointer Dereference Vulnerability - CVE-2026-21525

February 10, 2026 CRITICAL CVSS: 9.0

Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

Microsoft Windows

auto-generated

Microsoft Windows Shell Protection Mechanism Failure Vulnerability - CVE-2026-21510

February 10, 2026 CRITICAL CVSS: 9.0

Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

Microsoft Windows

auto-generated

Microsoft Windows Improper Privilege Management Vulnerability - CVE-2026-21533

February 10, 2026 CRITICAL CVSS: 9.0

Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

Microsoft Windows

auto-generated

Microsoft Windows Type Confusion Vulnerability - CVE-2026-21519

February 10, 2026 CRITICAL CVSS: 9.0

Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

Microsoft Windows

auto-generated

Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability - CVE-2026-21514

February 10, 2026 CRITICAL CVSS: 9.0

Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

Microsoft Office

auto-generated

React Native Community CLI OS Command Injection Vulnerability - CVE-2025-11953

February 05, 2026 CRITICAL CVSS: 9.0

React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metro Development Server and run arbitrary ex...

React Native Community CLI

auto-generated

SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability - CVE-2026-24423

February 05, 2026 CRITICAL CVSS: 9.0

SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a mali...

SmarterTools SmarterMail

auto-generated

GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability - CVE-2021-39935

February 03, 2026 CRITICAL CVSS: 9.0

GitLab Community and Enterprise Editions contain a server-side request forgery vulnerability which could allow unauthorized external users to perform Server Side Requests via the CI Lint API.

GitLab Community and Enterprise Editions

auto-generated