{
"Source": "CVE FEED",
"Title": "CVE-2025-61879 - Infoblox NIOS Privilege Escalation File Write Vulnerability",
"Content": "CVE ID : CVE-2025-61879
Published : Feb. 12, 2026, 5:16 p.m. | 43 minutes ago
Description : In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-61879 - Infoblox NIOS Privilege Escalation File Write Vulnerability",
"Content": "CVE ID : CVE-2025-61879
Published : Feb. 12, 2026, 5:16 p.m. | 43 minutes ago
Description : In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-61880 - Infoblox NIOS Deserialization Remote Code Execution",
"Content": "CVE ID : CVE-2025-61880
Published : Feb. 12, 2026, 5:16 p.m. | 43 minutes ago
Description : In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-61880 - Infoblox NIOS Deserialization Remote Code Execution",
"Content": "CVE ID : CVE-2025-61880
Published : Feb. 12, 2026, 5:16 p.m. | 43 minutes ago
Description : In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-54756 - BrightSign Players Use of Default Credentials",
"Content": "CVE ID : CVE-2025-54756
Published : Feb. 12, 2026, 5:16 p.m. | 43 minutes ago
Description : BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or
series 5 prior to v9.0.166 use a default password that is guessable with
knowledge of the device information. The latest release fixes this
issue for new installations; users of old installations are encouraged
to change all default passwords.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-54756 - BrightSign Players Use of Default Credentials",
"Content": "CVE ID : CVE-2025-54756
Published : Feb. 12, 2026, 5:16 p.m. | 43 minutes ago
Description : BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or
series 5 prior to v9.0.166 use a default password that is guessable with
knowledge of the device information. The latest release fixes this
issue for new installations; users of old installations are encouraged
to change all default passwords.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-55210 - FreePBX API has a Privilege Escalation Error in GraphQL Allowing Authenticated Users to Access Additional Scopes",
"Content": "CVE ID : CVE-2025-55210
Published : Feb. 12, 2026, 5:16 p.m. | 43 minutes ago
Description : FreePBX is an open-source web-based graphical user interface (GUI) that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api (PBX API) is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. This vulnerability allows an attacker to forge a valid JWT with full access to the REST and GraphQL APIs on a FreePBX that they've already connected to, possibly as a lower privileged user. The JWT is signed using the api-oauth.key private key. An attacker can generate their own token if they possess this key (e.g., by accessing an affected instance), and specify any scopes they wish (e.g., rest, gql), bypassing traditional authorization checks. However, FreePBX enforces that the jti (JWT ID) claim must exist in the database (api_access_tokens table in the asterisk MySQL database) in order for the token to be accepted. Therefore, the attacker must know a jti value that already exists on the target instance. This vulnerability is fixed in 17.0.5 and 16.0.17.
Severity: 2.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-55210 - FreePBX API has a Privilege Escalation Error in GraphQL Allowing Authenticated Users to Access Additional Scopes",
"Content": "CVE ID : CVE-2025-55210
Published : Feb. 12, 2026, 5:16 p.m. | 43 minutes ago
Description : FreePBX is an open-source web-based graphical user interface (GUI) that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api (PBX API) is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. This vulnerability allows an attacker to forge a valid JWT with full access to the REST and GraphQL APIs on a FreePBX that they've already connected to, possibly as a lower privileged user. The JWT is signed using the api-oauth.key private key. An attacker can generate their own token if they possess this key (e.g., by accessing an affected instance), and specify any scopes they wish (e.g., rest, gql), bypassing traditional authorization checks. However, FreePBX enforces that the jti (JWT ID) claim must exist in the database (api_access_tokens table in the asterisk MySQL database) in order for the token to be accepted. Therefore, the attacker must know a jti value that already exists on the target instance. This vulnerability is fixed in 17.0.5 and 16.0.17.
Severity: 2.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-52533 - Xilinx Spartan Debug Interface Privilege Escalation",
"Content": "CVE ID : CVE-2025-52533
Published : Feb. 12, 2026, 5:11 p.m. | 48 minutes ago
Description : Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-52533 - Xilinx Spartan Debug Interface Privilege Escalation",
"Content": "CVE ID : CVE-2025-52533
Published : Feb. 12, 2026, 5:11 p.m. | 48 minutes ago
Description : Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-69752 - Ideagen Q-Pulse Authentication Bypass",
"Content": "CVE ID : CVE-2025-69752
Published : Feb. 12, 2026, 4:16 p.m. | 1 hour, 43 minutes ago
Description : An issue in the "My Details" user profile functionality of Ideagen Q-Pulse 7.1.0.32 allows an authenticated user to view other users' profile information by modifying the objectKey HTTP parameter in the My Details page URL.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-69752 - Ideagen Q-Pulse Authentication Bypass",
"Content": "CVE ID : CVE-2025-69752
Published : Feb. 12, 2026, 4:16 p.m. | 1 hour, 43 minutes ago
Description : An issue in the "My Details" user profile functionality of Ideagen Q-Pulse 7.1.0.32 allows an authenticated user to view other users' profile information by modifying the objectKey HTTP parameter in the My Details page URL.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-70886 - Halo Denial of Service (DoS) Vulnerability",
"Content": "CVE ID : CVE-2025-70886
Published : Feb. 12, 2026, 4:16 p.m. | 1 hour, 43 minutes ago
Description : An issue in halo v.2.22.4 and before allows a remote attacker to cause a denial of service via a crafted payload to the public comment submission endpoint
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-70886 - Halo Denial of Service (DoS) Vulnerability",
"Content": "CVE ID : CVE-2025-70886
Published : Feb. 12, 2026, 4:16 p.m. | 1 hour, 43 minutes ago
Description : An issue in halo v.2.22.4 and before allows a remote attacker to cause a denial of service via a crafted payload to the public comment submission endpoint
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-69634 - Dolibarr ERP & CRM CSRF Privilege Escalation",
"Content": "CVE ID : CVE-2025-69634
Published : Feb. 12, 2026, 4:16 p.m. | 1 hour, 43 minutes ago
Description : Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker to escalate privileges via the notes field in perms.php
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-69634 - Dolibarr ERP & CRM CSRF Privilege Escalation",
"Content": "CVE ID : CVE-2025-69634
Published : Feb. 12, 2026, 4:16 p.m. | 1 hour, 43 minutes ago
Description : Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker to escalate privileges via the notes field in perms.php
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-56647 - Farmfe Core Origin Validation Bypass (WebSocket)",
"Content": "CVE ID : CVE-2025-56647
Published : Feb. 12, 2026, 4:16 p.m. | 1 hour, 43 minutes ago
Description : npm @farmfe/core before 1.7.6 is Missing Origin Validation in WebSocket. The development (hot module reloading) server does not validate origin when connecting to a WebSocket client. This allows attackers to surveil developers running Farm who visit their webpage and steal source code that is leaked by the WebSocket server.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-56647 - Farmfe Core Origin Validation Bypass (WebSocket)",
"Content": "CVE ID : CVE-2025-56647
Published : Feb. 12, 2026, 4:16 p.m. | 1 hour, 43 minutes ago
Description : npm @farmfe/core before 1.7.6 is Missing Origin Validation in WebSocket. The development (hot module reloading) server does not validate origin when connecting to a WebSocket client. This allows attackers to surveil developers running Farm who visit their webpage and steal source code that is leaked by the WebSocket server.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-25768 - LavinMQ is missing vhost access control",
"Content": "CVE ID : CVE-2026-25768
Published : Feb. 12, 2026, 7:52 p.m. | 8 minutes ago
Description : LavinMQ is a high-performance message queue & streaming server. Before 2.6.6, an authenticated user could access metadata in the broker they should not have access to. This vulnerability is fixed in 2.6.6.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-25768 - LavinMQ is missing vhost access control",
"Content": "CVE ID : CVE-2026-25768
Published : Feb. 12, 2026, 7:52 p.m. | 8 minutes ago
Description : LavinMQ is a high-performance message queue & streaming server. Before 2.6.6, an authenticated user could access metadata in the broker they should not have access to. This vulnerability is fixed in 2.6.6.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-25767 - LavinMQ has incomplete shovel configuration validation",
"Content": "CVE ID : CVE-2026-25767
Published : Feb. 12, 2026, 7:49 p.m. | 11 minutes ago
Description : LavinMQ is a high-performance message queue & streaming server. Before 2.6.8, an authenticated user, with the โPolicymakerโ tag, could create shovels bypassing access controls. an authenticated user with the "Policymaker" management tag could exploit it to read messages from vhosts they are not authorized to access or publish messages to vhosts they are not authorized to access. This vulnerability is fixed in 2.6.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-25767 - LavinMQ has incomplete shovel configuration validation",
"Content": "CVE ID : CVE-2026-25767
Published : Feb. 12, 2026, 7:49 p.m. | 11 minutes ago
Description : LavinMQ is a high-performance message queue & streaming server. Before 2.6.8, an authenticated user, with the โPolicymakerโ tag, could create shovels bypassing access controls. an authenticated user with the "Policymaker" management tag could exploit it to read messages from vhosts they are not authorized to access or publish messages to vhosts they are not authorized to access. This vulnerability is fixed in 2.6.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-25922 - authentik has a Signature Verification Bypass via SAML Assertion Wrapping",
"Content": "CVE ID : CVE-2026-25922
Published : Feb. 12, 2026, 7:38 p.m. | 22 minutes ago
Description : authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under Advanced Protocol settings configured, it was possible for an attacker to inject a malicious assertion before the signed assertion that authentik would use instead. authentik 2025.8.6, 2025.10.4, and 2025.12.4 fix this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-25922 - authentik has a Signature Verification Bypass via SAML Assertion Wrapping",
"Content": "CVE ID : CVE-2026-25922
Published : Feb. 12, 2026, 7:38 p.m. | 22 minutes ago
Description : authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under Advanced Protocol settings configured, it was possible for an attacker to inject a malicious assertion before the signed assertion that authentik would use instead. authentik 2025.8.6, 2025.10.4, and 2025.12.4 fix this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-25748 - authentik has a forward authentication bypass with broken cookie",
"Content": "CVE ID : CVE-2026-25748
Published : Feb. 12, 2026, 7:36 p.m. | 24 minutes ago
Description : authentik is an open-source identity provider. Prior to 2025.10.4 and 2025.12.4, with a malformed cookie it was possible to bypass authentication when using forward authentication in the authentik Proxy Provider when used in conjunction with Traefik or Caddy as reverse proxy. When a malicious cookie was used, none of the authentik-specific X-Authentik-* headers were set which depending on application can grant access to an attacker. authentik 2025.10.4 and 2025.12.4 fix this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-25748 - authentik has a forward authentication bypass with broken cookie",
"Content": "CVE ID : CVE-2026-25748
Published : Feb. 12, 2026, 7:36 p.m. | 24 minutes ago
Description : authentik is an open-source identity provider. Prior to 2025.10.4 and 2025.12.4, with a malformed cookie it was possible to bypass authentication when using forward authentication in the authentik Proxy Provider when used in conjunction with Traefik or Caddy as reverse proxy. When a malicious cookie was used, none of the authentik-specific X-Authentik-* headers were set which depending on application can grant access to an attacker. authentik 2025.10.4 and 2025.12.4 fix this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-25227 - authentik affected by Remote Code Execution via Context Key Injection in PropertyMapping Test Endpoint",
"Content": "CVE ID : CVE-2026-25227
Published : Feb. 12, 2026, 7:25 p.m. | 35 minutes ago
Description : authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view * Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server container through the test endpoint, which is intended to preview how a property mapping/policy works. authentik 2025.8.6, 2025.10.4, and 2025.12.4 fix this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-25227 - authentik affected by Remote Code Execution via Context Key Injection in PropertyMapping Test Endpoint",
"Content": "CVE ID : CVE-2026-25227
Published : Feb. 12, 2026, 7:25 p.m. | 35 minutes ago
Description : authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view * Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server container through the test endpoint, which is intended to preview how a property mapping/policy works. authentik 2025.8.6, 2025.10.4, and 2025.12.4 fix this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-24895 - FrankenPHP affected by Path Confusion via Unicode casing in CGI path splitting allows execution of arbitrary files",
"Content": "CVE ID : CVE-2026-24895
Published : Feb. 12, 2026, 7:16 p.m. | 44 minutes ago
Description : FrankenPHP is a modern application server for PHP. Prior to 1.11.2, FrankenPHPโs CGI path splitting logic improperly handles Unicode characters during case conversion. The logic computes the split index (for finding .php) on a lowercased copy of the request path but applies that byte index to the original path. Because strings.ToLower() in Go can increase the byte length of certain UTF-8 characters (e.g., ศบ expands when lowercased), the computed index may not align with the correct position in the original string. This results in an incorrect SCRIPT_NAME and SCRIPT_FILENAME, potentially causing FrankenPHP to execute a file other than the one intended by the URI. This vulnerability is fixed in 1.11.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-24895 - FrankenPHP affected by Path Confusion via Unicode casing in CGI path splitting allows execution of arbitrary files",
"Content": "CVE ID : CVE-2026-24895
Published : Feb. 12, 2026, 7:16 p.m. | 44 minutes ago
Description : FrankenPHP is a modern application server for PHP. Prior to 1.11.2, FrankenPHPโs CGI path splitting logic improperly handles Unicode characters during case conversion. The logic computes the split index (for finding .php) on a lowercased copy of the request path but applies that byte index to the original path. Because strings.ToLower() in Go can increase the byte length of certain UTF-8 characters (e.g., ศบ expands when lowercased), the computed index may not align with the correct position in the original string. This results in an incorrect SCRIPT_NAME and SCRIPT_FILENAME, potentially causing FrankenPHP to execute a file other than the one intended by the URI. This vulnerability is fixed in 1.11.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-26218 - newbee-mall Default Seeded Administrator Credentials Allow Account Takeover",
"Content": "CVE ID : CVE-2026-26218
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : newbee-mall includes pre-seeded administrator accounts in its database initialization script. These accounts are provisioned with a predictable default password. Deployments that initialize or reset the database using the provided schema and fail to change the default administrative credentials may allow unauthenticated attackers to log in as an administrator and gain full administrative control of the application.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-26218 - newbee-mall Default Seeded Administrator Credentials Allow Account Takeover",
"Content": "CVE ID : CVE-2026-26218
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : newbee-mall includes pre-seeded administrator accounts in its database initialization script. These accounts are provisioned with a predictable default password. Deployments that initialize or reset the database using the provided schema and fail to change the default administrative credentials may allow unauthenticated attackers to log in as an administrator and gain full administrative control of the application.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-26219 - newbee-mall Unsalted MD5 Password Hashing Enables Offline Credential Cracking",
"Content": "CVE ID : CVE-2026-26219
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not incorporate per-user salts or computational cost controls, enabling attackers who obtain password hashes through database exposure, backup leakage, or other compromise vectors to rapidly recover plaintext credentials via offline attacks.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-26219 - newbee-mall Unsalted MD5 Password Hashing Enables Offline Credential Cracking",
"Content": "CVE ID : CVE-2026-26219
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not incorporate per-user salts or computational cost controls, enabling attackers who obtain password hashes through database exposure, backup leakage, or other compromise vectors to rapidly recover plaintext credentials via offline attacks.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-21434 - webtransport-go affected by Memory Exhaustion Attack due to Missing Length Check in WT_CLOSE_SESSION Capsule",
"Content": "CVE ID : CVE-2026-21434
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : webtransport-go is an implementation of the WebTransport protocol. From 0.3.0 to 0.9.0, an attacker can cause excessive memory consumption in webtransport-go's session implementation by sending a WT_CLOSE_SESSION capsule containing an excessively large Application Error Message. The implementation does not enforce the draft-mandated limit of 1024 bytes on this field, allowing a peer to send an arbitrarily large message payload that is fully read and stored in memory. This allows an attacker to consume an arbitrary amount of memory. The attacker must transmit the full payload to achieve the memory consumption, but the lack of any upper bound makes large-scale attacks feasible given sufficient bandwidth. This vulnerability is fixed in 0.10.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-21434 - webtransport-go affected by Memory Exhaustion Attack due to Missing Length Check in WT_CLOSE_SESSION Capsule",
"Content": "CVE ID : CVE-2026-21434
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : webtransport-go is an implementation of the WebTransport protocol. From 0.3.0 to 0.9.0, an attacker can cause excessive memory consumption in webtransport-go's session implementation by sending a WT_CLOSE_SESSION capsule containing an excessively large Application Error Message. The implementation does not enforce the draft-mandated limit of 1024 bytes on this field, allowing a peer to send an arbitrarily large message payload that is fully read and stored in memory. This allows an attacker to consume an arbitrary amount of memory. The attacker must transmit the full payload to achieve the memory consumption, but the lack of any upper bound makes large-scale attacks feasible given sufficient bandwidth. This vulnerability is fixed in 0.10.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-21435 - webtransport-go CloseWithError can block indefinitely",
"Content": "CVE ID : CVE-2026-21435
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : webtransport-go is an implementation of the WebTransport protocol. Prior to v0.10.0, an attacker can cause a denial of service in webtransport-go by preventing or indefinitely delaying WebTransport session closure. A malicious peer can withhold QUIC flow control credit on the CONNECT stream, blocking transmission of the WT_CLOSE_SESSION capsule and causing the close operation to hang. This vulnerability is fixed in v0.10.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-21435 - webtransport-go CloseWithError can block indefinitely",
"Content": "CVE ID : CVE-2026-21435
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : webtransport-go is an implementation of the WebTransport protocol. Prior to v0.10.0, an attacker can cause a denial of service in webtransport-go by preventing or indefinitely delaying WebTransport session closure. A malicious peer can withhold QUIC flow control credit on the CONNECT stream, blocking transmission of the WT_CLOSE_SESSION capsule and causing the close operation to hang. This vulnerability is fixed in v0.10.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-21438 - webtransport-go affected by a Memory Exhaustion Attack due to Missing Cleanup of Streams Map",
"Content": "CVE ID : CVE-2026-21438
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : webtransport-go is an implementation of the WebTransport protocol. Prior to 0.10.0, an attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their resources. This vulnerability is fixed in v0.10.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-21438 - webtransport-go affected by a Memory Exhaustion Attack due to Missing Cleanup of Streams Map",
"Content": "CVE ID : CVE-2026-21438
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : webtransport-go is an implementation of the WebTransport protocol. Prior to 0.10.0, an attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their resources. This vulnerability is fixed in v0.10.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2026-22821 - mreporting affected by a SQLI on date change",
"Content": "CVE ID : CVE-2026-22821
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : mreporting is the more reporting GLPI plugin. Prior to 1.9.4, there is a possible SQL injection on date change. This vulnerability is fixed in 1.9.4.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2026-22821 - mreporting affected by a SQLI on date change",
"Content": "CVE ID : CVE-2026-22821
Published : Feb. 12, 2026, 7:15 p.m. | 45 minutes ago
Description : mreporting is the more reporting GLPI plugin. Prior to 1.9.4, there is a possible SQL injection on date change. This vulnerability is fixed in 1.9.4.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "12 Feb 2026",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น