CVE-2026-25973 - "Apache HTTP Server Cross-Site Request Forgery"
CVE ID : CVE-2026-25973
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-25973
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-25974 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2026-25974
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-25974
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-25975 - Apache HTTP Server Remote Code Execution
CVE ID : CVE-2026-25975
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-25975
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-25976 - Apache HTTP Server Denial of Service
CVE ID : CVE-2026-25976
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-25976
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-25977 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2026-25977
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-25977
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-25978 - Apache HTTP Server Uninitialized Pointer
CVE ID : CVE-2026-25978
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-25978
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-25979 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2026-25979
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-25979
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-25980 - Apache OpenSSH Authentication Bypass
CVE ID : CVE-2026-25980
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-25980
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-25981 - Apache HTTP Server Deserialization
CVE ID : CVE-2026-25981
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-25981
Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-12063 - Apache Data Object Reference Bypass
CVE ID : CVE-2025-12063
Published : 2026年2月10日 05:52 | 1 小时,23 分钟 ago
Description : An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-12063
Published : 2026年2月10日 05:52 | 1 小时,23 分钟 ago
Description : An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11142 - VAPIX API Mediaclip.cgi Remote Code Execution Vulnerability
CVE ID : CVE-2025-11142
Published : 2026年2月10日 06:15 | 1 小时 ago
Description : The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11142
Published : 2026年2月10日 06:15 | 1 小时 ago
Description : The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11547 - AXIS Camera Station Pro Privilege Escalation Vulnerability
CVE ID : CVE-2025-11547
Published : 2026年2月10日 06:15 | 1 小时 ago
Description : AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11547
Published : 2026年2月10日 06:15 | 1 小时 ago
Description : AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-12757 - AXIS Camera Station Pro Information Disclosure
CVE ID : CVE-2025-12757
Published : 2026年2月10日 06:15 | 1 小时 ago
Description : An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-12757
Published : 2026年2月10日 06:15 | 1 小时 ago
Description : An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13064 - Apache HTTP Server Cross-Site Scripting (XSS)
CVE ID : CVE-2025-13064
Published : 2026年2月10日 06:15 | 1 小时 ago
Description : A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13064
Published : 2026年2月10日 06:15 | 1 小时 ago
Description : A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-0996 - Fluent Forms <= 6.1.14 - Authenticated (Subscriber+) Stored Cross-Site Scripting via AI Form Builder Module
CVE ID : CVE-2026-0996
Published : 2026年2月10日 06:15 | 1 小时 ago
Description : The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AI Form Builder module in all versions up to, and including, 6.1.14 due to a combination of missing authorization checks, a leaked nonce, and insufficient input sanitization. The vulnerability allows Subscriber-level users to trigger AI form generation via a protected endpoint. When prompted, AI services will typically return bare JavaScript code (without
CVE ID : CVE-2026-0996
Published : 2026年2月10日 06:15 | 1 小时 ago
Description : The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AI Form Builder module in all versions up to, and including, 6.1.14 due to a combination of missing authorization checks, a leaked nonce, and insufficient input sanitization. The vulnerability allows Subscriber-level users to trigger AI form generation via a protected endpoint. When prompted, AI services will typically return bare JavaScript code (without
CVE-2026-2093 - Flowring|Docpedia - SQL Injection
CVE ID : CVE-2026-2093
Published : 2026年2月10日 06:45 | 30 分钟 ago
Description : Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2093
Published : 2026年2月10日 06:45 | 30 分钟 ago
Description : Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2094 - Flowring|Docpedia - SQL Injection
CVE ID : CVE-2026-2094
Published : 2026年2月10日 06:47 | 28 分钟 ago
Description : Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2094
Published : 2026年2月10日 06:47 | 28 分钟 ago
Description : Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2095 - Flowring|Agentflow - Authentication Bypass
CVE ID : CVE-2026-2095
Published : 2026年2月10日 06:53 | 22 分钟 ago
Description : Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token and log into the system as any user.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2095
Published : 2026年2月10日 06:53 | 22 分钟 ago
Description : Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token and log into the system as any user.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2096 - Flowring|Agentflow - Missing Authenticaton
CVE ID : CVE-2026-2096
Published : 2026年2月10日 06:59 | 16 分钟 ago
Description : Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2096
Published : 2026年2月10日 06:59 | 16 分钟 ago
Description : Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2097 - Flowring|Agentflow - Arbitrary File Upload
CVE ID : CVE-2026-2097
Published : 2026年2月10日 07:02 | 13 分钟 ago
Description : Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2097
Published : 2026年2月10日 07:02 | 13 分钟 ago
Description : Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2098 - Flowring|AgentFlow - Reflected Cross-site Scripting
CVE ID : CVE-2026-2098
Published : 2026年2月10日 07:06 | 9 分钟 ago
Description : AgentFlow developed by Flowring has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2098
Published : 2026年2月10日 07:06 | 9 分钟 ago
Description : AgentFlow developed by Flowring has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...